Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


System Tool 2011

  • Please log in to reply
2 replies to this topic

#1 kahless


  • Members
  • 16 posts
  • Local time:06:59 AM

Posted 01 January 2011 - 07:11 PM

I have been infected by System Tool 2011. It disabled my Trend Micro Titanium, and prevents most antivirus/anti-malware programs from running in normal mode. It continues to pop up when in normal mode and advise I have 38 trojans, and a malware infection, wanting me to activate their product. It also replaced my wallpaper with a very colorful background in blue and red telling me I was infected. I ran rook kit and defogger in safe mode, followed by Mcafee Stinger and Malwarebytes but they don't come up with anything. Presently running GMER Rootkit/malware program.

Any ideas?

Thanx, Kahless

BC AdBot (Login to Remove)


#2 kahless

  • Topic Starter

  • Members
  • 16 posts
  • Local time:06:59 AM

Posted 01 January 2011 - 08:38 PM

This resisted any attempt to allow me to do anything with it. MBAM and Mcafee Stinger didn't find anything in safe mode. Found some files and instructions elsewhere on the net, but the files didn't seem to be in there. I couldn't access Task Manager, Control Panel or Regedit. It consistently blocked programs that I needed to fight it, by not allowing them to run in normal mode. Finally I went to WinXP search and typed in System Tools 2011 It found it and I right clicked on the entry and it said it was an application. Then I decided to right click>delete and it uninstalled the rascal. I had to reboot but I got my desktop background back and there was no sign of System Tools or its behavior left. Trend Micro was enabled again and everything seems to work. I followed up with my PC Tools Registry Mechanic and it removed/repaired 228 items, some of which probably did not have anything to do with the infection. I followed up with other of PC Tools Registry Mechanic tools and followed with a Trend Micro scan, and everything is alright now.


Edited by kahless, 01 January 2011 - 09:53 PM.

#3 boopme


    To Insanity and Beyond

  • Global Moderator
  • 73,566 posts
  • Gender:Male
  • Location:NJ USA
  • Local time:06:59 AM

Posted 01 January 2011 - 11:19 PM

Hello I hope it is gone,usually you need to complete the Hosts file steps in our guide.

22.As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system. Please note that if you or your company has added custom entries to your HOSTS file then you will need to add them again after restoring the default HOSTS file. In order to protect itself, SystemTool changes the permissions of the HOSTS file so you can't edit or delete it. To fix these permissions please download the following batch file and save it to your desktop:

Please follow our Removal Guide here Remove System Tool and SystemTool .
You will move to the Automated Removal Instructions

After you completed that, post your scan log here,let me know how things are.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users