Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: System Tool 2011 Virus


21 Nov 2010   #1

Windows 7 Home Premium 64bit
 
 
System Tool 2011 Virus

So my dad goes to hotels all the time with shoddy networks and browses the internet. It seems like everyday he comes back with some form of malware or another .

These rogue anti-viruses are what he has trouble with. It's sometimes possible just to remove some of the other things with a quick MBAM scan, but these things are just too hard for me to get rid of by myself.

The one that really has me stumped right now is "System Tools 2011". An icon popped up on the desktop with a padlock logo labeled "System Tools 2011", and it changed the backround to a really cheesy warning about how everything you do is saved on the computer and junk. It's pretty obviously fake, because of the fact that it's just a backround. I can change it to anthing else through the controll panel, and the backround has some binary in the backround to make it look official (Think The Matrix).

The only program it will let me run is IE. Anything else that I try to run comes up with a pop up from the virus that says it's infected. Anything from MBAM to The Snipping Tool.

I can't really think of anything more. I've done some googling and nothing has helped, and I don't want my dad to have to spend money to get this off of his computer.

Any ideas on how I can get this off the computer? It seems so difficult because it won't let anything else run.

My System SpecsSystem Spec
.

21 Nov 2010   #2

Windows 8.1 Pro x64
 
 

Try scanning with mbam in safe mode
My System SpecsSystem Spec
21 Nov 2010   #3

 
 

Or go into MBAM's programs folder and rename mbam.exe to iexplore.exe and see if it will come up.

If it does start don't forget to try and update first before a scan.

If still no go then you could try the RogueKiller from the link below which is able to kill exe killing rogues if active and can even nullify quite a few from auto starting and then try a scan with MBAM to cleanup any dregs.

RogueKiller
My System SpecsSystem Spec
.


21 Nov 2010   #4

Windows 7 x64
 
 

Quote   Quote: Originally Posted by wat docdude View Post

These rogue anti-viruses are what he has trouble with. It's sometimes possible just to remove some of the other things with a quick MBAM scan, but these things are just too hard for me to get rid of by myself.
If your dad is running XP boot into SAFE mode and log into the (normally hidden) Admin account. Rogue AV's often install in the user account and won't be active when you login as Admin. Run a "quick scan" with MBAM. If MBAM doesn't catch it followup with SuperAntiSpyware.

If the OS is Vista/7 try SAFE mode first. If that doesn't work see if you can create a new Admin account and then log into it in SAFE mode...try the scans.
My System SpecsSystem Spec
21 Nov 2010   #5
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Look at the top post here New Malware Threat System Tool 2011 - Spiceworks Community see if the same item is in the registry
My System SpecsSystem Spec
21 Nov 2010   #6

Windows 7 x64 pro/ Windows 7 x86 Pro/ XP SP3 x86
 
 

See here for the files and registry entries created by System Tool 2011, you can remove them manually after scanning with MBAM.

System Tool 2011 | Virus Removal at im-infected.com
My System SpecsSystem Spec
21 Nov 2010   #7

Windows 7 Home Premium 64bit
 
 

Quote   Quote: Originally Posted by Bill2 View Post
See here for the files and registry entries created by System Tool 2011, you can remove them manually after scanning with MBAM.

System Tool 2011 | Virus Removal at im-infected.com
Thank you very much. I got it now.
My System SpecsSystem Spec
07 Jan 2011   #8

Windows 7 Ultimate 64 bit
 
 

Same problem here!!! PLEASE HELP!!

I'm good with pcs, build and repair, always have a friend's pc to clean up.

But this virus is killing me, I cannot start any programs except IE and Windows explorer. I tried already to create another user, no go.... cannot start task manager or computer manager.The worse thing is I cannot even start in safe mode!!!

Somehow this crap block access to my keyboard even before windows starts!

The only thing that may work is a script to boot in safe mode. But I don't know how to create a scrpit at all.

Any ideas?
My System SpecsSystem Spec
23 Jan 2011   #9

Windows 7 Ultimate x64
 
 

Quote   Quote: Originally Posted by kpitao View Post
Same problem here!!! PLEASE HELP!!

I'm good with pcs, build and repair, always have a friend's pc to clean up.

But this virus is killing me, I cannot start any programs except IE and Windows explorer. I tried already to create another user, no go.... cannot start task manager or computer manager.The worse thing is I cannot even start in safe mode!!!

Somehow this crap block access to my keyboard even before windows starts!

The only thing that may work is a script to boot in safe mode. But I don't know how to create a scrpit at all.

Any ideas?

go into your \system32 directory and find taskmgr.exe, doesn't matter if it wont work, just copy it and paste the copy to your desktop somewhere. rename it to iexplore.exe and run it. This will trick your virus into thinking that its really internet explorer and you can disable the goofy app with wierd strings of letters. youll notice it is usually letters and numbers like vdus87s9d9sdsd8 or something.
end those tasks, then run msconfig in run and disable it from the programs in the startup tab. Once you do that, use your antivirus tools like Malwarebytes' et al.

Good luck.
My System SpecsSystem Spec
26 Feb 2011   #10

windows 7 ultimate 64 bit
 
 
filename

Hi,

after some trouble with this virus myself i found that the following file was created

c:/program data/pdapjni06300/pdapjni06300.exe

i removed all entries in the registry and deleted the file..

this did get rid of the virus however all of my shortcut links for IE etc are now defunct, i will still need to rebuild the machine

hope this helps people out
My System SpecsSystem Spec
Reply

 System Tool 2011 Virus




Thread Tools



Similar help and support threads for2: System Tool 2011 Virus
Thread Forum
Remove Obfuscator.xz Virus Tool System Security
Kaspersky Anti-Virus 2011 System Security
Solved Norton Anti virus 2011 System Security
What is the Best anti-virus for 2011? System Security
AVG Anti-Virus Free 2011 System Security
Rogue Virus Removal Tool System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 12:57 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33