System Tools 2011 malware removal

Discussion in 'Gaming and Software' started by TheIronDuke, Feb 18, 2011.

Welcome to the Army Rumour Service, ARRSE

The UK's largest and busiest UNofficial military website.

The heart of the site is the forum area, including:

  1. TheIronDuke

    TheIronDuke LE Book Reviewer

    If you havent come accross this evil git, it is a belter. First thing you'll notice is a pop-up advising you that your anti-virus programe is infected, then another pop-up advising that System Tools is scanning your system, then this..


    Nice bit of Chinglese there. Everything is spazzed so you cant run Malaware or anything else. Firefox will work because the scam is, they want you to pay $60 to 'fix' the problem. A complete rip-off.

    Theres loads of advice out there - Google 'Remove system tools 2011'. Most of them are trying to flog an anti-malware product which, of course, could be another rip-off from the Syetem Tools gits. But theres a couple of handy Blogs.

    One suggested starting in Safe Mode by hammering F8 on re-boot, which I completely failed to do (I'm rubbish with tech and UberGeek is working from home this week. That is tech-speak for having a doss with his new baby)

    Another suggested hammering Alt-Ctrl-Delete to enable the task manager. I tried this a few times with no success then on the 4th atempt it worked. Task Manager. So I hit End Process on every exe I didnt recognise, starting with one that was a bunch of numbers.

    And it worked. Pop-ups vanished and all back to normal. A quick scan with Malaware revealed nothing nasty. I'm doing a full scan now, but so far, nothing.

    Given that I havent really done much, I CANNOT have removed his very clever and evil little beast.

    Any advice welcome, bearing in mind I dont know a root file from a nail file.
  2. maguire

    maguire LE Book Reviewer

    if you havent already, make sure Windows Firewall is enabled ( Start - Control Panel - Windows Firewall ) and the same for Windows Defender (same path.)
    Then team that up with a good av programme - I changed to Avast on people's recommendations here after I had something similar last year ('antivir pro' iirc) that blocked the use of IE. keep Firefox installed on your pc as a backup so if worst comes to worst again you can download killers/updates. Malwarebytes is supposed to be quite handy too I believe, but I'm sure there are others here with better knowledge than I.
  3. Start drinking heavily!
  4. This may come across all smug but macs do show their value in the complete lack of being inconvenienced by that shite.

    Granted that may not last as they become more popular but for the moment I do feel all warm and cosy. And superior.
  5. You'll find the little bugger hiding in your Application Data file .. and in order to remove it, you need to start up in Safe Mode, locate the folder in Application data, rename the program, restart in normal mode, find the folder again in Application data folder and then delete. It cannot run under a different name on start up.
    In order to view the application data file, you need to make sure you can see hidden files and folders on your machine. There's a youtube video somewhere on how to get rid of this "virus/malware/spyware etc" ... I'll try and locate it for you.
  6. maguire

    maguire LE Book Reviewer

    here we go again...why is 'The Great God Of Overpriced Tat' Jobs on record quite some time ago now as saying Apple users need to make sure they're running up to date antivirus software?
  7. To avoid us being similarly afflicted, could you list the porn sites you visited immediately before the problem cropped up?
  8. TheIronDuke

    TheIronDuke LE Book Reviewer

    Thats exactly what UberGeek said.

    YouTube - How to Remove System Tool 2010 For Free (Malware Removal Guide) HD

    Thats a handy vid and I'll bookmark it. What is puzzling me - I did nothing except hammer Ctrl-Alt-Delete and get task manager and hit End Process. That cannot have got rid of the beat? I've run a full Malaware scan and rebooted. System Tools is gone? Weird.

    Oh, and the latest advice from Steve Jobs is to strip your Apple down to component level and push the bits up your bottom where they will be nice and safe from malware.
  9. Having watched the video, I notice that there were no steps taken to delete the renamed file. Does this mean that there's still an inactive nastiness still dormant in the computer? Why rename it? Couldn't it just be deleted?
  10. TheIronDuke

    TheIronDuke LE Book Reviewer

    Just about everybody reading this is better qualified than me, but my understanding is that when it is renamed it cant work.
  11. maguire

    maguire LE Book Reviewer

    cant hurt to get rid though, I would have thought.

    and of course the flip side of all this is BACKUP YOUR SYSTEM!

    you can get a 1tb external hard drive for £50 now...for the sake of a night on the lash is it really worth losing all your pictures, your music, and whatever else?
  12. It's not the tat that in itself that keeps the shite away it's the owners' own supernatural aura that is the shield. And Jobs is not a God merely the Gatekeeper of the Pantheon.

    As for sticking bits up me bottom, well it causes liver cancer; unless a good silicon is used. Errr, so I've heard.