Need help in removing System Tool 2011 malware

[essexboy]

Hmm lets look a lot deeper then - one of my old tools has now been revamped so lets see what that reveals

Download AVPTool from Here to your desktop, then make a copy on your desktop and rename it to AVZ (As when AVP is closed it will uninstall)
Run the programme you have just downloaded (it will be randomly named )


Now an analysis scan
Select the Manual Disinfection tab
Press the Gather System Information button
Once done Open the last report saved folder  then upload to Mediafire and post the sharing link.

The file is located at C:\Users\your name\Desktop\Virus Removal Tool\setup_random numbers\LOG\avptool_sysinfo.zip

[OregonJen]

Thank you - I'll work on this next set of instructions. I don't know if it's helpful, but here are a couple of screen shots of my desktop and my IE home page so you can see what I'm talking about with the difference in the "look" of the tool bar, etc.

~Jennie

(Oops - guess I can only post one at a time or they go over the size limits. Here's the desktop first then.)

[OregonJen]

...and here's the IE home page screen shot.

Now, off to work on the next scan.

[Tenko]

You could try hitman pro

Cheers

[essexboy]

Looks like it is reverting to the win98 look

[OregonJen]

Checking in...

While trying to download the file from the link you provided, a dialog box popped up titled, "Message from webpage" which read: "Errors have been found in your operating system registry! Click to download free registry cleaner software." There was an accompanying download window for "Registry Virus Scanner" which appeared over the Kaspersky Virus Removal Tool download window. I've seen enough of these "dire" warnings lately to know to ignore it - I finally "X'd" out of them quickly just to get them to close, AFTER I'd gone back to the Kaspersky window and downloaded the file.  (I had to click the yellow bar at the top to allow the file download, but otherwise it seemed to do fine.)

I saved the file to my desktop (the original file name was: setup_9.0.722_06.01.2011_22-35 and when I put the mouse pointer over the file name it showed the Description as: Virus Removal Tool Setup, version 9.0.722).  Then, as you instructed, I made a copy on the desktop and named it AVZ (it shows the same description and version number).

When I tried to run the original file (double-clicked and then chose "Run" from the window the opened), I received an Error message as follows: "The setup files are corrupted. Please obtain a new copy of the program."

Since I had a similar message several days ago when trying to run one of the other programs we've been working with that was cleared up by restarting the computer, I thought I'd try that again with this error message.  I was able to use the Start - Turn Off procedure (instead of needing to manually shut down with the power button. About 30+ minutes(!) later when it finally appeared to mostly be finished with startup, I tried again to run the program. No luck - same error message.

So, I thought I'd give you a quick update in case you're passing by.  I will now try to delete the two files and then try again to download the file from the link in your previous reply.  If that doesn't work, I may try to download it with another computer onto a flash drive and then copy it to the sick computer and see if I can "sneak" it in.

Do you suppose there is going to come a time when I need to just wipe the whole hard drive and start over? 

Thanks again. Talk to you soon.

[essexboy]

With something like this where it is difficult to track down the miscreant it can be the easiest and best option.  But, I will leave the choice to you.  However, I do have a tutorial on how to reformat/reinstall and I can assist you when you do it ..

[Tenko]

Jen, give a last try with norton power eraser. Click here to download it

Otherwise reformat your hardware

Regards,
              Tenko

[OregonJen]

Greetings, Essexboy,

I have tried several times to download and run the AVP tool, but each time it seems to run into problems and is unable to run (probably because something in the background is messing with it?).  So I think I've just about given up.

I did find this http://pcsupport.about.com/od/operatingsystems/ss/instxpclean1.htm tutorial for doing a clean install of Win XP Pro (which is the disk I have).  It seemed very complete, but as I've never done this before (and it's a little scary!), I would welcome your guidance as well.  I know I need to make sure I back up everything I want to keep (I hope I don't "back up" the virus/malware in the process too! ), and take note of any programs I've downloaded in the past that I may want to reinstall.

You have been so kind and helpful during this process - thank you! Perhaps starting fresh will be the final solution now.

Have a wonderful weekend.
Jennie

[essexboy]

Certainly - I also have a tutorial here http://www.geekstogo.com/forum/topic/173729-reformat-and-install-of-windows/

Any questions just shout

[OregonJen]

Certainly - I also have a tutorial here http://www.geekstogo.com/forum/topic/173729-reformat-and-install-of-windows/

Any questions just shout

This looks like a great tutorial - thank you for being so thorough. As I just glanced through it, I see that I might have a few clarifying questions before I would begin the process, but I will start a new topic for those.

Thanks again! 

[essexboy]

You can keep them in this topic if you wish - saves me searching for the new topic 

[BrendaK777]

I got System Toll a few days ago and after a lot of searching I found someone that said to go find the files, rename them and delete them.  Also the shortcuts on the desktop and in startup. 

They are in you c:\programdata file.  Bring up My Documents and type in that address, then hover over the folders to find which one was created that day you got it.  Open it, right click on the files, rename to anything.  Delete, rename the folder, delete it too.  Go find the shortcut on the desktop, rename, delete and in startup.  Then go empty the recycle bin.

If you can't get into anything or can't delete, shut down computer and restart in safemode (hold down F8 while starting back up.

****Having said all that, I got that virus and Memory Fixer virus the next day.  After getting rid of those 2, I downloaded the free Avast version and still today got System Tool again.  While Avast got and put 3 files (which all looked like just the shortcuts to the virus) in the virus chest, I still had to do all the above to get rid of it.  And I don't know if it's completely gone or not but at least for now I have a computer.  Would the upgraded version work better?