You could Install this free program and remove any detection found and then run getsusp tool to verify active malware.
Run getsusp tool and see if detection are seen and then disable/delete it and then use the above tool to mop up the harmless debris (I do this on my personal computer most of the time)
Are you referring to Stinger as the free program? I tried that on "very high" setting which did not find any trace of System Tools 2011.
Where can we get the "getsusp" tool?
Thank you for any assistance you provide.
It seems my neighborhood, including me, has fallen victim to this virus and Malwarebytes absolutely works! If it is not finding the virus and removing it than the definitions are out of date.
You need to reboot in "Safe Mode with Networking". Download Malwarebytes and immediately update the definitions. The quick scan feature has worked in every case I have tried it on
Our helpdesk informed me that they were seeing several systems become infected with Security Tool 2011. Luckily, I was able to capture the executable and submit it to McAfee. They were very quit in sending me a response stating that it would be identified in DAT 6200, this I did confirm.
Below is there response.
McAfee Labs Sample Analysis
McAfee Labs, Automation
Thank you for submitting your suspicious file(s). We have determined that the following submissions are handled by our AV signature DAT files.
Reference : 3-1345565881
File Name Findings Detection Type
========= ======== ========= ====
iinpn06800.exe detected generic fakealert.am trojan
VIL Link: Not available
DAT 6200 provides cover against all of the submissions shown above.
I just ran into a similiar problem from my wife clicking on a facebook link, but the the name of the Virus it installed was called Security Shield. I tried to close the window but it still installed. Ran the Mcaffee virus scan in full it didn't find it. Running Stinger in High now. I also just downloaded Malwarebytes. Will try that after Stinger. and post back the results.
This happened to me last night as well on Windows 7; I was surfing and went to a website; up came the warning screen; I tried to back out; ST2011 (Security Tool 2011) downloaded; went right through my McAfee software without any notice. I did the following to fix:
- First, I tried dual booting to my Linux OS and tried to go to McAfee's chat help--but McAfee will not let you talk on chat if you are not using a supported OS. McAfee, you should fix this--using a dual boot to an uninfected system is a logical thing to do in order still to get an internet connection.
- Second, I tried logging into a second user account on my computer. It was not infected. I ran a full McAfee virus scan; it did not find the ST2011 but McAfee did do a registry fix.
- Third, from that account I looked at the properties of the ST2011 shortcut. It pointed to a file named gFjEh01804.exe in Program Data\gFjEh01804. The folder and file had been set to hidden.
- Fourth, I deleted the file, folder, and shortcut. I have zipped them and will send to McAfee today. Everything now works as before.
- Finally, I am running another full virus scan in the background just in case.
Update - Stinger never was able to find this file (at least on the date I ran it, it may have been updated since) I ended up switching users to a non-infected user, running Malwarebytes it found the file. I think I then rebooted in safe mode, somehow managed to find the hidden files and deleted it - then as added precaution I did a system restore to a week prior, even though I realize this program could have placed a duplicate of itself there, it did not. I reported the nasty application to FB, though it seems its still there for other victims. By the way, its called "How Fat Will You Get" lame I know, but I have a teenage daughter who does stupid things. What I dont understand, with McAfee as well as Windows protection, WHY was ANY application with an .exe allowed to install itself without my approval? Heck, I cant even install a printer without the security window asking me if I wish to proceed.
I seem to be directed buy Malywarebytes for a free program to remove this virus and or to purchase their products. I have already purchased McAfee. Is program compatible with McAfee? I thought I was purchasing McAfee to protect me from this stuff.