In reviewing all the comments posted regarding this "System Tools" malware issue causing major problems even though the contributors here indicated they have McAfee up and running...I find it all VERY disconcerting, to say the least. The McAfee security suite software currently on my home computer is provided by my ISP and recently, one morning, it appeared that the entire McAfee security software suite was completely replaced with what appears to be a newer version. (The CURRENT on-screen display, interface, etc of this apparently newer McAfee security suite is completely different than the prior one).
Although, I have not experienced any of the "symptoms" of the "System Tools" malware infiltration which so many posters here have described, there is one question I do have. I've frequently heard and read that one should never have more than one computer security software program running on their home computer at the same time, because they can cause problems. Yet, one of the anti-malware programs I've seen referenced here as being of use in combatting/removing the "System Tools" problem from one's computer is the Malwarebytes software. Is it actually safe to have both the McAfee Security Suite software and Malwarebytes on my computer at the same time?
Many thanks for any advice/information!
For your safety I removed your email address from public view.
It's not safe to run more than 1 antivirus application but it's OK to run more than 1 antispyware application, some of which I list here: https://community.mcafee.com/docs/DOC-2168
Basically the free versions work best in this instance and others may be OK too as long as they don't have active protection and/or an antivirus component. If you have any particular ones in mind it's best to ask.
I appreciate the information (and email address removal too) you provided Peter! As you can readily tell...my "newness" to the "ins and outs", so-to-speak, of the community forums site is all too obvious. I did download and run a scan with the free version of the Malwarebytes, Anti-Malware software this morning just to see how it works. I am a little puzzled that it detected two infected registry keys. From what I saw in the log, it appears the keys involved are related to Microsoft...since the name Microsoft was included as part of the registry key name. (I.e. something about "firewall disabling notification" and one other item). I'm certainly no technical whiz by any means, but I'm wondering if that "firewall disabling notification" issue is related to the fact that the McAfee software causes the Microsoft Firewall status screen to show that the firewall is not on (since McAfee is providing a firewall)?
Yes McAfee and other software firewalls disable Windows Firewall as only 1 software firewall should be run. That's in addition to any router (hardware) firewall, which is OK to run also.
Malwarebytes may have indicated those keys because they are either infected or corrupted. What it detects is usually safe to remove if quarantined.
Any questions about MBAM should be directed here: http://www.malwarebytes.org/forums/Message was edited by: Ex_Brit on 03/02/11 10:03:27 EST AM
i got infected by this virus about an hr ago just got rid of it and thought id relay a realy helpfull site/ anti <system tools> program i found to get rid of it.
iv gotten <system tools virus> twice now. first time it took me for ever to get rid of it no up todate virus scannners would pick it or even run do to the virus only thing thing i found that worked fast and compltely wiped the virus off my computer was reimagepcrepair at reimagepcrepair.com your first downlaod and scan with this program is free and gets rid of the system tools virus i went ahead and bought the program cuz it works so well and fixed many other probs on my pc includeing system tools virus
sorry for the bad spelling
A quote from one of the lead developers of MalwareBytes (Bruce Harrison) :
As far as why MBAM is very good at dealing with this infection, that is simple. MBAM is designed to be very good at dealing with malware that the AVs seem to be having problems with. I do not spend my time making MBAM detect millions of infections that any decent AV already detects as MBAM is DESIGNED to work alongside antivirus software, not replace it. A huge chunk of the research that goes into MBAM revolves around what we see making it into HJT threads as the vast majority of these threads involve antivirus software that was in some way bypassed.
Lets settle this now and avoid any further misinformation. MBAM is now a very good backup to any antivirus software and will only get better in the future. MBAM will NEVER add antivirus abilities to its core app and is always advised to be used WITH antivirus software. We actually get this question a lot in the forums and I assure you that we always say :
"No, MBAM can't replace your existing antivirus software and is not designed to."
See Malwarebytes says this as well. Some of these fake Avs have help desks and websites and I suppose the bigger AV companies are lothe to ban them. This my feeling not Mcafee's
We mods have requested a mcafee supplied answer. The answer given by Peter is made up by we mods to explain the why.
The answer of Ex_Brit seems to be a McAfee answer : An expensive virus tool cannot protect against a well known virus! Congratulation !
First of all McAfee's prices are competitive so you could equally as wll be complaining about Norton, Kaspersky and many others and beieve me, their support areas are filled with similar complaints.
This pest along with many of its kind is not a virus. If you read a few of the independant anti-malware forums where they are dealing with these case, free of charge I may add, you will realise that it's a lot more complicated than simply stopping a regular virus/trojan/worm in its tracks, something that McAfee et alia are good at and Malwarebytes isn't.. That's why there are all these tools available.
I'll say it again for good measure, there is no such thing as the 100% perfect protection software.Message was edited by: Ex_Brit on 24/02/11 6:42:28 EST AM
The only program that is 100% if used properly is not an antivirus.It is this program called sandboxie.Only if your running 32bit.For some reason it is a bit less secure in 64.If you want extra security this is the program.There are tutorials on youtube about this.It creates an isolated environment from the rest of your system.I would recommend this to anyone who wants extra security.Download malwarebytes 1st then clean fake av.Then if you want give this a look.Malwarebytes.org
System Restore worked for me. After I did the restore, I ran a scan, everything came up clean and the PC works fine now.
Make sure you temporarily disable System Restore to delete the infected restore point(s) and then make sure you update everything.