Results 1 to 5 of 5

Thread: System Tools 2011 Nightmare

  1. #1
    Kiera Guest

    Default System Tools 2011 Nightmare

    I have twice been invaded by System Tools 2011 despite a current and active copy of Zone Alarm Extreme security on my PC, so my question is twofold:
    a) why didn't zone alarm protect me? and
    b) if it can't protect me why should I pay for Zone Alarm when it would be cheaper and easier to pay the extortionate malware and save myself tech support fees and useless security services?

    Suggestions on how to prevent future rapes would be appreciated.

    Kiera

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,292

    Default Re: System Tools 2011 Nightmare

    Here:
    xyz was not detected. What I should do?

    Double check first that you are fully clean. Perform ALL steps detailed here below:
    Malware Clean-up Guidance

    Remove other security tools and learn to master ZA Extreme. Its all you need.
    To get infected with these types of fake tools normally (assuming your PC is fully updated and correctly configured) you need to run an executable. Do NOT do this and you will not be infected
    Last edited by fax; December 14th, 2010 at 04:48 AM.

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    Join Date
    Dec 2002
    Location
    San Carlos, California
    Posts
    1,641

    Default Re: System Tools 2011 Nightmare

    This happens in a few ways.

    Drive-by malware gets pushed on to your system without you knowing because your surfing websites that are a bit sketchy.

    Or you downloaded something thinking it was something else like to run a test or check your security of your PC and so on and so on.

    Another possibility its been on your system for some time maybe even before ZA and was dormant until recently.

    Here are some solutions to not get re-infected:

    1. You have to be responsible when surf the internet. There is NO security software on the market that will keep you safe 100%. (if they make that claim its a lie) You must do your part and not surf all kinds of sketchy sites.

    2. Use the browser security feature in ZA and in the advanced options of browser security turn on Virtualization, Site Check, Both Anti-Phishing options, block spyware sites, check files downloads for spyware and the key logger blocker.

    But beware anything you download will still get saved to the PC so YOU are ultimately responsible for the safety of your PC since YOU make the decisions to download things.

    Also with such high settings your bound to find some websites may not work properly because there being screened so aggressively and thats just the draw back of using all the security in the Browser security function.


    Now to try and get rid of this malware/buyware stuff.

    Download, install, update and do a full system scan using free version of Malwarebytes.
    http://download.cnet.com/Malwarebyte...=dl&tag=button



    Forum Moderator
    Last edited by Forum-Moderator; December 14th, 2010 at 12:43 PM.
    Click here for ZA Support
    Monday-Saturday__ 6am to 10pm Central time
    Closed Sundays and Holidays

  4. #4
    naivemelody Guest

    Default Re: System Tools 2011 Nightmare

    Additional thoughts:

    There are over a 100 variations of these types of "rogue/ scareware" malware circulating the internet. The "virus scanning and numerous infections found"...

    It is all a "fake show " - usually there will be a pop-up page that covers your whole screen with a 'fake' virus scan going on (but it's not 'your real software' that you normally use ) and it will show numerous 'fake' infections {do not believe this}. They say you should buy their software to clean up your pc= all lies to persuade you to purchase their fake ineffective software.

    As soon as you see the first "fake scanning" image - you...

    Generally should not click any link/ button from the pop-up's/ "Warning..."/ "Alert..." boxes not even the (red)" X "/ Close button" to normally shut it off (sometimes that X button = their false link to download more malware which is not what you want).

    And of course don't buy the rogue scareware you can remove the real infection which 'is the rogue/ scareware itself' and it's scare tactics( fake pop-up's and fake infections) .

    Recommended: immediately...to close these browsers/ pop-up's externally...

    - if you have a stand-alone ForceField or ZoneAlarm Extreme Suite (not to be confused with the ForceField toolbar of the rest of the ZA line of firewalls {ZA Free/ ZA Pro/ ZA Anti-Virus/ ZA Suite})...

    >with 'Browser Security' click/ open
    -> Settings
    -> Advanced
    -> Virtualization
    -> simply click "Clear Virtual Data"
    -> OK - this will clear all open "virtual" browser pages, boxes, pop-ups providing extra security.

    When you are using ZoneAlarm Extreme Suite or a stand-alone ForceField the first fake pop-up scan/ scareware will be eliminated and not affect your 'real' pc after you 'clear virtual data'/ close out that browser(s).

    or

    - press hold/ keys > 'Alt' and 'F4' keys (F4 = single key usually at the top of keyboard) or 'Ctrl' and 'F4' keys

    or

    - enter Windows 'task manager' to shut off all "Applications"/ web pages running,

    or
    - press keys > 'Ctrl' and 'Alt' and 'Delete' < together at the same time
    __________________________________________________ _________

    What is scareware from 'about.com' - click here > http://netforbeginners.about.com/od/.../scareware.htm

    Scareware - wiki - click here > http://en.wikipedia.org/wiki/Scareware

    Even on "trusted/ legitimate" web sites there are ways hackers can poison thru 3rd party ad servers, install/ inject malware within the web site, etc.

    You may get one "Warning..." or "Alert..." dialogue box/ pop-up with or without a background of a scan going on - if it appears suspicious - do not click 'any link' within the box, not even the 'red X' or "click here to stop pop-ups..."
    ... you must immediately shut these browsers/ pop-up's 'externally' thru -> clicking keys "ALT" and "F4" - see above for all options.

    You should familarize yourself with the "real alerts/ dialogue" boxes from your own anti-virus software, firewall, or other security software. Beware of 'warnings' that look like real 'windows alerts.'

    So how does ZAX/ Forcefield protect? - if you happen on such scareware - by simply closing the browser/ clear virtual data the malware 'really never infected your pc'- it's all trapped in a 'sandbox environment with limited access to your real pc' ; without Forcefield/ virtualization there are higher probabilities that it has affected your real pc and may be harder to close that browser and then you will have to disinfect your pc.


    I've personally come across these scareware twice - but with a stand-alone ForceField - I simply clear virtual data - and never saw anymore pop-up scans of that variant scareware.
    __________________________________________________ _____
    NaiveMelody NYC - 12-16-10 - Livin' On A Prayer - Bon Jovi
    Last edited by naivemelody; December 17th, 2010 at 06:16 PM.

  5. #5
    findley Guest

    Default Re: System Tools 2011 Nightmare

    Quote Originally Posted by Kiera View Post
    I have twice been invaded by System Tools 2011 despite a current and active copy of Zone Alarm Extreme security on my PC, so my question is twofold:
    a) why didn't zone alarm protect me? and
    b) if it can't protect me why should I pay for Zone Alarm when it would be cheaper and easier to pay the extortionate malware and save myself tech support fees and useless security services?

    Suggestions on how to prevent future rapes would be appreciated.

    Kiera
    Kiera,

    System Tools 2011 changes your HOSTS file. Have you checked your HOSTS file and made sure it's clean?

    Here's a quote from Bleeping Computer's removal guide for System Tools 2011:

    "As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system. Please note that if you or your company has added custom entries to your HOSTS file then you will need to add them again after restoring the default HOSTS file. In order to protect itself, SystemTool changes the permissions of the HOSTS file so you can't edit or delete it."
    System Tools 2011 Removal Guide

    Findley

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [Resolved] Norton Antivirus 2011
    By richard1296 in forum ZoneAlarm Installation
    Replies: 8
    Last Post: October 15th, 2010, 04:20 PM
  2. Zone Alarm 2011?
    By Narxis in forum General - Questions that don't fit any other category
    Replies: 4
    Last Post: April 27th, 2010, 04:12 AM
  3. uninstall nightmare...
    By graciedog in forum ZoneAlarm Installation
    Replies: 1
    Last Post: April 11th, 2008, 02:22 AM
  4. Uninstall Nightmare! Can anyone help?
    By ihatezap in forum ZoneAlarm Installation
    Replies: 1
    Last Post: September 18th, 2007, 10:58 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •