There is only one admin-level account of this machine, and by the time I got here to help out, her account had virtually been shut down by this virus (or at least that's what I'm gonna call it). This system uses "Stop Sign" by eAcceleration as its security package, which I recommended to them, and also use on my family's laptops with good results. So when they told me of a security breach on their desktop, I felt obligated to try to help them out. However, by the time I got to their place and "assumed the position" at the keyboard, that one admin account on the machine could not even run the Stop Sign system scan required to identify and isolate the genuine infections that DID exist on the machine and started this whole mess in the first place. Every app I tried to run from the priveleged account to investigate, isolate and eliminate the REAL infection simply resulted in a message from the "system tool" saying that the program was infected and could not be used. Ironically, one of the "standard" accounts on this family PC has been mostly ignored by the "system tool" bug, so we could run a Stop Sign Scan, which found 8 genuine infections (1 Trojan, 1 System Tool, and six Adware cookies), but we couldn't do anything with the results, due to the lack of account privs to act on the scan results.
So after 2-3 hours of rooting around and trying to figure out a solution myself, I got smart and googled "System Tool Virus Scam" (or keywords to that effect), and in short order I was lead to this site, where a "Free download and fix" for this bug is promised in the Google ad. I guess we'll see... ;))
So that's my story, at least up to this point. I'm heading back to the search criteria that got me here in the firt place, and hopefully I'll have this thing fixed before daybreak in Atlanta GA, thereby re-establishing my reputation with my friends as at least somewhat of a geek.
Wish me luck... and if you have any experience, ideas. tools, and/or advice to toss my way regarding this "System Tool" bug, plz feel free to do so ASAP.
(Moderator edit: E-mail address removed to prevent its harvesting by spambots and to protect Member privacy. jgw)
Edited by jgweed, 02 January 2011 - 11:38 AM.