Computer virus help - System Tools

[AFC-911]

No idea how I got this. Commented on a status on Facebook. Listened to my Windows Media Player and had my Picasa up.

Anyway, I now have it and it sucks. I've ran Malwarebytes & it took out 23 infected files. I rebooted & for some reason, it's still there.

I'm now on my safe mode and I've done a full scan on Malwarebytes & it came up empty the 2nd time around.

What's my options?

[red-beard]

Remove disk from computer, install in a USB box and connect to a clean PC and let that PC clean out the viruses.

[masraum]

Lots of times this crap can reside in your hibernation file (hiberfil.sys). You would probably want to turn off hibernation, reboot, scan, reboot, then turn hibernation back on or something like that.

[AFC-911]

Thanks for the tips...Now I just have to figure what you meant! Hahaha!

BTW, this sucks donkey balls!!

[TimT]

Combofix

This is like an uber Malwarebytes..

removing the drive and scanning it as a standalone on another pc is a good idea also...

[zipinitaly]

I logged onto in safemode w/networking and manually found the files and deleted them. Open up a browser on a different computer and follow posted instructions. I agree...it is a nasty program.

Good Luck!

[red-beard]

Quote:

Originally Posted by zipinitaly

I logged onto in safemode w/networking and manually found the files and deleted them. Open up a browser on a different computer and follow posted instructions. I agree...it is a nasty program.

Good Luck!

Yep, my wife did this on her PC last year and this is exactly how I fixed it.

And yeah, it sucked monkey balls!

[pete3799]

How do you manualy find these files. Unless it says VIRUS FILE I wouldn't know what to look for.
I've got a desk top that's infected and i just gave up on it.

[AFC-911]

I'm in safe mode w/ networking now and am looking for the files.

[Paul_Heery]

Detailed step-by-step removal guide here: Remove System Tool and SystemTool (Uninstall Guide)

[TimT]

BTW Facebook seems to be a petri dish of virii

I help co-workers out with pc problems and one common thread was "I was on Facebook"

Quote:

How do you manually find these files.

Helps to find a how-to-guide that has all the names and pseudonyms for the files..

remove from while in safe mode...

[AFC-911]

Success!!! Ran the RKill on regular mode since it was coming up empty on safe mode. (The RKill was found on Paul's link two posts above mine)

I got the file name. It was under c:\ProgramData\iMiAp06308\iMiAp06308.exe

But anyway, I removed and promptly ran another scan.

Glad that's over with!



EDIT - now that I think about it, I could have contracted through a Myspace music page as I was looking up news on Cathialine Andria (French singer from Le Roi Soleil) before things started going downhill. It's a good bet since I never go on that site.


EDIT 2 - that file name probably has other permutations. I only found mine by reading RKill's log (it was the only file name there).

[slodave]

Those that are having problems should also turn off system restore, reboot, then turn it back on.

[red-beard]

Quote:

Originally Posted by TimT

BTW Facebook seems to be a petri dish of virii

I help co-workers out with pc problems and one common thread was "I was on Facebook"



Helps to find a how-to-guide that has all the names and pseudonyms for the files..

remove from while in safe mode...

Yeah. I remember removing Gator from my girlfriends computer back around 2000. What a PIA. This System Tools thing is worse.

[look 171]

I had it about a month ago. What a freaking b!tch. I could not get any bids out to my clients, I broke down and purchased a Mac. I am still learning how to use the freaking thing. So, they tell me there's no virus. When I have time, I will format it and start all over again.

Jeff

[HardDrive]

Microsoft Certified System Engineer here. MCT, MCSA, CCNA, yada yada.

My most recent solution was, 'buy a MacBook Pro, and quit ****** around with this MSFT BS'. SO sick of dealing with malware issues. When I'm running anti-virus, anti-malware, staying clear of 'naughty' sites.....and I STILL get awful virus issues, what the hell is the point? I need to work, not waste hours (days really) cleaning this crap up. As of late, I found I couldn't clean it up.

2 months in, and very happy thanks.