System tool took over the computer, please help

P

paulcheung

Active Member
HI I have this problem with this sony Vaio. It get infected with something like system tools virus. I can't download any anti-virus program and even task manager can't be started. what can I do?
Thank you.
 
Please, don't do anything else on the computer while working with these programs. Perform all the below in normal boot, NOT safe mode.:

If you can not download anything to your computer, then download the necessary files on a different computer and put them on a flash drive then transfer the files to the computer with the problems.

Please download Malwarebytes' Anti-Malware HERE or HERE and save it to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    o Update Malwarebytes' Anti-Malware
    o and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version. Please keep updating until it says you have the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • A log will be saved automatically which you can access by clicking on the Logs tab within Malwarebytes' Anti-Malware
- - - - - -
NOTE!
If for some reason Malwarebytes will not install or run please download these files: Rkill.scr, Rkill.exe, or Rkill.com.

First, run the .SCR file by clicking it. If a window opens then closes without a log appearing then run the RKill file again, do this until it generates a log (like with notepad) of processes stopped. If .SCR just won't work at all, try the .EXE, if the .EXE wont work then use the .COM until one of them gives you a log. Then work to install/run Malwarebytes. DO NOT reboot immediately after running RKill because doing so will deactivate RKill and you will have to run it again. Just run RKill then malwarebytes, then HijackThis. Dont reboot until told to do so.
- - - - - -

Now, you can generate a HijackThis log by doing the following:

Download the HijackThis installer from HERE

Run the HijackThis download.

Click Do a system scan and save a logfile

Most of what HijackThis lists will be harmless or even essential, don't fix anything yet.

Post the logfile that HijackThis produces along with the Malwarebytes Anti-Malware log and a detailed description of the problems you are experiencing.
 
As I said, then download them on another computer and put the files on a flash drive. Then transfer them from the flash drive onto the computer with the problems.

Download all 3 of the the RKill files, and also the Malwarebytes, and the HiJackThis files that I linked to in my last post.

For the running problem, once you have the files on the problem computer, begin by following my instructions regarding running the RKill files first. RKill will stop, and keep stopped the processe(s) which are keeping you from doing anything.

EDIT: Instead of those 3 RKills just get this one as it should work better than the others.
Download this RKill alternative instead, run it the same as you would RKill: iExplore.exe
 
Last edited:
Thank you for your reply, but the owner of this computer can't wait and she carry to officedepot to make the professional to deal with it, it is out of my hand now. I still need to know what is the bestway to remove this system tool infection? Is there a known program to remove this infection?
Thank you again.
 
Last edited:
I've never used Office Depot, but frankly places like that dont have a very good record of effectively dealing with issues like this. Geek Squad is the worst one at helping to do anything on a computer. Plus Office Depot will probably take a week or more to get it back to her.

We use a multitude of tools to do the job, usually many together to remove infections. There is no single magic bullet program that can do all and cure all. Whether the infection is actually "system tool", or that one alone or plus others.... We also use the tool of experience and analytical thinking to solve problems.
 
Last edited:
They tell her tomorrow, So hope she get it back virus free. Thank you. I remember I have saw a thread similar to this infection, but I can't find it. So hopeful I won't get this kind infection in the future.
 
its easy to get rid of simply go on safe mode and find the folder C:\ProgramData (vista) unsure about 7 and XP and there will be 2 .dll files with randomly generated names like 45654656 or gfdgfdg or 435bb4u54 just delete these and run in normal mode again and it will work :) not software needed
 
Mark4_4 said:
its easy to get rid of simply go on safe mode and find the folder C:\ProgramData (vista) unsure about 7 and XP and there will be 2 .dll files with randomly generated names like 45654656 or gfdgfdg or 435bb4u54 just delete these and run in normal mode again and it will work :) not software needed
Click to expand...

That is not true.
 
Probably because that doesn't remove the infection. Just deleting a file doesn't cure infection problems, its much more complicated than that.
 
ummm no it just infects me again cos the second time was a different program that i removed the same way and the third was on a different PC and even if it isn't fully clean it doesn't bother me any more so what's the problem
 
You must log in or register to reply here.
Back
Top