Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 570
  • Last Modified:

Warning Your're pc is infected

Greetings,

I seem to have this tough virus that scans my computer for viruses and then asks me for a payment to get rid of it.  I searched the data base and saw several earlier questions so I tried the solutions but they didn't work.  I tried Malwareytes and SmitFraudFix.  It got riid of the back ground srceen that has the "Warning your're computer..." but it still boots up and blocks many if not all the startup applications like "mcagent.exe", etc  I can't launch any prorams like Explorer because it says it's infected.  It has a pop up that is named "System Tool" thst does the scaning of my computer and says I have viruses.  My compuiter is completely useless and this virus seems to ba a tough one to get rid of.  Any ideas ?
0
Bloxsom
Asked:
Bloxsom
  • 6
  • 5
  • 3
  • +4
1 Solution
 
residentsCommented:
I would try combofix available here :http://majorgeeks.com/Combofix_d6402.html

Also, if you can get into safe mode, go to start, run, and type MSCONFIG and see if there are any obviously strange things in there and uncheck them. Run combo fix from regular mode if possible.
0
 
Aaron TomoskyTechnology ConsultantCommented:
This is a virus. Boot into safe mode, run a full scan with malwarebytes. If that doesn't work, you must use a boot cd to get a clean boot and then run malwarebytes. I suggest ultimatebootcd.
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
you didn't mention what version of Windows...

Can you boot to Safe Mode and then use System Restore to go to a previous time when you had no problems?
0
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

 
sweepsCommented:
 I would recommend downloading Kaspersky rescue disk on another computer and burn the iso to CD.  boot your infected computer from this disk and run the full scan.  If you use a network cable for connecting to internet, you can update the virus update files on the fly while being booted to this disk.
0
 
sweepsCommented:
0
 
BloxsomAuthor Commented:
My OS is Windows 7 and I can get it to run in Safe mode.
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
So go into safe mode and then try to use System Restore.
0
 
BloxsomAuthor Commented:
Where is system restore located ?
0
 
younghvCommented:
You don't need to do a System Restore yet.

This variant of malware is one of the few that require a "Safe Mode" boot (with networking) to clean with Malwarebytes.

Please review the detailed instructions here:
http://www.bleepingcomputer.com/virus-removal/remove-system-tool 
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
Start Orb -> All Programs -> Accessories -> System Tools
0
 
Plamen PenevCommented:
I suggest that you download ESET Nod32 online scanner from here. Install it, wait until it downloads current updates and when the program starts to scan your system, immediately unplug your network cable.
0
 
younghvCommented:
My goodness!

For the life of me, I simply cannot understand where some of this advice is coming from.

"System Tool" is well-documented malware and the fix has been in place for several months.

"ComboFix" is a great tool, but not needed.
Downloading and installing another AV application is neither wise, nor needed.

When "System Tool" was released in the wild, I had several come through my shop and the repair process is fairly simple and direct.

If Experts haven't personally had experience with solving this problem, they probably shouldn't be posting random/generic advice.
0
 
younghvCommented:
@Bloxsom,
You are the third EE Member in the past couple of days to post with this infection.
Here are the results of one of those requests:
http://www.experts-exchange.com/Q_26833850.html?cid=1131#a34934626

I think that you are probably running some version of McAfee and I would suggest that - after you effect the repairs - you consider switching to stronger protection.

Some of the 'suite' type protective software doesn't do any of the jobs very well and, although McAfee used to be one of my favories, I think they have stretched themselves too thin these days.
0
 
BloxsomAuthor Commented:
Yes, I do have McAfee on the infected computer.  I have a professional version of AVS (30 day trial ) on another laptop.  It seems to work well.  I plan on paying for this when the trial runs out.  Any commets on AVS would be welcome.  Malwarebytes running from Safe mode with Networking enabled deleted the virus !  The reason it worked this time is that Malwarebytes was over 60 days old and needed an update via the Internet.  Thank you !
0
 
younghvCommented:
You're welcome.
The instructions I gave you are what I've been using for a while now.

For some detailed comments recommendations on protecting your systems, please review my Article here:
http://www.experts-exchange.com/A_1958.html
0
 
younghvCommented:
I haven't heard of AVS anti-virus, do you mean AVG?

In any event, I am hopeful that you do not have two or more Anti-virus programs installed concurrently.

That will always be a recipe for conflict between/among them.
0
 
BloxsomAuthor Commented:
Yes, I mean AVG.
0
 
younghvCommented:
I was a regular user of both AVG and AVAST, but AVG doesn't appear to play well with Malwarebytes (either with XP or 7), so I have been pulling licensed versions of AVG off customer's computers and installing MSE.

The AVAST is OK with it so far, so I am letting those licenses expire before pulling it.

The only other AV apps I have experience with are Symantec/Norton (never-ever again) and McAfee.

Save your money for the AVG license, replace it with MSE and buy Malwarebytes-Pro. It will actually be cheaper than your AVG license.
0
 
BloxsomAuthor Commented:
Good advice, MSE and Malwarebytes-Pro it is !
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 6
  • 5
  • 3
  • +4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now