Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 572
  • Last Modified:

Warning Your're pc is infected

Greetings,

I seem to have this tough virus that scans my computer for viruses and then asks me for a payment to get rid of it.  I searched the data base and saw several earlier questions so I tried the solutions but they didn't work.  I tried Malwareytes and SmitFraudFix.  It got riid of the back ground srceen that has the "Warning your're computer..." but it still boots up and blocks many if not all the startup applications like "mcagent.exe", etc  I can't launch any prorams like Explorer because it says it's infected.  It has a pop up that is named "System Tool" thst does the scaning of my computer and says I have viruses.  My compuiter is completely useless and this virus seems to ba a tough one to get rid of.  Any ideas ?
0
Bloxsom
Asked:
Bloxsom
  • 6
  • 5
  • 3
  • +4
1 Solution
 
residentsCommented:
I would try combofix available here :http://majorgeeks.com/Combofix_d6402.html

Also, if you can get into safe mode, go to start, run, and type MSCONFIG and see if there are any obviously strange things in there and uncheck them. Run combo fix from regular mode if possible.
0
 
Aaron TomoskySD-WAN SimplifiedCommented:
This is a virus. Boot into safe mode, run a full scan with malwarebytes. If that doesn't work, you must use a boot cd to get a clean boot and then run malwarebytes. I suggest ultimatebootcd.
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
you didn't mention what version of Windows...

Can you boot to Safe Mode and then use System Restore to go to a previous time when you had no problems?
0
NEW Internet Security Report Now Available!

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out this quarters report on the threats that shook the industry in Q4 2017.

 
sweepsCommented:
 I would recommend downloading Kaspersky rescue disk on another computer and burn the iso to CD.  boot your infected computer from this disk and run the full scan.  If you use a network cable for connecting to internet, you can update the virus update files on the fly while being booted to this disk.
0
 
sweepsCommented:
0
 
BloxsomAuthor Commented:
My OS is Windows 7 and I can get it to run in Safe mode.
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
So go into safe mode and then try to use System Restore.
0
 
BloxsomAuthor Commented:
Where is system restore located ?
0
 
younghvCommented:
You don't need to do a System Restore yet.

This variant of malware is one of the few that require a "Safe Mode" boot (with networking) to clean with Malwarebytes.

Please review the detailed instructions here:
http://www.bleepingcomputer.com/virus-removal/remove-system-tool 
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
Start Orb -> All Programs -> Accessories -> System Tools
0
 
Plamen PenevOnline Store ManagerCommented:
I suggest that you download ESET Nod32 online scanner from here. Install it, wait until it downloads current updates and when the program starts to scan your system, immediately unplug your network cable.
0
 
younghvCommented:
My goodness!

For the life of me, I simply cannot understand where some of this advice is coming from.

"System Tool" is well-documented malware and the fix has been in place for several months.

"ComboFix" is a great tool, but not needed.
Downloading and installing another AV application is neither wise, nor needed.

When "System Tool" was released in the wild, I had several come through my shop and the repair process is fairly simple and direct.

If Experts haven't personally had experience with solving this problem, they probably shouldn't be posting random/generic advice.
0
 
younghvCommented:
@Bloxsom,
You are the third EE Member in the past couple of days to post with this infection.
Here are the results of one of those requests:
http://www.experts-exchange.com/Q_26833850.html?cid=1131#a34934626

I think that you are probably running some version of McAfee and I would suggest that - after you effect the repairs - you consider switching to stronger protection.

Some of the 'suite' type protective software doesn't do any of the jobs very well and, although McAfee used to be one of my favories, I think they have stretched themselves too thin these days.
0
 
BloxsomAuthor Commented:
Yes, I do have McAfee on the infected computer.  I have a professional version of AVS (30 day trial ) on another laptop.  It seems to work well.  I plan on paying for this when the trial runs out.  Any commets on AVS would be welcome.  Malwarebytes running from Safe mode with Networking enabled deleted the virus !  The reason it worked this time is that Malwarebytes was over 60 days old and needed an update via the Internet.  Thank you !
0
 
younghvCommented:
You're welcome.
The instructions I gave you are what I've been using for a while now.

For some detailed comments recommendations on protecting your systems, please review my Article here:
http://www.experts-exchange.com/A_1958.html
0
 
younghvCommented:
I haven't heard of AVS anti-virus, do you mean AVG?

In any event, I am hopeful that you do not have two or more Anti-virus programs installed concurrently.

That will always be a recipe for conflict between/among them.
0
 
BloxsomAuthor Commented:
Yes, I mean AVG.
0
 
younghvCommented:
I was a regular user of both AVG and AVAST, but AVG doesn't appear to play well with Malwarebytes (either with XP or 7), so I have been pulling licensed versions of AVG off customer's computers and installing MSE.

The AVAST is OK with it so far, so I am letting those licenses expire before pulling it.

The only other AV apps I have experience with are Symantec/Norton (never-ever again) and McAfee.

Save your money for the AVG license, replace it with MSE and buy Malwarebytes-Pro. It will actually be cheaper than your AVG license.
0
 
BloxsomAuthor Commented:
Good advice, MSE and Malwarebytes-Pro it is !
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

  • 6
  • 5
  • 3
  • +4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now