Page 2 of 3
Re: System tools Virus
Posted: 04 Mar 2011, 19:14
by DarrenL
Just had a phone call, System Tool virus has come up on my nephews new laptop. rkill and Malwarebytes already there so pointed them to this -
http://www.bleepingcomputer.com/virus-r ... ystem-tool
Safe mode and go. Will hear later I suppose if it's killed it off.
Re: System tools Virus
Posted: 04 Mar 2011, 19:58
by DaveB
Blimey.. it IS a little tinker isn't it!
As long as he didn't go online as the virus requests, he should be ok. Tell him not to panic (though I appreciate that's a difficult thing to do). Malwarebytes DOES work.. the daughters pc has been A-OK since I killed ST the other day
ATB
DaveB
Re: System tools Virus
Posted: 05 Mar 2011, 10:54
by DaveB
Ker-plunk..
How did your nephew get on Darren??
ATB
DaveB
Re: System tools Virus
Posted: 05 Mar 2011, 12:32
by DarrenL
His dad went through it using the list on the link I gave and only needed to call me on number 23 about the new hosts file to check. All done
Re: System tools Virus
Posted: 05 Mar 2011, 13:00
by DaveB
Excellent
ATB
DaveB
Re: System tools Virus
Posted: 08 Mar 2011, 16:47
by Paul K
Another thank you from me to all the contributors in this thread. Ran Malwarebytes in safe mode from a stick and a few unwelcome guests were found. I believe its also helped resolve an issue I had with FTX Central and a persistent error message.
CBFS never disappoints.
Re: System tools Virus
Posted: 24 Mar 2011, 08:54
by AllanL
Just diving out the door to the day job - ran rkill and malwarebyte on infected PC ( wives why do we let them near technology - apart from the kitchen/washing machine/hoover.....)
Both seem to have done the necessary but now I can't get in to replace the host file on the Windows 7 32 bit. Blocked out on access denied to documents and settings.
Any ideas round that?
toodle pip...
Re: System tools Virus
Posted: 24 Mar 2011, 21:12
by ianhind
Have you tried working as administrator to give you access?
I think the hosts file is in \Windows\System32\drivers\etc [if the "\" are the wrong way round, it means I've been spending too much time in Linux - can't remember if Windows is "/" or "\" ]
Edit: and by "I think", I'm running 64 bit Win 7 so there might be differences.
Re: System tools Virus
Posted: 24 Mar 2011, 22:51
by DarrenL
Also I think you have to drag and drop the new hosts file in, you can't save it into the folder via the popup "save as" window.
Re: System tools Virus
Posted: 25 Mar 2011, 00:58
by DaveB
Yup.. drag and drop is the way to go having first deleted the original. I looked at all 'like' host files over 3 XP pc's and they were identical so I dragged one onto the stick malwarebytes was on then drag/n/dropped it into the etc folder.. no overwrite
ATB
DaveB