Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Windows › System Tool Virus?
New Posts  All Forums:Forum Nav:

System Tool Virus?

post #1 of 4
Thread Starter 
Alright, I was just casually browsing and suddenly I started to get some weird notification that I had a virus or something like that, I ignored it and thought it was just Windows being stupid. After about a minute or two there was something in my system tray called "System Tool" and I started getting constant error messages and pop ups telling me I'm infected and blah blah...

So how do I remove this thing? My PC is at an unusable state unless I boot into Safe Mode (I'm in there now).
Rig
(9 items)
 
  
CPUMotherboardGraphicsRAM
5820k ga-x99-sli gigabyte 7970 wf 16gb 4x4 lpx 
Hard DriveCoolingPowerCase
samsung 830 128gb ven x/gt ap-15 evga g2 650w corsair 450d 
Audio
jbl lsr305 
  hide details  
Reply
Rig
(9 items)
 
  
CPUMotherboardGraphicsRAM
5820k ga-x99-sli gigabyte 7970 wf 16gb 4x4 lpx 
Hard DriveCoolingPowerCase
samsung 830 128gb ven x/gt ap-15 evga g2 650w corsair 450d 
Audio
jbl lsr305 
  hide details  
Reply
post #2 of 4
Well, find where the virus is located, go into safe mode and delete everything that has to do with it.

If the virus is running in system tools it's very likely it'll show up in task manager > processes, so just look for an unusual process you wouldn't normally see, right click, and view file location. Once you find the location of the infected exe, boot into safe mode to delete its contents.

After you've deleted its contents in safe mode, boot back, if it's no longer running, great success! If it's still running, we're missing bits. Otherwise, if it's no longer running in task manager, run a scan with your favorite AV and make sure you get anything that's remaining, if there is anything.

Hopefully it'll be that easy, usually it is depending on how well the virus was coded.
post #3 of 4
Thread Starter 
Managed to find the registry strings and delete them, ran Malwarebytes as well and everything seems to be fine so far.

Thanks for the reply.
Rig
(9 items)
 
  
CPUMotherboardGraphicsRAM
5820k ga-x99-sli gigabyte 7970 wf 16gb 4x4 lpx 
Hard DriveCoolingPowerCase
samsung 830 128gb ven x/gt ap-15 evga g2 650w corsair 450d 
Audio
jbl lsr305 
  hide details  
Reply
Rig
(9 items)
 
  
CPUMotherboardGraphicsRAM
5820k ga-x99-sli gigabyte 7970 wf 16gb 4x4 lpx 
Hard DriveCoolingPowerCase
samsung 830 128gb ven x/gt ap-15 evga g2 650w corsair 450d 
Audio
jbl lsr305 
  hide details  
Reply
post #4 of 4
Look in the userdata folder to find the installer and delete it. I have found though once one of these is installed its best to reload since it messes up something in the OS and the performance of it will suffer usually afterwards, even once its removed.
Eclipse
(16 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 4790K ASRock Z97 Extreme4 Sapphire Radeon RX480 Nitro OC 32GB Gskill 2133 DDR3 
Hard DriveHard DriveHard DriveOptical Drive
Samsung 850 EVO 250GB Toshiba P300 1TB 7200RPM WD Blue 3TB Samsung Dual Layer DVD-RW 
CoolingOSMonitorKeyboard
Hyper 212+ Push Pull Windows 7 Ultimate X64 Samsung 23" 1080P MS Wireless Keyboard 4000 
PowerCaseMouseMouse Pad
Corsair HX 650W Rosewill Blackhawk MS Wireless Laser Mouse 5000 Steel Series 
  hide details  
Reply
Eclipse
(16 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 4790K ASRock Z97 Extreme4 Sapphire Radeon RX480 Nitro OC 32GB Gskill 2133 DDR3 
Hard DriveHard DriveHard DriveOptical Drive
Samsung 850 EVO 250GB Toshiba P300 1TB 7200RPM WD Blue 3TB Samsung Dual Layer DVD-RW 
CoolingOSMonitorKeyboard
Hyper 212+ Push Pull Windows 7 Ultimate X64 Samsung 23" 1080P MS Wireless Keyboard 4000 
PowerCaseMouseMouse Pad
Corsair HX 650W Rosewill Blackhawk MS Wireless Laser Mouse 5000 Steel Series 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Windows
Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Windows › System Tool Virus?