8 Replies Latest reply on Feb 15, 2011 8:51 PM by Hayton

    system tool please help

      last night i got the sytem tool virus, stupidly i believed it and paid the subscription. i quickly realised it was a scam and have been following advice to get rid of it. i did a system restore to a previous date, malwarebytes full scan in safe mode (nothing detected), and full mcafee scan (nothing detected). all the system tool stuff seems gone, i also deleted some files i was unsure of (lots of numbers and letters). can someone give me some advice as to if this is gone properly or not? im a total techophobe!!

        • 1. Re: system tool please help

          Hi Misssmcc,

          A System Restore is a good way to go back to before an infection, unfortunately System Tool could have infected the Restore points,

          But luckily it doesn't seem it has,

          Please Run Malwarebytes in Normal mode.

          Then if you think you see any more dangerous files and don't know what they are, you can submit them to http://www.virustotal.com, Where the file is scanned against 43 Anti Viruses without having to download the Anti Virus.



          1 of 1 people found this helpful
          • 2. Re: system tool please help

            hi, thank you for replying, i just did a full malwarebytes scan on normal mode and nothing was detected, since this happened and i did the system restore i have done 5 malwarebytes scans (both full and quick in safe and normal modes) and a full mcafee scan, nothing has been detected in any scans. im just reluctant to assume its sorted because i have absolutley no computer skills and have never seen a virus come up on a computer before, it was very scary! also someone else said system restore can make it worse, not sure if thats true but its worrying for someone like me with no computer knowledge. if i could afford to i would just get a proffesional to check it but thats not really an option just now. do you think thats it sorted or could the virus still be lurking somewhere malwarebytes wouldnt detect it? sorry if i seem a bit paranoid but i have no experience of this.

            • 3. Re: system tool please help


              If you are seeing no signs of infection, i.e Slow internet, 100% CPU being used, you are likely NOT infected.

              System restore is kind of like a reformatting of your computer (deleting everything on it, by using a special windows tool), It is usually the last option to do,

              Malwarebytes is a very good and handy tool, so I think if you did have anything left of System Tool, it would detect it,

              Unless you have a hardware problem, then you should never take your PC to a professional, as they would most likely download Malwarebytes free, for the price of nothing, and fix it easy, but it would cost a lot, (I'm looking at you Geek Squad. *shakes fists*)

              I would also suggest opening up Task Manager by right clicking on the task bar at the bottom of your computer, and seeing if you think anything is abnormal, which you should report it here. (because randomly ending tasks can be very dangerous, such as ending "Winlogon.exe", which most likely will destroy your computer.)





              Message was edited by: ConorD62 on 15/02/11 09:46:07 CST
              1 of 1 people found this helpful
              • 4. Re: system tool please help

                to be honest it all seems abnormal to me lol, the internet speed is normal and CPU thing said 12%

                the only programs that i couldnt at least try to decipher was csrss(dot)exe, dsiwmis(dot)exe, IAANTmon(dot)exe and wmiPrvSE(dot)exe

                using (dot) so i dont accidently create any dodgy links

                are these ok?

                • 5. Re: system tool please help


                  Csrss.exe is Client/Server Runtime Subsystem, or csrss.exe, is a component of the Microsoft Windows NT operating system

                  Dsiwmis.exe is Dritek Windows Management Instrumentation Service.

                  IAANTmon.exe is Intel® Matrix Storage Event Monitor.

                  WmiPrvSE.exe is Windows Management Instrumentation.

                  None of these seem to be malicious.

                  By the way, you cannot create any malicious links unless you use the link attachment function and use http:// or www, but seeing as you are just copy and pasting, there is no web links.



                  • 6. Re: system tool please help

                    ahh ok, thanks for that, why cant they just have normal names instead of cryptic codes

                    i think thats panic over for the time being, you have been very helpful thank you!!

                    • 7. Re: system tool please help


                      No problem.

                      Good Luck.


                      1 of 1 people found this helpful
                      • 8. Re: system tool please help

                        Nicely done, Conor.


                        btw, do G**k Squ*d really charge a fee for fixing problems using good ol' (no cost) Malwarebytes?


                        So ...they charge a fee, which means they're business professionals, and they get to eat tonight .... we do it for free, which means we're saints and wonderful human beings, but we go to bed with a crust and a bowl of gruel.


                        Hmm. I'll have to think about this.