System Tool Infection

I have run Rkill first hand on several PCs having this infection without a problem. However perhaps you have a different form. Try booting in safe mode and doing the below.


Please download and run the below tool namedRkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are a few different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click and choose Run as Administrator

You only need to get one of them to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

1. Rkill.exe
2. Rkill.com
3. Rkill.scr
4. Rkill.pif

If you are having problems running Rkill, you can download iExplore.exe or eXplorer.exe, which are renamed copies of Rkill.com, and try them instead.

Once you've gotten one of them to run then try to immediately run the following.

Now run this: Using Malwarebytes Anti-Malware

​

 

If you are booting in safe mode then you are using an admin account and should have admin rights. If you are seeing errors about rights, you did not get the malware shutdown which is what Rkill normally does. As I stated, I have used this many times without a problem.

Is there another user account? If so, try booting to it and running a full scan with Malwarebytes and other tools on this second account. Then come back to the infected account.


See if you can run regedit also see if MSconfig runs.

 

You're welcome.

Then you should be able to run MBAM and the rest of our cleaning process now to finish things off.