Hello, I recently got System tool 2011 on a computer with windows 7. I can't right click on my desktop (well I can, but I can't open properties or click any of those), everytime I try to download antivirus software it says I don't have the power to do so or something along those lines, and when I try to go to this very site on that computer (I'm on a different one) it crashes and I have to redo it and it is making my computer move very slow.

I can't copy and paste the registry or whatever it is I'm supposed to do because I can never even get to a thread topic on this site because my mozilla firefox will crash before I am able to do so. I really need to know what to do, should I just bring it into best buy?

I have some version of malbyte antiviral software but I CANNOT open it, the virus won't let me. Also, I have expired kaspersky that I want to join again, but it won't let me do that either. Every time I wish to open it, it won't let me. Windows task manager shuts down right away as soon as my computer is on and I won't be opposed to a system wipe if need be, I just want this gone I don't know what information I have on my computer that these hackers can steal. I pay for credit card stuff on my laptop so I don't know what to do here. Any help is MUCH appreciated.

Hello, and welcome to The Ultimate Geek TaskForce!

Please note the following information about the malware forum:

• Only Trained Advisors, Moderators and Administrators are allowed to give advice on removing malware from your computer.
  
• From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by the staff I noted above.
  
• Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
  
• If you have already asked for help somewhere, please post the link to the topic you were helped.
  
• We try our best to reply quickly, but for any reason we do not reply in two days, do this:
  
  Reply to this topic with the word BUMP.
  
  
• Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

---

Download the OTLPE Standard REATOGO Windows Recovery Environment.

• Place a blank CD-R disc in to your CD burning drive.
• Download OTLPEStd.exe and double-click on it to burn to a CD using ISO Burner.
• Reboot your system using the boot CD you just created.
  
  Note : If you do not know how to set your computer to boot from CD follow the steps here
  
• Your system should now display a REATOGO-X-PE desktop.
  
• Double-click on the OTLPE icon.
  
• When asked "Do you wish to load the remote registry", select Yes
  
• When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  
• Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  
• OTL should now start. Change the following settings
  • Change Drivers to Non-Microsoft
    
  • Press Run Scan to start the scan.
    
  • When finished, the file will be saved in drive C:\_OTL\MovedFiles
    
  • Copy this file to your USB drive if you do not have internet connection on this system
    
  • Please post the contents of the OTL.txt file in your reply.

Before I do that, and I apologize for asking this before I do that, I want to let you know that I manually shut it down with the button instead of the start->shut down and it appears to have disappeared. I will follow through with what you have to say after this, I just wanted to make sure that it was still OK to do without the virus controlling everything. My computer is working seemingly fine. I can open applications and all of that good stuff.

Scan for malware

Please download Malwarebytes Anti-Malware from Download.CNET.com.
Alternate link: BleepingComputer.com.
(Note: if you already have the program installed, just follow the directions. No need to re-download or re-install!)

Double Click mbam-setup.exe to install the application.

(Note: if you already have the program installed, open Malwarebytes from the Start Menu or Desktop shortcut, click the Update tab, and click Check for Updates, before doing the scan as instructed below!)

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If you are prompted to restart, please allow it to restart your computer. Failure to do this, will cause the infection to still be active on the computer.
  
• Please save the log to a location you will remember.
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• The log can also be found at C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  
• Copy and paste the entire report in your next reply.

Database version: 5406

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

12/28/2010 1:05:26 AM
mbam-log-2010-12-28 (01-05-26).txt

Scan type: Quick scan
Objects scanned: 159185
Time elapsed: 6 minute(s), 51 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FE4C2C37-EDC8-4C00-B864-3C38CF3BA834} (Adware.Adshot) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\Users\user\AppData\Roaming\microsoft\Windows\start menu\Programs\antimalware doctor (Rogue.AntiMalwareDoctor) -> Quarantined and deleted successfully.

Files Infected:
c:\Users\user\AppData\Local\Temp\19aqp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\user\AppData\Local\Temp\mbfkk.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\user\AppData\Roaming\microsoft\Windows\start menu\Programs\antimalware doctor\antimalware doctor.lnk (Rogue.AntiMalwareDoctor) -> Quarantined and deleted successfully.
c:\Users\user\AppData\Roaming\microsoft\Windows\start menu\Programs\antimalware doctor\uninstall.lnk (Rogue.AntiMalwareDoctor) -> Quarantined and deleted successfully.



All of a sudden though I have this McAfee site advisor. Should I turn that off? (I upgraded all my free security systems but they're just the free versions: I have kaspersky, mcafee, and now malwarebyte)

I'm still waiting this guy has no affiliation to me

My apologies for that.

Not sure about SiteAdvisor. It should be fine for now.

ESET Online Scan

Please run a free online scan with the ESET Online Scanner

• Tick the box next to YES, I accept the Terms of Use
  
• Click Start
  
• When asked, allow the ActiveX control to install
  
• Click Start
  
• Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  
• Click Scan (This scan can take several hours, so please be patient)
  
• Once the scan is completed, you may close the window
  
• Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  
• Copy and paste that log as a reply to this topic

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6419
# api_version=3.0.2
# EOSSerial=1f40c40cace26c428db9a298c6545b99
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-12-29 04:32:14
# local_time=2010-12-29 10:32:14 (-0600, Central Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1280 16777215 100 0 33940701 33940701 0 0
# compatibility_mode=5893 16776573 100 94 0 45176587 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=156121
# found=0
# cleaned=0
# scan_time=7197

Any more issues?

We need to know any other issues that are plaguing your computer. Kindly give a summary so we know how to continue from here.

Many of the things to note for us would be:

• Slow computer
  
• Error messages
  
• Fake antivirus alerts or the icon in the system tray
  
• svchost.exe running at 100%
  
• System crashes or blue screen of death