Malwarebytes is not an anti-virus, it's anti-malware so OK to have in addition to anti-virus. However, you have downloaded the wrong version, you have the trial paid version rather than Malwarebytes Free which is the blue button on the lower left here where it says Download the Free Version: http://www.malwarebytes.org/mbam.php
Uninstall the one you've got and start over again. Don't forget that all that, plus updating and running the software can be acheived in 'Safe Mode with Networking' if necessary.
Another alternative is to download Hijackthis and post its log on one of the specialist forums listed below for expert help:
Do not post Hijackthis logs here, we can't help with those!
Post the logs at a specialist Forum:
Be sure to read all the sticky announcements/instructions at the top of each malware forum!
Message was edited by: Ex_Brit on 27/12/10 6:43:04 EST AM
Again thanks for your suggestions. However I just found a better solution. At desperation I log in in Normal Mode as User Name: CVG; then as soon as it started, I press CTRL ALT DEL, then selected Task Manager; and lo and behold it starts loading the Processes one by one, and there I saw a previously UNKNOWN process: nBipK08200; physically turn off my network, then went into START-> SEARCH ->type: nBipK08200, and there it was even with the System Tool icon. Deleted all those files; Re-start my laptop in Normal Mode. Everything OK now. I am using User Name CVG in Normal Mode to send you this msg. Maybe easiest way for non geeks like me to resolve this problem.
Thank you very much for your patience. Problem resolved: Client very satisfied again.
Excellent and congratulations on finding the 'nasty' buried in there,
I am PO' ed that my constantly updated McAfee did not block this one. Nor could it find it in a scan.
After hours of searching and trying solutions. (Running a restore did not work for me. The virus came back. Nor did running malwarebytes in safe mode. The virus returned.)
Finally I found this advice.
I did not have issues with IE, so I followed their advice from running Rkill on.
The only challenge I had was copying in the new HOSTS file. Windows explorer would allow me to delete it but not paste in the new version.
I got around this using Notepad. I save the new file to desktop. Went to All Programs, Accessories, and right clicked on Notepad. Click on the option to "run as administrator".
This looks like it worked, and I am really grateful. However, unless McAfee gets its stuff together, I am not renewing my subscription.
Also, the System Tool 2011 guys run a website to take payment for the bogus solution. This should make it easy for the FBI to find these guys. Be sure to report this.
As posted here and in many other spots in similar threads, no antivirus is perfect and very few of them, if any, detect these fake anti-malware programs. Hence the description and solution posted in that BleepingComputer thread.
If by switching to another brand of protection you think these kind of things will be stopped, you're in for a surprise I'm afraid to say.
Just be very careful what you download, click on, open etc. and keep you system up to date and always carry some extra anti-malware tools around, just in case.
When something like this hits Google it as often there are already-published means of getting rid of them.
Message was edited by: Ex_Brit on 27/12/10 12:09:12 EST PM
I am a member of both this, and the Malwarebytes community, there are quite a few threads over there.
I also know that one way to get rid of System Tool 2011, is using Malwarebytes.
Malwarebytes & McAfee, you should be protected.
MSE, AVG, Avast, Comodo, BitDefender, Mcafee. Most, if not all, of these will miss this.
It is like Ad-ware, but is kind of like malware.
Message was edited by: ConorD62 on 28/12/10 21:25:29 CST
This is indeed a very disappointing performance on the part of McAfee.
So, the program is not a threat or a problem? My McAfee Total Protection says that it scans for "Potentially unwanted programs".
System Tool 2011:
- installs itself without the user's knowledge or consent using a Java runtime exploit
- takes control of the computer on start up
- disables McAfee
- disables Task Manager
- disables Install/Uninstall Programs utility
If this is not a malicous threat and unwanted program I don't know what is! Obviously other McAfee customers had the same experience and yet McAfee refuses to recognize this as a legitimate threat.
I had to go to third party software (Norton/Symantic) to find instructions to delete this extremely malicious program that completely disabled my computer. I had to use regedit and manual searching in Safe Mode on Windows XP Pro to delete and remove the program. Only after the fact did McAfee find the Java exploit which allowed the program to be installed without my permission or knowledge.
I had to go to this unofficial "Community" to get help from fellow customers to even identify the problem.
My McAfee Total Solution comes up for renewal in February and based on this very negative experience I will be cancelling my subscription and purchasing a Norton/Symantic product instead.