Hi
I have a Sony Vaio running Windows Vista, and I use Firefox.
I somehow got infected simultaneously by the Security Toolkit and Quick Defragmenter malware, and after a couple of passes by MAM antimalware (I got it wrong the first time, and used the Bleeping Computer advice the second time, which did the trick, so kudos)
I got rid of the malware, I think.
But I am left with a pretty nasty legacy.
All of the protections the bug created for itself are still there, so for instance I can only access Windows explorer in 'safe' mode and I still get the following warning coming up when I try to open programmes.
"Windows detected a hard disk problem
Scanning for hard drive errors.....Hard drive scan helps to detect yada yada"
I can open them after about three tries, or right clicking and coming in as an admin for firefox.
The worst problem is that the little bastard crashes my system approximately every 20 minutes or so
irrespective of what I am doing as follows....
First Message:
"You are running every low disk space on Local Disk (C:)"
Then instantly
Second message:
"Windows - No Disk Exception Processing Message 0x 0000013
Parameters 0x000007FEFE037240 0x00000000004 0x000007FEFE037240 0x000007FEFE037240 "
Then instantly
Third Message
Windows Delayed Write Filed (note - not 'Failed')
Windows was unable to save all of the data for the file \Systems32\496A8300. The data has been lost.
This error may may be caused by a failure of your computer hardware.
Then instantly
Fourth Message
"Windows - no Disk
Exception processing message 0x0000013
Parameters 0x759A023C 0x84C3CAA4
0x759A023C 0x759A023C
Same messages every time.
Then after a minute's grace or so I get this message
"A critical error has occurred while indexing data stored on hard drive"
and the machine then reboots, while letting me save what I am working on, if I'm quick.
Finally, upon re-booting this message appears, which starts the whole cycle again.
"Warning The system has been restored after a critical error. Data integrity and hard drive integrity verification required,"
I presume from reading your site that the malware has left something behind in the rootkit, but I have no idea how I might deal with this issue, and would be grateful for your help in sorting it out, and also re-establishing the functions which were disabled by the malware eg defragmentation (although I was able to defragment using C: defrag and I have loads 90 Gb of space on the drive) no remote access and so on.
Best Regards
Chris