my kids were playing online games and some how downloaded malware.It turns my desktop to a big warning message in red letters and a bunch of 01`s on the whole screen.It keeps popping up with activate system antivirus.Ive tried going to their web site to uninstall but it say do so through add remove and it wont allow me to open.it says I can try http://systemsecuritysite.cominstall/wscleaner.exe My spybot wont start it says the same thing cannot start file is infected.All I can do is go online.Cant open outlook either.Any suggestions?

oh yea if you go to the site to download a warning message appears and says it is a harmful file

Hi,

Download DDS and save it to your desktop (rename it to buddy.scr while saving) from here (http://www.techsupportforum.com/sectools/sUBs/dds) or here (http://download.bleepingcomputer.com/sUBs/dds.scr) or here (http://www.forospyware.com/sUBs/dds).
Disable any script blocker, and then double click buddy.scr to run the tool.
When done, DDS will open two (2) logs:
DDS.txt
Attach.txt

Save both reports to your desktop. Post them back to your topic.


Download GMER (http://www.gmer.net) here by clicking download exe -button and then saving it your desktop:
Double-click .exe that you downloaded
Click rootkit-tab and then scan.
Don't check
Show All
box while scanning in progress!
When scanning is ready, click Copy.
This copies log to clipboard
Post log in your reply.

i downloaded and saved as you said but when I try to run the program it does the same thing as the other apps including spybot.It gives the hour glass for about a second and flashes across the bottom file infected please start your antivirus

i got it fixed. i found the file in documents and settings\all users\application data.Located the file named with all numbers. Then opened it to see if it were it. It had the security shield icon in the file.I tried deleting it and it wouldnt allow me to because it was in use. I restarted and hit F8 during bootup and started in safe mode.I then went back to the file and was able to delete it.Empty recycle bin and it allowed me to run spybot from safe mode.Fixed everything it found.Rebooted in normal mode and its gone!!:thanks:

Hi,

Could you still post those logs I requested for, please? We do want to make sure there're no remnants left, don't we? :)

buddy1

This topic has been closed due to inactivity.

As it has been five days or more since your last post, and your helper posted a response to which you did not reply, this topic has been archived and will not be reopened. If you still require help, please start a new topic and include a fresh HijackThis log and a link to this thread.

Applies only to the original poster, anyone else with similar problems please start a new topic.