Hi all

We have a problem on one of the computers at work, the malicious program “Windows System Defender” has found its way onto on of the computers.

I’ve tried using, Spy-bot, Ad-aware, Malwarebytes, AVG, HijackThis but everything just shuts down once it starts scanning.

The task manager won’t open, I have disabled the process for Windows System Defender, going through the msconfig command. I’ve also tried booting up in safe mode but it wont do that either.

What steps shall I take next?

7 Years
Discussion Span
Last Post by crunchie

Download DDS from the following location:

DDS Tool

Save dds.scr to the desktop

Disable any script-blocking programs and then double-click on the DDS.scr icon to start the program. If you did not disable a script-blocker that may be part of your antimalware program, you may receive a warning from your antimalware product asking if you would like DDS.scr to run. Please allow it to do so.

Once you double-click the icon a Windows security warning may also appear asking if you are sure you would like to run the program. Click on the Run button to start DDS. If no warning appeared, then you should just continue.

DDS will now display a small black window providing information as to what DDS is doing on your computer.

DDS will now start scanning your computer and compiling a variety of information about what programs are starting on your computer, what files have been recently created, and the general configuration of your computer. When DDS has finished scanning, all of this information will be compiled and be displayed in two Notepad windows named dds.txt and attach.txt.

You will then be shown a small box giving instructions as to what you should do with these files. Feel free to close this message box by pressing the OK button.

We now need to save the two log files that were created. First click on the DDS.txt window and click on the File menu and then select Save As... menu option.

Save DDS.txt to the desktop. Now click on the Attach.txt Notepad window and save that to the desktop also.

Copy the contents of the DDS.txt log and paste it into your reply here.
Attach the attach.txt log with your reply using Reply to Thread button, then the Manage Attachments button.


Hi again

Many thanks for the quick reply. I've tried running this program on the infected computer. As soon as the black windows opens it closes again, this program has closed the network connection now.

Is there something I need to disable for programs to run?




If you have an AV with script blocking features, or a script blocking program, you will need to disable it.
If it still will not run, download HijackThis Executable from here. Save it to your desktop.
Start HJT & press the "Do a system scan and save a log file" button. When the scan is finished a window will pop up giving you the option of where to save it. Save it to desktop where it is easy to access. Open the log file and then go to the format Tab and make sure that wordwrap is unchecked. Copy the entire contents of the file & paste it into the body of your post. DO NOT FIX ANYTHING YET. Most of what is there is necessary for the running of your system.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.