I got malware or a virus. My wallpaper changed to say that I have a critical warning. The exact desktop message reads: "YOUR SYSTEM IS INFECTED! System has been stopped due to a serious malfunction. Spyware activity has been detected. It is recommended to use spyware removal tool to prevent data loss. Do not use the computer before all spyware removed." I managed to get rid of the desktop message (using AntiVir until the scan stopped for no apparent reason. The scan did not complete and I can't get it to scan again.) Under Desktop, the "critical_warning" file still appears in the list. The current wallpaper is the blue screen without the message written out above and I can't change it because this Desktop/Background page is locked up. My homepage was changed (to google, oddly). I cannot access system restore, nor can I use Malewarebytes or other antivirus programs because I get a message that reads: "Windows cannot access the specified file. You may not have permissions to access the item." I have AntiVir PE Classic, which also won't fully run (it starts scanning, then stops). Fortunately, I have a desktop so that I can post here and try to resolve the problem. Would someone please walk me through fixing this problem? Thank you very much! Someone asked me to run the following report: ROOTREPEAL © AD, 2007-2009 ================================================== Scan Start Time: 2009/08/27 14:44 Program Version: Version 1.3.5.0 Windows Version: Windows XP SP3 ================================================== Drivers ------------------- Name: dump_atapi.sys Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys Address: 0xA9B08000 Size: 98304 File Visible: No Signed: - Status: - Name: dump_WMILIB.SYS Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS Address: 0xF7B46000 Size: 8192 File Visible: No Signed: - Status: - Name: hiber_WMILIB.SYS Image Path: C:\WINDOWS\System32\Drivers\hiber_WMILIB.SYS Address: 0xF7BC4000 Size: 8192 File Visible: No Signed: - Status: - Name: rootrepeal.sys Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys Address: 0xA8406000 Size: 49152 File Visible: No Signed: - Status: - Name: win32k.sys:1 Image Path: C:\WINDOWS\win32k.sys:1 Address: 0xF78B6000 Size: 20480 File Visible: No Signed: - Status: - Name: win32k.sys:2 Image Path: C:\WINDOWS\win32k.sys:2 Address: 0xA9CCF000 Size: 61440 File Visible: No Signed: - Status: - Processes ------------------- Path: C:\WINDOWS\system32\braviax.exe PID: 3920 Status: Hidden from the Windows API! SSDT ------------------- #: 053 Function Name: NtCreateThread Status: Hooked by "<unknown>" at address 0xf7d17ebc #: 122 Function Name: NtOpenProcess Status: Hooked by "<unknown>" at address 0xf7d17ea8 #: 128 Function Name: NtOpenThread Status: Hooked by "<unknown>" at address 0xf7d17ead #: 173 Function Name: NtQuerySystemInformation Status: Hooked by "C:\WINDOWS\System32\Drivers\Beep.SYS" at address 0xf78201a0 #: 257 Function Name: NtTerminateProcess Status: Hooked by "<unknown>" at address 0xf7d17eb7 #: 277 Function Name: NtWriteVirtualMemory Status: Hooked by "<unknown>" at address 0xf7d17eb2 ==EOF== She then told me I had Max++. I tried to run a DDS log, but nothing happened when I did. So I guess I will not be able to produce a log. Can someone please help me?

Try running Trojan Remover, it is fully functional for 30 days http://www.simplysup.com/tremover/d... That will help in clearing up some of the infections. If you have a rootkit problem, you can try unhackme, free and works great http://www.greatis.com/unhackme/dow... Some HELP in posting on Computing.net plus free progs and instructions Cheers