Clicking on dds.scr - "access denied"

I am trying as hard as I can to get through the Preparation Guide to post my computer problem with the required steps. (Misdirected links and searches and tabs opening to ads).
I am on step 7.
When I double click the downloaded dds.scr file I get "access denied".
There is a one sentence line in the instructions that states: "Disable any script-blocking programs". I have no idea what this means and after hours and hours of googling I'm no closer to an understanding. Yeah, I'm stupid, but it seems to me that if you're bright enough with computers to follow these guide instructions you'd have no problem fixing malware and viruses.

How do I get past "access denied"?
What in the world is "script blocking" and how do I stop it?
Is that even my problem?
I have disabled my AVG program because I though that might be "script blocking" opening myself up to more internet malware. No effect.
Does Windows have "script" blocking?
I'm so far away from my real problem it isn't funny.
Can anyone help me with "access denied"?
Robert

A script is a text document written in a scripting language that contain coded instructions (list of commands) which are executed by certain program without user interaction. While this can be useful for programming language like Visual Basic Script and JavaScript, it can also be a security risk since some types of malware execute scripts and cause infection. Script Blocking is a security protection technology designed to stop the spread of viruses by preventing malevolent or suspicious scripts from running on a computer to minimize the possibility of infection.

If you cannot disable script blocking or get DDS to run, try this instead.

Please download RSIT by random/random from the link provided for your operating system and save it to your desktop.
Link 1 for 32-bit version
Link 2 for 32-bit version

Link 1 for 64-bit version
Link 2 for 64-bit versionThis tool needs to run while the computer is connected to the Internet so it can download HijackThis if it is not located on your system. If you get a warning from your firewall or other security programs regarding RSIT attempting to contact the Internet, please allow the connection.

• Close all applications and windows so that you have nothing open and are at your Desktop.
• Double-click on RSIT.exe to start the program.
  If using Windows Vista, be sure to Run As Administrator.
• Read the disclaimer and click Continue.
• When the scan is complete, a text file named log.txt will automatically open in Notepad.
• Another text file named info.txt will open minimized.
• Save the log files to your desktop and copy/paste the contents of log.txt by highlighting everything and pressing Ctrl+C.
• After highlighting, right-click, choose Copy and then paste the contents into a new topic in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here.
• Copies of both log files are automatically saved in the C:\RSIT folder which the tool creates during the scan.

Important: Be sure to mention that you tried to follow the Prep Guide but were unable to get DDS to run. If RSIT did not work, then reply back here.

Quietman7, thank you for your kind reply.
But OMG I surrender.
I am totally defeated.
I do not know enough about computers for all this.
And this isn't even addressing my problem - I've been working on the proper way to simply present my problem and I can't do that. It's too much, I just want to use the internet and read my email - it shouldn't be this hard to just ask for help. It's like your car mechanic asking you to run all sorts of diagnostics and disable your engine to even begin to talk about why it idles rough.
I've decided to reformat my hard drive and reinstall everything.
I surrender.
Thanks all for your time.
Robert

I understand. Sometimes a reformat or a factory restore is the best solution. Starting over by wiping your drive, reformatting, and performing a clean install of the OS removes everything and is the safest action. Doing that ensures no remnants of malicious files are left behind.

If you're not sure how to reformat or need help with reformatting, please review:

• How to partition and format a hard disk in Windows XP
• Prepping for a Clean Install Windows XP

These links include specific step-by-step instructions with screenshots:

• XP Clean Install Interactive Setup
• Reformat and Install of Windows

Vista users can refer to these instructions:

• Windows Vista Clean Install
• How to Do a Clean Install and Setup with a Full Version of Vista
• How to Do a Clean Install with a Upgrade Version of Vista

Windows 7 users can refer to these instructions:

• How to Do a Clean Installation with Windows 7
• Windows 7 Clean Install Screens

Don't forget you will have to go to Microsoft Update and apply all Windows security patches after reformatting.

Note: If you're using an IBM, Sony, HP, Compaq, Toshiba, Gateway or Dell machine, you may not have an original CD Disk. By policy Microsoft no longer allows OEM manufactures to include the original Windows XP CD-ROM on computers sold with Windows preinstalled. Instead, most computers manufactured and sold by OEM vendors come with a vendor-specific Recovery Disk or Recovery Partition for performing a clean "factory restore" that will reformat your hard drive, remove all data and restore the computer to the state it was in when you first purchased it. Also be sure to read Technology Advisory Recovery Media. If the recovery partition has become infected, you will need to contact the manufacturer, explain what happened and ask them to send full recovery disks to use instead..

If you have made a disk image with an imaging tool (i.e. Acronis True Image, Drive Image, Ghost, Macrium Reflect, etc.) before your system was infected, then using it is another option. Disk Imaging allows you to take a complete snapshot (image) of your hard disk which can be used for system recovery in case of a hard disk disaster or malware resistent to disinfection. The image is an exact, byte-by-byte copy of an entire hard drive (partition or logical disk) which can be used to restore your system at a later time to the exact same state the system was when you imaged the disk or partition. Essentially, it will restore the computer to the state it was in when the image was made. You will then have to reinstall all programs that you added afterwards. This includes all security updates and patches from Microsoft.

Reformatting a hard disk deletes all data. If you are reformatting or doing a factory restore due to malware infection, you can back up all your important documents, personal data files, photos to a CD or DVD drive, not a flash drive or external hard drive as they may become compromised in the process. The safest practice is not to backup any executable files (*.exe), screensavers (*.scr), dynamic link library (*.dll), autorun (.ini) or script files (.php, .asp, .htm, .html, .xml) files because they may be infected by malware. Avoid backing up compressed files (.zip, .cab, .rar) that have executables inside them as some types of malware can penetrate compressed files and infect the .exe files within them. Other types of malware may even disguise itself by hiding a file extension or adding to the existing extension as shown here (click Figure 1 to enlarge) so be sure you look closely at the full file name. If you cannot see the file extension, you may need to reconfigure Windows to show file name extensions. Then make sure you scan the backed up data with your anti-virus prior to to copying it back to your hard drive.

If your CD/DVD drive is unusable, another word of caution if you are considering backing up to an external usb hard drive as your only alternative. External drives are more susceptible to infection and can become compromised in the process of backing up data. I'm not saying you should not try using such devices but I want to make you aware of all your options and associated risks so you can make an informed decision if its worth that risk.

• How and Where to backup your files in XP or Vista
• How to Backup and Restore in Windows 7
• How to use Ubuntu Live CD to Backup Files from your dead Windows Computer

Again, do not back up any files with the following file extensions: exe, .scr, .dll, .ini, .htm, .html, .php, .asp, .xml, .zip, .rar, .cab as they may be infected.

If you need additional assistance with reformatting or partitioning, you can start a new topic in the appropriate Windows Operating System Subforum.

Edited by quietman7, 26 October 2010 - 12:58 PM.

Quietman7, thank you again for all the info.
Actually I had a cloned copy of my hard drive I did using Maxblast 4 months ago.
When this "Antimaleware Doctor" first hit me and I couldn't remove it I tried to simply swap it out. But it wouldn't boot up, giving me just a blinking curser line.
That's when I spent some time here trying to get help to fix it. It was way too much for me - downloading, installing and figuring out so many programs to just diagnose my problem.
Malewarebytes, rkill.com, gmer logs, disabling script writing, RSIT.exe, dds.scr and so many others.
It became easier to figure out why my cloned hard drive wouldn't boot.
In case anyone else has this problem:
The solution was booting to the original Windows install disk and going to repair console and typing fixmbr and fixboot.
I'll clone more than every 4 months now.
Again, thank you.
Robert

You're welcome.

Sounds like among other things you had an infected Master Boot Record (MBR) and using the Repair Console fixed it. To learn more about this infection please refer to:

• What is Whistler Bootkit
• Bootkit: Example of infected master boot record
• MBR Rootkit, A New Breed of Malware

Tips to protect yourself against malware and reduce the potential for re-infection:

• Keep Windows and Internet Explorer current with all critical updates from Microsoft which will patch many of the security holes through which attackers can gain access to your computer. If you're not sure how to do this, see Microsoft Update helps keep your computer current.

• Avoid gaming sites, porn sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs (i.e. Limewire, eMule, uTorrent). They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Malicious worms, backdoor Trojans IRCBots, and rootkits spread across P2P file sharing networks, gaming, porn and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans, and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. Porn sites can lead to the Trojan.Mebroot MBR rootkit and other dangerous malware. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

• P2P Software User Advisories
• Risks of File-Sharing Technology

• Beware of Rogue Security software as they are one of the most common sources of malware infection. They infect machines by using social engineering and scams to trick a user into spending money to buy a an application which claims to remove malware. For more specific information on how these types of rogue programs install themselves and spread infections, read How Malware Spreads - How did I get infected.

• Keeping Autorun enabled on USB (pen, thumb, jump) and other removable drives has become a significant security risk as they are one of the most common infection vectors for malware which can transfer the infection to your computer. To learn more about this risk, please read:

• When is AUTORUN.INF really an AUTORUN.INF?
• Nick Brown's blog: Memory stick worms
• USB-Based Malware Attacks
• Danger USB! Worm targets removable memory sticks

Many security experts recommend you disable Autorun as a method of prevention. Microsoft recommends doing the same.

...Disabling Autorun functionality can help protect customers from attack vectors that involve the execution of arbitrary code by Autorun when inserting a CD-ROM device, USB device, network shares, or other media containing a file system with an Autorun.inf file...

Microsoft Security Advisory (967940): Update for Windows Autorun
How to Maximize the Malware Protection of Your Removable Drives

• Change all passwords: Anytime you encounter a malware infection on your computer, especially if that computer was used for online banking, has credit card information or other sensitive data on it, all passwords should be changed immediately to include those used for banking, email, eBay, paypal and any online activities which require a username and password. You should consider them to be compromised and change passwords as a precaution in case an attacker was able to steal your information when the computer was infected. If using a router, you need to reset it with a strong logon/password so the malware cannot gain control before connecting again.

• Security Resources from Microsoft:

• Threats and Countermeasures: Security Settings in Windows Server 2003 and Windows XP
• Threats and Countermeasures: Security Settings in Windows Server 2008 and Windows Vista
• Microsoft Solutions for Security: The Antivirus Defense-in-Depth Guide

• Other Security Resources:

• Simple and easy ways to keep your computer safe and secure on the Internet
• Malware Prevention - Preventing Re-infection
• Hardening Windows Security - Part 1 & Part 2
• How to Stop 11 Hidden Security Threats
• Your Guide To Staying Safe Online

• Browser Security Resources:

• Configuring Internet Explorer for Practical Security and Privacy
• How to Secure Your Web Browser
• Safe Web practices - How to remain safe on the Internet
• Use Task Manager to close pop-up messages to safely exit malware attacks

• Finally, if you need to replace your anti-virus, firewall or need a reliable anti-malware scanner please refer to:

• Bleeping Computer's Freeware Replacements For Common Commercial Apps
• Bleeping Computer's List of Virus & Malware Resources