Hey guys. My cousin got on my moms computer and got some nasty spyware on here. He got antivermon, and cmdservice, and a few more i think. I got the antivermin off, and the cmd service stopped popping up. I still get popups though. I ran the online scanner, and tried to go into safemode to run spybot like the sticky says to. but now my pc will not log into safe mode. all of the drivers load, then i put in my password, and it says intializing settings. but it just goes to a black screen and sets there and doesn't do anything. it says safemode in all four corners, but it never loads. is there anything i can do without getting into safe mode? any help will be greatly appreciated. here is the log from the online scanner.

1.dllb Win32/Dewnuttin.A deleted C:\Documents and Settings\LocalService\Local Settings\Temp\
2.dllb Win32/Tibs!generic deleted C:\Documents and Settings\LocalService\Local Settings\Temp\
5.dllb Win32/Vxidl!generic deleted C:\Documents and Settings\LocalService\Local Settings\Temp\
6.dllb Win32/Tibs!generic deleted C:\Documents and Settings\LocalService\Local Settings\Temp\
7.dllb Win32/Tibs!generic deleted C:\Documents and Settings\LocalService\Local Settings\Temp\
KtkKMmrhf Win32/Oneraw!generic deleted C:\Documents and Settings\LocalService\Local Settings\Temp\
v3x1.g22me Win32/Hsow.AP deleted C:\Documents and Settings\LocalService\Local Settings\Temp\
v4x3.ga2me Win32/Dewnuttin.A deleted C:\Documents and Settings\LocalService\Local Settings\Temp\
v4x6.gam5e Win32/Tibs!generic deleted C:\Documents and Settings\LocalService\Local Settings\Temp\
v5x2.g3ame Win32/Dewnuttin.A deleted C:\Documents and Settings\LocalService\Local Settings\Temp\
v5x4.ga2me Win32/SillyDl.BAR deleted C:\Documents and Settings\LocalService\Local Settings\Temp\
v6xt4.game Win32/Tibs!generic deleted C:\Documents and Settings\LocalService\Local Settings\Temp\
lekkhh[1].txt Win32/Anserin!generic deleted C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\FTTZEJES\
equrfle[1].htm Win32/Filitop.A deleted C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\HR0REQ9J\
al3[1].txt Win32/SillyDl.ASR deleted C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\YJODDAQJ\
lyqabje[1].htm Win32/Vxidl!generic deleted C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\YJODDAQJ\
msmail[1].exe Win32/Bamted!generic deleted C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\YJODDAQJ\
runfile[1].exe Win32/Donise.D deleted C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\YJODDAQJ\
1.dllb Win32/Dewnuttin.A deleted C:\Documents and Settings\NetworkService\Local Settings\Temp\
5.dllb Win32/Vxidl!generic deleted C:\Documents and Settings\NetworkService\Local Settings\Temp\
6.dllb Win32/Tibs!generic deleted C:\Documents and Settings\NetworkService\Local Settings\Temp\
7.dllb Win32/Tibs!generic deleted C:\Documents and Settings\NetworkService\Local Settings\Temp\
79B.tmp Win32/Bamted!generic deleted C:\Documents and Settings\NetworkService\Local Settings\Temp\
stdrun26.exe Win32/Tibs!generic deleted C:\Documents and Settings\NetworkService\Local Settings\Temp\
stdrun28.exe Win32/Tibs!generic deleted C:\Documents and Settings\NetworkService\Local Settings\Temp\
al3[1].txt Win32/SillyDl.ASR deleted C:\Documents and Settings\NetworkService\Local Settings\Temp\Temporary Internet Files\Content.IE5\EV4VGBKL\
msmail[1].exe Win32/Bamted!generic deleted C:\Documents and Settings\NetworkService\Local Settings\Temp\Temporary Internet Files\Content.IE5\EV4VGBKL\
equrfle[1].htm Win32/Filitop.A deleted C:\Documents and Settings\NetworkService\Local Settings\Temp\Temporary Internet Files\Content.IE5\G52N0DIN\
lyqabje[2].htm Win32/Vxidl!generic deleted C:\Documents and Settings\NetworkService\Local Settings\Temp\Temporary Internet Files\Content.IE5\OR00WBKA\
zgame1[1].exe Win32/Hsow.AP deleted C:\Documents and Settings\NetworkService\Local Settings\Temp\Temporary Internet Files\Content.IE5\OR00WBKA\
lekkhh[1].txt Win32/Anserin!generic deleted C:\Documents and Settings\NetworkService\Local Settings\Temp\Temporary Internet Files\Content.IE5\S3X9IU6N\
v3x1.g22me Win32/Hsow.AP deleted C:\Documents and Settings\NetworkService\Local Settings\Temp\
v4x3.ga2me Win32/Dewnuttin.A deleted C:\Documents and Settings\NetworkService\Local Settings\Temp\
v4x6.gam5e Win32/Tibs!generic deleted C:\Documents and Settings\NetworkService\Local Settings\Temp\
v5x2.g3ame Win32/Dewnuttin.A deleted C:\Documents and Settings\NetworkService\Local Settings\Temp\
v5x4.ga2me Win32/SillyDl.BAR deleted C:\Documents and Settings\NetworkService\Local Settings\Temp\
v6xt4.game Win32/Tibs!generic deleted C:\Documents and Settings\NetworkService\Local Settings\Temp\
lyqabje[1].htm Win32/Vxidl!generic deleted C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\BB30NJLR\
uninstall[1].0&lang=0409&modid=87&rnd=6784 Win32/Givoree.C deleted C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\FORZLDQB\
al3[1].txt Win32/SillyDl.ASR deleted C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\GJKBCUIM\
lekkhh[1].txt Win32/Anserin!generic deleted C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\GJKBCUIM\
lw[1].ext Win32/Givoree.A deleted C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\GJKBCUIM\
equrfle[1].htm Win32/Filitop.A deleted C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\YR9G74BR\
nem220[1].dll Win32/Dyfuca.D deleted C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\YR9G74BR\
eRT.jar-59afe7f7-1f06ec2f.zip>HiPointInstallShieldRT.class Java/Shinwow.BH cannot cure C:\Documents and Settings\valeda\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\
nRT.jar-5e7eb989-21b62d9b.zip>HiPointInstallShieldRT.class Java/Shinwow.BH cannot cure C:\Documents and Settings\valeda\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\
uninstall[1].0&lang=0409&modid=&rnd=6784 Win32/Givoree.C cannot cure C:\Documents and Settings\valeda\Local Settings\Temporary Internet Files\Content.IE5\09UZ812J\
hufo.exe Win32/Anserin!generic cannot cure C:\
nevtvsj.exe Win32/Filitop.A cannot cure C:\
nwnaqr.exe Win32/Vxidl!generic cannot cure C:\
pdxq.exe Win32/Vxidl!generic cannot cure C:\
lw.ext Win32/Givoree.A cannot cure C:\Program Files\BHO Plugin\
uninstall.exe Win32/Givoree.C cannot cure C:\Program Files\BHO Plugin\
ibm00001.dll Win32/Anserin!generic cannot cure C:\Program Files\Common Files\Microsoft Shared\Web Folders\
ibm00002.dll Win32/Anserin!generic cannot cure C:\Program Files\Common Files\Microsoft Shared\Web Folders\
zqmfl.exe Win32/SillyDl.NM cannot cure C:\Program Files\Common Files\zqmf\
mevopu.dll Win32/Zquest.D cannot cure C:\Program Files\Messenger\
qket.exe Win32/Filitop.A cannot cure C:\
9129837.exe Win32/Ursnif!generic cannot cure C:\WINDOWS\
comdlj32.dl0 Win32/Clodpuntor.I cannot cure C:\WINDOWS\
comdlj32.dll_tobedeleted Win32/Clodpuntor.I cannot cure C:\WINDOWS\
dlh9jkd1q2.exe Win32/Tibs!generic cannot cure C:\WINDOWS\system32\
dlh9jkd1q6.exe Win32/Tibs!generic cannot cure C:\WINDOWS\system32\
dlh9jkd1q7.exe Win32/Tibs!generic cannot cure C:\WINDOWS\system32\
kernels88.exe Win32/Tibs!generic cannot cure C:\WINDOWS\system32\
ldcore.dll Win32/Filitop cannot cure C:\WINDOWS\system32\
msasvc.exe Win32/Anserin!generic cannot cure C:\WINDOWS\system32\
vxg4am1et2.exe Win32/Tibs!generic cannot cure C:\WINDOWS\system32\
vxga4me1.exe Win32/Hsow.AP cannot cure C:\WINDOWS\system32\
1.dllb Win32/Dewnuttin.A cannot cure C:\WINDOWS\Temp\
2.dllb Win32/Tibs!generic cannot cure C:\WINDOWS\Temp\
5.dllb Win32/Vxidl!generic cannot cure C:\WINDOWS\Temp\
6.dllb Win32/Tibs!generic cannot cure C:\WINDOWS\Temp\
7.dllb Win32/Tibs!generic cannot cure C:\WINDOWS\Temp\
i747.tmp Win32/SillyDl.BAS cannot cure C:\WINDOWS\Temp\
ibm00001.dll Win32/Anserin!generic cannot cure C:\WINDOWS\Temp\
ibm00002.dll Win32/Anserin!generic cannot cure C:\WINDOWS\Temp\
NnqNLmdhh Win32/Oneraw!generic cannot cure C:\WINDOWS\Temp\
stdrun14.exe Win32/Tibs!generic cannot cure C:\WINDOWS\Temp\
v3x1.g22me Win32/Hsow.AP cannot cure C:\WINDOWS\Temp\
v4x3.ga2me Win32/Dewnuttin.A cannot cure C:\WINDOWS\Temp\
v4x6.gam5e Win32/Tibs!generic cannot cure C:\WINDOWS\Temp\
v5x2.g3ame Win32/Dewnuttin.A cannot cure C:\WINDOWS\Temp\
v5x4.ga2me Win32/SillyDl.BAR cannot cure C:\WINDOWS\Temp\
v6xt4.game Win32/Tibs!generic cannot cure C:\WINDOWS\Temp\
vx1t1.game Win32/Vxidl!generic cannot cure C:\WINDOWS\Temp\
vx1t3.game Win32/Vxidl!generic cannot cure C:\WINDOWS\Temp\
vx3t2.game Win32/Tibs!generic cannot cure C:\WINDOWS\Temp\

HI cdixon1 and welcome to the forums :)

Nice collection of infections....

One or more of the identified infections is a backdoor trojan :sick:

This allows hackers to remotely control your computer, steal critical system information and Download and Execute files

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the Trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of Trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud? (http://www.dslreports.com/faq/10451)
When Should I Format, How Should I Reinstall (http://www.dslreports.com/faq/10063)

I can help you in the cleaning if you don't want to reformat but I can't promise that we'll get you 100% clean.

Please let us know what you have decided to do in your next post:bigthumb:

This topic has been closed to prevent others with similar issues posting in it.
If you need it re-opened please send me or your helper a private message (pm) and provide a link to the thread.

Applies only to the original topic starter.