I can not post the "hijack this" log as my computer shuts down everytime I perform a system scan and file log. Any suggestions? Below is the Kaspersky log:

Scan Statistics
Total number of scanned objects 50447
Number of viruses found 47
Number of infected objects 122
Number of suspicious objects 4
Duration of the scan process 01:54:07

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d953eda3e26304d35e06e3f99844845b_29ab981d-d4a1-475b-a871-b2d05db5d504 Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumonde1.zip/winC0.tmp.exe Suspicious: Password-protected-EXE skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumonde1.zip ZIP: suspicious - 1 skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Yazzle2.zip/Yazzle1162OinUninstaller.exe Suspicious: Password-protected-EXE skipped

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Yazzle2.zip ZIP: suspicious - 1 skipped

C:\Documents and Settings\Guest\Local Settings\Temp\powerhost.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped

C:\Documents and Settings\Guest\Local Settings\Temp\synhost.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped

C:\Documents and Settings\user\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\user\Desktop\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\Documents and Settings\user\Desktop\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\Documents and Settings\user\Desktop\SmitfraudFix.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\Documents and Settings\user\Desktop\SmitfraudFix.exe RarSFX: infected - 2 skipped

C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\user\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\user\Local Settings\History\History.IE5\MSHist012007110920071110\index.dat Object is locked skipped

C:\Documents and Settings\user\Local Settings\Temp\!update.exe Infected: Trojan-Downloader.Win32.PurityScan.dx skipped

C:\Documents and Settings\user\Local Settings\Temp\NI.UGA6P_0001_N122M2210\setup.exe Infected: not-a-virus:FraudTool.Win32.BestSeller.a skipped

C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\KLAZ01A7\!update-4395[1].0000 Infected: Trojan-Downloader.Win32.PurityScan.dx skipped

C:\Documents and Settings\user\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\user\ntuser.dat.LOG Object is locked skipped

C:\Program Files\3269.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped

C:\Program Files\AskSBar\bar\1.bin\A2PLUGIN.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bn skipped

C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bn skipped

C:\Program Files\AskSBar\bar\1.bin\NPASKSBR.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bn skipped

C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bn skipped

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe Infected: Trojan.Win32.Agent.bxj skipped

C:\Program Files\Common Files\SpyGuardPro\ugcw.exe Infected: not-a-virus:FraudTool.Win32.BestSeller.a skipped

C:\Program Files\E404 Helper\e404.v1.dll Infected: not-a-virus:AdWare.Win32.BHO.je skipped

C:\Program Files\ltmoh\Ltmoh.exe Infected: Trojan.Win32.Agent.bxj skipped

C:\Program Files\Online Services\profsywuywuev.html Infected: Trojan-Clicker.HTML.IFrame.dn skipped

C:\Program Files\QuickTime\bak\qttask.exe Infected: Trojan.Win32.Agent.bxj skipped

C:\Program Files\SightSpeed\SightSpeed.exe Infected: Trojan.Win32.Agent.bxj skipped

C:\Program Files\SpyGuardPro\FMTR.sys Infected: not-a-virus:FraudTool.Win32.BestSeller.a skipped

C:\Program Files\SpyGuardPro\fopnl.dll Infected: not-a-virus:FraudTool.Win32.BestSeller.a skipped

C:\Program Files\SpyGuardPro\scnkrnl.dll Infected: not-a-virus:FraudTool.Win32.BestSeller.a skipped

C:\Program Files\Toshiba\TOSCDSPD\toscdspd.exe Infected: Trojan.Win32.Agent.bxj skipped

C:\Program Files\Toshiba\TOSHIBA Applet\thotkey.exe Infected: Trojan.Win32.Agent.bxj skipped

C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe Infected: Trojan.Win32.Agent.bxj skipped

C:\Program Files\Toshiba\Touch and Launch\PadExe.exe Infected: Trojan.Win32.Agent.bxj skipped

C:\Program Files\ucleaner_setup.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.s skipped

C:\Program Files\WindowsUpdate\hokepoc4444.dll Infected: not-a-virus:AdWare.Win32.TTC.a skipped

C:\Program Files\WindowsUpdate\hokepoc83122.dll Infected: not-a-virus:AdWare.Win32.TTC.a skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP128\A0037540.DLL Infected: not-a-virus:AdWare.Win32.FunWeb.e skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP128\A0037543.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped

C:\WINDOWS\$NtUninstallKB828012$\ntkrnlmp.exe Object is locked skipped
C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP128\A0037544.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.as skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP128\A0037545.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.at skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP128\A0037547.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP128\A0037548.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP128\A0037549.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP128\A0037550.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.af skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP128\A0037551.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP128\A0037552.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP128\A0037553.SCR Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP128\A0037554.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP128\A0037555.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP128\A0037556.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch.a skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP128\A0037562.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ax skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP128\A0037564.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP128\A0037566.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP128\A0037567.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.as skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP128\A0037568.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ad skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP128\A0037570.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP128\A0037571.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP131\A0039571.exe/stream/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions.bj skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP131\A0039571.exe/stream Infected: not-a-virus:AdWare.Win32.180Solutions.bj skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP131\A0039571.exe NSIS: infected - 2 skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP136\A0044678.exe Infected: Trojan-Downloader.Win32.Agent.emo skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP138\A0045711.exe Infected: Trojan.Win32.Agent.bxj skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP139\A0045850.exe Infected: Trojan.Win32.Agent.bxj skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP139\A0045854.exe Infected: Trojan.Win32.Agent.bxj skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP139\A0045906.exe Infected: Trojan.Win32.Agent.bxj skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP139\A0048697.exe Infected: Trojan-Downloader.Win32.VB.bqc skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP139\A0048698.exe Infected: Trojan-Downloader.Win32.Agent.emo skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP139\A0049683.exe Infected: Trojan-Downloader.Win32.Agent.emo skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP139\A0049685.exe Infected: Trojan-Downloader.Win32.VB.bqc skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP139\A0049686.exe Infected: Trojan-Downloader.Win32.VB.bqc skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP139\A0049687.exe Infected: Trojan-Dropper.Win32.VB.tg skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP139\A0049688.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP139\A0049689.exe Infected: Trojan-Downloader.Win32.Tiny.zj skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP139\A0049695.EXE Infected: Trojan.Win32.Agent.bxj skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP139\A0050694.exe Infected: not-virus:Hoax.Win32.Renos.hx skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP139\A0050721.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP139\A0050733.exe Infected: Trojan-Downloader.Win32.Obfuscated.n skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP139\A0050775.dll Infected: not-a-virus:FraudTool.Win32.UltimateDefender.r skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP139\A0050778.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.r skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP139\A0050788.sys Infected: Rootkit.Win32.Agent.mb skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP139\A0051819.scr Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP139\A0051820.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP139\A0051821.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP139\A0051822.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP140\A0052800.dll Infected: Trojan-Downloader.Win32.Small.gkh skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP140\A0052804.dll Infected: not-a-virus:AdWare.Win32.SecToolBar.h skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP140\A0052805.dll Infected: not-a-virus:AdWare.Win32.SecToolBar.h skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP140\A0053791.dll Infected: Trojan-Downloader.Win32.Small.gkh skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP140\A0053792.dll Infected: not-a-virus:AdWare.Win32.SecToolBar.h skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP140\A0053820.dll Infected: Trojan.Win32.BHO.rf skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP146\A0055137.exe Infected: Trojan.Win32.Agent.bxj skipped

C:\System Volume Information\_restore{28192166-DCD0-4901-AD1A-CB57DD193595}\RP176\change.log Object is locked skipped

C:\Toshiba\IVP\ISM\ivpsvmgr.exe Infected: Trojan.Win32.Agent.bxj skipped

C:\Toshiba\IVP\ISM\pinger.exe Infected: Trojan.Win32.Agent.bxj skipped

C:\WINDOWS\$NtUninstallKB826939$\ntdll.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\ole32.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\osk.exe Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\pchshell.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\raspptp.sys Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\rpcrt4.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\rpcss.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\shell32.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\shmedia.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\srrstr.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\srv.sys Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\winsrv.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826939$\zipfldr.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826942$\dhcpcsvc.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826942$\ndis.sys Object is locked skipped

C:\WINDOWS\$NtUninstallKB826942$\ndisuio.sys Object is locked skipped

C:\WINDOWS\$NtUninstallKB826942$\netshell.dll Object is locked skipped

C:\WINDOWS\$NtUninstallKB826942$\wzcdlg.dll Object is locked skipped

C:\WINDOWS\b122.exe Infected: Trojan-Downloader.Win32.Agent.erf skipped

C:\WINDOWS\b138.exe Infected: Trojan-Downloader.Win32.Agent.cbx skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\mrofinu1000106.exe Infected: Trojan-Downloader.Win32.Agent.emo skipped

C:\WINDOWS\mrofinu572.exe.tmp Infected: Trojan-Downloader.Win32.Agent.emo skipped

C:\WINDOWS\mrofinu77.exe Infected: Trojan-Downloader.Win32.Agent.emo skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system\AlxRes071106.exe Infected: Trojan-Spy.Win32.Pophot.vv skipped

C:\WINDOWS\system32\aivskurq.dll Infected: Trojan-Downloader.Win32.VB.bpt skipped

C:\WINDOWS\system32\bvgevqai\bvgevqai2.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.v skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\drivers\FMTR.sys Infected: not-a-virus:FraudTool.Win32.BestSeller.a skipped

C:\WINDOWS\system32\g2\caws83122.exe/data0002 Infected: not-a-virus:AdWare.Win32.TTC.a skipped

C:\WINDOWS\system32\g2\caws83122.exe NSIS: infected - 1 skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\ihjhosca.exe Infected: Trojan.Win32.Agent.bck skipped

C:\WINDOWS\system32\inf\scrsys071106.scr Infected: Trojan-Spy.Win32.Pophot.vv skipped

C:\WINDOWS\system32\inf\scrsys16_071106.dll Infected: Trojan-Spy.Win32.Pophot.vv skipped

C:\WINDOWS\system32\r2\wr31drs.exe Infected: Trojan-Downloader.Win32.Small.gll skipped

C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\SynTPEnh.exe Infected: Trojan.Win32.Agent.bxj skipped

C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\SynTPLpr.exe Infected: Trojan.Win32.Agent.bxj skipped

C:\WINDOWS\system32\vtlmyaoc.exe Infected: Trojan.Win32.Agent.bck skipped

C:\WINDOWS\system32\vvgeowbv.exe Infected: not-virus:Hoax.Win32.Renos.kj skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\winsys16_071106.dll Infected: Trojan-Spy.Win32.Pophot.vv skipped

C:\WINDOWS\system32\winsys32_071106.dll Infected: Trojan-Spy.Win32.Pophot.vv skipped

C:\WINDOWS\system32\yiexodsu.dll Infected: Trojan.Win32.BHO.rg skipped

C:\WINDOWS\system32\~.exe Infected: Trojan-Downloader.Win32.Tiny.zj skipped

C:\WINDOWS\TTC-4444.exe/data0002 Infected: not-a-virus:AdWare.Win32.TTC.a skipped

C:\WINDOWS\TTC-4444.exe NSIS: infected - 1 skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

Hello jlm1919,

Welcome to Safer Networking Trying to help you without a HJT log is like working with a blindfold on, but lets see what we can accomplish with out it at the present time. I don't know if your HJT is current or an older version, I dont know the extent of the infections you have as to advise you to not to do any online banking and things of that nature, I dont even know if your Operating System is up to date.

Kaspersky is showing all kinds of infections , lets see if you can run Combofix, if it stalls during the scan, you can try running it in Safemode.


To Enter Safemode

Go to Start> Shut off your Computer> Restart
As the computer starts to boot-up, Tap the F8 KEY somewhat rapidly,
this will bring up a menu.
Use the Up and Down Arrow Keys to scroll up to Safemode
Then press the Enter Key on your Keyboard

Tutorial if you need it How to boot into Safemode (http://www.bleepingcomputer.com/tutorials/tutorial61.html)




Download ComboFix from Here (http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe) or Here (http://download.bleepingcomputer.com/sUBs/ComboFix.exe) to your Desktop.

Double click combofix.exe and follow the prompts.
When finished, it shall produce a log for you. Post the Combofix log and a HiJackthis log in your next reply

Note: Do not mouseclick combofix's window while its running. That may cause it to stall

If you cant run Combofix, then do this.

You have a downloader trojan called Downloader.Agent.awf or Downloader.Agent.ayy. This trojan replaces legitimate files that are common on most computers with an infected file. It then moves the legitimate file to a "bak" or backup folder. Please follow the directions below to run FindAWF so we can identify the files that have been infected and the backups then restore them.

* Click here (http://noahdfear.geekstogo.com/FindAWF.exe) to download FindAWF.exe and save it to your desktop.
Double-click on the FindAWF.exe file to run it.
It will open a command prompt and ask you to "Press any key to continue".
Press any key and the FindAWF tool will begin scanning your computer for the infected AWF files and the backups the trojan created.
It may take a few minutes to complete so be patient.
When it is complete, it will open a text file in notepad called AWF.txt which will automatically be saved to your desktop or whatever location you ran the file from.
Come back here to this thread and copy and paste the contents of the AWF.txt file in your next reply.

Let me see the Combofix log if you could run it, or the FindAWF if you could not run Combofix.

Keep in mind that if you cant run the tools and post the reports then there is not much we can do.

This topic has been moved to archives.

If you need the thread re-opened, please send me a private message (pm) and provide a link to the closed topic.

Applies only to the original poster, anyone else with similar problems please start your own topic.