It started by replacing my wallpaper with a fake dialog box that tells me to install an antivirus or spyware remover to clean my computer, and "Warning! Win32/Adware.Virtumonde" Warning! Win32/PrivacyRemover.M64"

I already had Windows Defender on my system, but I downloaded Spybot S&D as well. It found and removed several spyware items and noted changes to my windows settings. But the screensaver and notification remain. My system is unstable; it will shut down and go to bluescreen if I leave it unattended. Some of the messages displayed there:

IRQL_NOT_LESS_OR_EQUAL
KMODE_EXCEPTION_NOT_HANDLED
UNEXPECTED_KERNEL_MODE_TRAP
PANIC_STACK_SWITCH
NO_MORE_TRIP_STACK_LOCATION
BOGUS_DRIVER
MAXIMUM_WAIT_OBJECTS_EXCEEDED
PAGE_FAULT_IN_NONPAGED_AREA
BAD_POOL_HEADER

At startup, a Windows Defender dialog box pops up saying it detects "TrojanDownloader:Win32/Renos" and suggests removing it. Then it needs to restart to apply fixes. So I restart, and the same thing pops up and the screensaver remains. When I click for details, this is displayed:

Category:
Trojan Downloader

Description:
This program displays deceptive product messages.

Advice:
Remove this software immediately.

Resources:
regkey:
HKCU@S-1-5-21-42108571-377814133-1332416755-1005\Control Panel\Desktop\\SCRNSAVE.EXE

screensaver:
HKCU@S-1-5-21-42108571-377814133-1332416755-1005\Control Panel\Desktop\\SCRNSAVE.EXE

file:
C:\WINDOWS\system32\blphc9d1j0e77p.scr

Summary:
Windows Add-ons change occurred.

This agent monitors the various ways which permit software to be started when other features in Windows are in use.

Checkpoint:
Screen Saver



What can I do to get rid of this??

Thanks!

Hi sleepykisser

Click here (http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe) to download HJTInstall.exe
Save HJTInstall.exe to your desktop.
Doubleclick on the HJTInstall.exe icon on your desktop.
By default it will install to C:\Program Files\Trend Micro\HijackThis .
Click on Install.
It will create a HijackThis icon on the desktop.
Once installed, it will launch Hijackthis.
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT use the AnalyseThis button, its findings are dangerous if misinterpreted.
DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

Due to the lack of feedback this Topic is closed.

If it has been five days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

If it has been less than five days since your last response and you need the thread re-opened, please send a private message (pm). A valid, working link to the closed topic is required.

Everyone else please begin a New Topic.