Over the past week my computer has started to malfunction severly, it started with spy ware/adware, promoting there virus protection etc which i did not download, i ran a spybot and ad-aware which got rid of some of it, but now the virus was creating shortcuts on my computer and everytime i deleted them, they would re appear. Then my computer would start to freeze frequently and then my computer began to shut down as by itself as a precautionary measure to prevent further damage. i then ran avg 8.0 which got rid of about 12 trojans which where infecting my pc, after that it seemed like my computer was running alot smoother but the next time i started the computer i got a blue screen which said the computer had to shutdown to prevent furhter damage occuring. Now i cannot even start my computer without it turning itself off as a precautionary measure. I can only turn it on in safe mode, not sure what to do. And also when i was getting online, some sites like computing.net and avg and mcafee where being prevented from being viewed but other stuff worked fine. im posting this from my laptop as i am quite limited to what i can do in safemode, any help would be appreciated

Hi, do not get me assure you solve this problem, but we try. download on a pen drive, http://www.suspectfile.com/systemscan restart in safeboot with the pen drive already included, open systemscan and make sure that all options are checked, click on "Scan Now" at the end of the scan will be released (always on your desktop inside the folder suspectfile) two files. Go to office http://www.freefilehosting.net the zip file and write in your next reply URL where I can get it. NB the duration of the scan may be long, it might even seem that the program is not working, do not worry is not so;) SystemScan is recognized, mistake, by some antivirus as infected. -- Ciao, Marco

ok i tried to run the system scan but sadly my computer decided to shut during it coming up with the usual blue screen telling my it had to shut down to prevent further damage etc....should i try again or would a hijackthis log be useful? ps roughyl how long would the system scan usually take?

have managed to do the system scan barring option 5 (autoplay something). http://freefilehosting.net/download...

Hi, download http://swandog46.geekstogo.com/aven... Run avenger.exe, copy and paste inside the white box this script: files to delete: C:\WINDOWS\Mtiluyirogodin.dll C:\WINDOWS\system32\vFMnnUtv.ini C:\WINDOWS\system32\vFMnnUtv.ini2 C:\WINDOWS\system32\txgubqws.ini C:\WINDOWS\system32\msiconf.exe C:\WINDOWS\system32\k9261108.exe C:\WINDOWS\system32\urqNefEX.dll C:\WINDOWS\system32\swqbugxt.dll C:\WINDOWS\system32\fpvbkybv.dll C:\WINDOWS\system32\awtrRkJC.dll C:\WINDOWS\system32\rdkjsojp.dll C:\WINDOWS\system32\fbc9fa25-.txt C:\WINDOWS\system32\vtUnnMFv.dll C:\WINDOWS\system32\cbXqpqOf.dll C:\WINDOWS\system32\prunnet.exe C:\WINDOWS\system32\ipsink.ax C:\WINDOWS\system32\vfwwdm32.dll C:\WINDOWS\temp\rtdrvmon.exe C:\Documents and Settings\Mandeep\Application Data\gadcom\gadcom.exe C:\WINDOWS\system32\hweypw.dll C:\WINDOWS\system32\drivers\senekatpevqjup.sys C:\WINDOWS\tasks\tucrkcna.job folders to delete: C:\Program Files\VirusRemover2008 C:\Documents and Settings\Mandeep\Application Data\gadcom registry values to replace with dummy: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows | AppInit_DLLs registry values to delete: HKLM\Software\Microsoft\Windows\CurrentVersion\Run | KernelFaultCheck registry keys to delete: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{394c8250-eb12-47fa-bea5-daa251e7ef9e} HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D841923-598E-4CAB-AE2A-FB2E468DB9AB} HKEY_LOCAL_MACHINE\software\microsoft\shared tools\MSConfig\startupreg\f0ea3e5b HKEY_LOCAL_MACHINE\software\microsoft\shared tools\MSConfig\startupreg\KernelFaultCheck HKEY_LOCAL_MACHINE\software\microsoft\shared tools\MSConfig\startupreg\Lfohuyoku HKEY_LOCAL_MACHINE\software\microsoft\shared tools\MSConfig\startupreg\prunnet HKLM\system\currentcontrolset\services\seneka HKLM\system\controlset001\services\seneka HKLM\system\controlset003\services\seneka Put a check "Automatically disable any rootkits found", click "Execute". The PC should reboot alone, otherwise you restart. -- Open Notepad and enter inside this script, please copy / paste Windows Registry Editor Version 5.00 [-HKEY_CLASSES_ROOT\CLSID\{394c8250-eb12-47fa-bea5-daa251e7ef9e}] [-HKEY_CLASSES_ROOT\CLSID\{8D841923-598E-4CAB-AE2A-FB2E468DB9AB}] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "gadcom"=- [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "msiexec.exe"=- ; Click on the upper left on "File" then "Save As" from the window that opens click under "Save as:" > select "All Files" > in the "File name" Send fix.reg > Save the file to your desktop. Double-click on fix.reg confirmation when required. Reboot the PC. -- Run a new scan with SystemScan. - Go to office http://www.freefilehosting.net the zip file and write in your next reply URL where I can get it and also avenger.txt and ComboFix.txt which are in C:\ ciao Marco :)

the computer seems to be running pretty smoothly now with no sudden shut downs thanks, system scan: http://freefilehosting.net/download... avanger.txt: http://freefilehosting.net/download... ComboFix.txt: http://freefilehosting.net/download...

Run avenger.exe, copy and paste inside the white box this script: Files to delete: C:\WINDOWS\system32\senekadf.dat C:\WINDOWS\system32\seneka.dat C:\WINDOWS\system32\senekahcnlrkpq.dll C:\WINDOWS\system32\senekaklputmei.dll C:\WINDOWS\temp\rtdrvmon.exe C:\WINDOWS\temp\D653F3EC.TMP C:\WINDOWS\system32\vtUnnMFv.dll registry keys to delete: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F6A2AAAD-A30C-4E57-A14E-AFA0C0190567} Put a check "Automatically disable any rootkits found", click "Execute". The PC should reboot alone, otherwise you restart. Then you should check two files that seem suspicious. Up www.virustotal.com and control: C:\WINDOWS\system32\patcher.exe C:\WINDOWS\system32\Remove.exe as before, give me the URLs to download the log avenger.txt and the results of virustotal.com ;) ciao