Not able to remove trojans/spyware

Chaslang, I've just completed most of the removal procedure specified in your updated 'READ & RUN ME FIRST before asking for support. I'm now towards the end of Section 6, where you say 'You have two options if you still have problems at this point:' One of the options is to do what I'm doing now - requesting help.

Firstly, I was unable to run the online scans in Safe Mode. I ran all five online scans, as well as the AVG scan I use on my system. I'll try to summarize or paste the scan result logs on this post as I haven't worked out how to attach them.

BitDefender

Trojan.Downloader.Small.AGQ. 2files infected,unable disinfect,files deleted


RavAntivirus

scan result clean


Trend Micro

TROJ PUPER.I in C:\WINDOWS\SYSTEM32\hhk.dll no action taken


TrojanScan

scan result clean


Panda

Incident Status Location

Adware:adware/virmaid No disinfected C:\WINDOWS\SYSTEM32\perfcii.ini
Spyware:spyware/redv No disinfected Windows Registry
Adware:Adware/BrilliantDigitalNo disinfected C:\KaZaA Lite 2\bdcore.dll
Adware:Adware/Puper No disinfected C:\System Volume Information\_restore{8E862D22-D012-448B-9F0E-91ECFDC2F209}\RP249\A0082162.dll



AVG

scan result clean



Ad-Aware

nothing found


Microsoft Antispyware

nothing found


Spybot

DSO Exploit: Data source object exploit (Registry change, fixed)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit (Registry change, fixed)
HKEY_USERS\S-1-5-21-1606980848-1935655697-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit (Registry change, fixed)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3

Download Accelerator Plus ads: Default ad category (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\SpeedBit\Download Accelerator\ADSDefaultCategory=Default

Download Accelerator Plus ads: Ad category (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\SpeedBit\Download Accelerator\ADSFileList

Download Accelerator Plus ads: Ad category (Registry key, fixing failed)
HKEY_LOCAL_MACHINE\SOFTWARE\SpeedBit\Download Accelerator\ADSAds



Sorry to have to inform that I didn't keep a record of what was fixed, only what couldn't be. I do know that several CWS infections were cleaned for example.


Present Symptoms

1. Several times a day I get the message 'System is shutting down.Please save all... NT AUTHORITY\ SYSTEM...Windows must restart...RPC service terminated unexpectedly.' Then the system shuts down as promised.

2. Despite the AVG full system scan being clean, I get pop-up messages from AVG advising that a virus has been detected. These are the Trojans IRC/BackDoor SdBot.KCI and Dapper.Generic.AJO. This 2nd one has popped up 4 times in the last hour,despite AVG saying the computer's been healed.

3. Nuisance bugs such as Quick Launch missing at startup or being rearranged, start menu appears uncommanded on screen, slow startup, homepage reset on startup, IE connection prompt at startup.


I'm guessing it's time for Hijack This, but before going down that road I just thought I'd take you up on your offer and cry for help. Many thanks.