This is my post from another board, and I'm just seeking help from all over =P

This is my original message >_<;

I just "fixed" my computer yesterday after 2 months of it being dead due to the motherboard.. to find out it has a virus last night..

Many files I cannot touch, and it has begun to restart more frequently now, especially when I start an Antivirus scan.

I cant even run Norton, it tells me it has a critical error, and none of the solutions for that problem works. Trojan hunter doesnt show me anything, or if it does im not looking at the right spot.. The computer sometimes restarts with a blue screen, and I'm stumped on what to do.. Any help would be appreciated..


Adware Away just found C:\WINNT\system32\userinit.exe and said it was suspicious =/ So i deleted that ;


____________________________________

It also found many other Trojans, some Norton got rid of, some norton couldnt (one was called "Trojan Dropper"..)

This is my hijackthis log:

Logfile of HijackThis v1.98.2
Scan saved at 2:36:24 AM, on 8/10/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
D:\Program Files\Roxio\GoBack\GBPoll.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
D:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
D:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
D:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\SymTray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINNT\system32\RUNDLL32.exe
C:\WINNT\system32\RUNDLL32.EXE
C:\WINNT\system32\ctfmon.exe
D:\Program Files\Roxio\GoBack\GBTray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Adware Away\AdAway.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Hijack This\hijackthis.exe

F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtray.exe SetReg
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaE ngineMain
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [THGuard] "D:\Program Files\TrojanHunter 3.9\THGuard.exe"
O4 - HKLM\..\RunOnce: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtrdr.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Global Startup: GoBack.lnk = D:\Program Files\Roxio\GoBack\GBTray.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm



If anyone has any help, I'd greatly appreciate it!

Hello,
Welcome to D-A-L

First of all, I suggest you uninstall "Adware Away" because the file it flagged was a legitimate file, so that casts a shadow of doubt on the quality of the program.

You may want to download and run some of the programs we recommend (see here) for spyware removal.

Then I suggest you pay a visit to Housecall and run an online scan for Viruses and Trojans. Remove anything it finds.

Then post a fresh log

Thanks a lot for the reply..

I'll try, I'm dealing, now, with an inability to search, constant .exe errors and occassional blue-screen restarts =( then if thats not bad enough sumtimes theyre corrupting windows so I have to -go-back >_<;

Thanks again

Could you describe these problems more. Constant .exe errors. Which files? What error message?. Could you also describe inability to search more as well, is that search as in the internet, or your computer?

Okay, I just wrote up a message and before I was finished, ermm I got an Internet explorer error _-_;

Anyways, the .exe errors vary, mostly appearing at start up, usually dealing with NAVA and capp stuff

The bluescreens usually flash to fast for me to read, but they do contain _Corrupted =( this is scary stuff

Anyways, I cannot search because the SEARCH on internet explorer just turns up white, but I can use the MSN search (on msn.com) still.. And when I tried to run the Antivirus that you suggested, it restarted my computer (eg error again..) >_<; it will no longer allow me to run Spybot, as it just closes mid-scan, and norton wont because of a critical error..


Edit: http://service1.symantec.com/SUPPORT...build=Symantec pops up a lot..

Also just got a NAVAPSVC (i think its SVC )

I only got through 5500 files on that Online Vscanner b4 I got a blue screen.. ill try again =/

Edit 2: And im getting IExplore.exe errors >_<;

Edit 3: Norton keeps removing W32.Spybot.worm ..

Edit 4: I just realized I cant do Windows Update either.. O_o; And I have an Index.dat file in my cookies.. is that normal? O_o I cant touch it, it says its being shared..

Edit 5: I got a tcpip.sys error, and then I got something that said there was a problem with my registry, which made me have to go back 20 mins >_<; lol.. I cant run Virus Scanners right now.. 'cuz theyre just restarting.. I got to 70% with the Buster thing, but then it got an error itself, then the comp restarted =( sigh..

Norton just found another Virus.. Hacktool or something >_>

This is getting pathetic now.. Its like im flooded with 'em lol =(

Im getting Trojan Dropper Virus pop-ups from Norton, and a lot of Trojan.Nabald or something (ill edit it when it comes up again.. >_<

I cant post any -new- hijack this log.. cuz I cant do anything different =( all the Vscanners just stop mid through with either restarts or errors =(

Start off by turning off the norton and using the online scanner that owen linked to above