Cannot remove Downloader Virus

I have Symantic Antivirus Corporate Edition on my home pc (HP Pavillion running XP Home w/ SP2). About 2 weeks ago, I began getting pop ups showing the virus "Downloader" and the filename "coliew.dll". If I closed the pop up from Symantec, another would appear within 5 seconds. If I left it, it clocked showing the number of times it was hit increasing every 5 seconds. Symantec said that it could not quarantine or delete the file. I have run the scans in safe mode and still couldn't delete.

I performed all the steps that were outlined in the thread http://forums.majorgeeks.com/showthread.php?t=35407

I am no longer getting the warning from Symantec. However, in the logs (bdscan.txt and activescan.txt) it shows there are other things (virus's or infected files) that cannot be deleted. I am concerned that these are already problems that Symantec isn't catching or they will become problems down the road. I have attached all the recommended logs.

Please help and thank you for it !

 

Empty the Norton Quarantine Folder
Empty the Recycle Bin

Run CCleaner

You have several infected Emails in Outlook.

Uninstall the Following:
MyWebSearch
Zango

<< The installed version of Java on this compter is out-dated. Install Java Runtime Environment (JRE) 5.0 Update 7 available from http://java.sun.com/javase/downloads/index.jsp. Uninstall all older versions of Java on your computer, before installing the latest version of Java. >>

Copy the contents of the below quote box to Notepad; Save As FixReg.reg to your Desktop. DO NOT run it as this time we will do that later in Safe Mode.

Close Notepad.

Run HijackThis. Click the 'Do a system scan only' button. Place a checkmark in the box next to the following lines:

Click on the 'Fix checked' button. Wait for HijackThis to finish; close HijackThis.

Reboot to Safe Mode.

Locate FixReg.reg on your Desktop. Double-click on it and answer 'Yes' when asked if you want to merge with the registry.

Open Windows Explorer; navigate to and delete the following:
C:\nj.exe
C:\WINDOWS\system32\coliew.dll

Reboot to Normal Mode.

Post a fresh HijackThis log.

 

I followed your instructions. I did not have the files C:\nj.exe
C:\WINDOWS\system32\coliew.dll, so there obviously wasn't anything to delete. I have attached my new HiJackThis log. You mention that I have several infected e-mails in outlook. This doesn't surprise me as I get so much junk coming in. How did you find that out and how do I clean this out without opening Outlook. Thanks.

 

Your BitDefender log shows which emails have the infected attachments.

Your HijackThis log looks fine.

How is your computer running?

 

Sorry I never got back to you. The computer has been running great. I don't open outlook as I don't know how to get rid of these files. I just go through the webmail feature and get my email that way. Let me know if there is a way to delete the outlook files w/o opening outlook.

Thanks for all your help.

 

The only way to delete emails in Outlook is to open Outlook and delete the emails.

Flush all your restore points and create a new clean one for your system.

Disable And Enable System Restore
How to Protect yourself from malware!

Safe surfing.