HELP - Big Problems with Norton Internet Security

Let me apologize for the length of this message - 3 logs attached.

Hi! I really need help for my home computer. I know from all the scans recommended in "read this first" that my NIS is infected. (I ran about 7 different scans, both in safe and normal mode, connected and not-connected to the Internet.) However, after running all the scans I still have problems. And, I can't fix from it NIS. Basically, NIS says that I am not logged in and I'm not protected, but I can't log in because the button to "log in" is shaded out. I tried uninstalling NIS but the computer won't allow me to because I need to be an "administrator." I tried logging into my computer in safe mode as the administrator, but I apparently need a password and I don't have it! Also, for some reason (I believe also related to NIS' firewall), I can't access any e-mail sites (like hotmail or earthlink.net/webmail), so I can't even get my e-mail at home. Meanwhile, I'm worried that more viruses are coming into my computer since I'm not logged into NIS. Can someone please help me?

Below are my most recent logs for:

1. Hijack This

• Edit by bjgarrick: Unrequested, Inline HJT log removed!

2. Bit Defender

Inline log attached!

and

3. Kaspersky

Inline log attached!

Scan process completed.

THANKS!

 

I would uninstall NIS because this is one of the many problems associated with Norton products. You will however need Administraror rights to remove this or do anything to fix this.

Please download Spy Sweeper

• Click the link above to download the program.
• Install it. Once the program is installed, it will open.
• It will prompt you to update to the latest definitions, click Yes.
• Once the definitions are installed, click Options on the left side.
• Click the Sweep Options tab.
• Under What to Sweep please put a check next to the following:
  
  • Sweep Memory
  • Sweep Registry
  • Sweep Cookies
  • Sweep All User Accounts
  • Enable Direct Disk Sweeping
  • Sweep Contents of Compressed Files
  • Sweep for Rootkits
  • Please UNCHECK Do not Sweep System Restore Folder.
• Click Sweep Now on the left side.
• Click the Start button.
• When it's done scanning, click the Next button.
• Make sure everything has a check next to it, then click the Next button.
• It will remove all of the items found.
• Click Session Log in the upper right corner, copy everything in that window.
• Click the Summary tab and click Finish.
• Paste the contents of the session log you copied into notepad and save it as spysweeper.txt and attach it to your next post along with a fresh HJT log.

 

Thanks for the quick reply. I did run Spysweeper too, but didn't post that log. I'll run all the scans you suggested again tonight and save those logs.

*Big question*: How do I get administrator rights to uninstall NIS?!

 

First way would be login to the Administrator account, second way would be to run the removal tool for it.

Do you have the newest version of SpySweeper with the latest definitions? If so, I need the log.

 

I ran SpySweeper, but it said that it could not obtain the definition updates because possibly my computer's firewall (i.e., stupid NIS), so I'm not sure how helpful the log will be. Here it is, and a fresh HJT log too.

Back to the uninstalling NIS issue, when you say "remove tool" are you talking about the "change/remove" button in the Control Panel? If not, then what are you talking about? If so, then I'm stuck. I can't uninstall NIS under my login (Windows XP OS) because I have to be an administrator, and I can't log in as an administrator because I don't know what the password for the administrator login on my computer is. Is there some other way to log in as the administrator or bypass the password requirement? Or is there any other way to get rid of NIS?

Thanks again for your help!

 

Download AproposFix by Swandog46

Save it to your desktop or to another folder of its own, but do NOT run it yet!

Now reboot your computer in Safe Mode! (You must be in safe mode or this fix will not work.)

Once in Safe Mode, double-click aproposfix.exe which will give you a chice of where to unzip/install the program to). This is called the Destination folder in the window that popsup. So either install it to the Desktop or the folder where you downloaded the aproposfix.exe file to. It will create a new folder named aproposfix. Open the aproposfix folder and double click on RunThis.bat to run the fix. Follow the prompts.

When the tool is finished, reboot back into normal mode, and post a new HijackThis log, along with the entire contents of the log.txt file that has been created in the aproposfix folder.

 

I did it all. Attached are the logs. Thanks again for your help.

 

Let's run another scan with Spy Sweeper to confirm we got all of the Apropos, check to see if they have new definitions and download if so.

Afterwards attach the fresh SpySweeper log along with a fresh HJT log.

 

I still couldn't download new definitions for SpySweeper - so I surfed through Webroot's customer service site and when I got to the FAQ related to the problem (i.e., constant inability to download definitions), the webpage was blocked! Very annoying. So I e-mailed Webroot, since that's what SpySweeper said to do if I kept having the problem. However, since my e-mail account webpage is blocked on my home computer as well, I'll have to wait until I get to work tomorrow to see if they responded. I'm starting to get a little worried about this. It's never taken me this long to fix a computer virus problem before.

Here are the newest SpySweeper and HJT logs.

Do you have any other ideas?

 

Run post #6 again and attach the log with a fresh HJT log.