need some help

Hi all. I'm new to the forums and well I'm making this post since I have a serious problem. Recently, after downloading an infected file and letting it execute (it was called Microsoft Office 2003 Generic Fix V2) I've been in quite a bit of trouble. I feel the worst is behind me since the file's execution caused my desktop and toolbars to be invisible. Following the advice in the "READ & RUN ME FIRST" post, I was able to fix that. However, I've been having some other problems. Norton and Windows Defender constantly bring these alert messages up. So far, Norton has brought up messages for Trojon.Dropper (files names as: webnexmk[1].exe, webnexmknew.exe, numbsoft[1].exe, numbsoftnew.exe, Mendoza1.exe ), bloodhound.morphine, Downloader (i.e. wd7gi8n.exe) and dialer.Trojan. Defender has brought up messages for Adware.cmdService,Adware-Qoologic,Adware.cmdService, and Monnet. I could have also sworn I saw a few others laying around (espeically after restarting the comp). Windows Defender also keeps prompting me to reboot (every time I start) and gives me this error "encountered an error: 0x80501001.One or more actions could not be completely successful". Lastly, I have a great deal of pop ups (many with advertisements to this antivirus product called Winantivirus) and an error msg which comes up every 10 minutes or so saying "Unexpected error;qutting" (the source seems to be a file called "sunthreatengine.exe"). So far, I've done a few scans and deleted some files through windows defender. However, the problems seem to persist . I'm currently following the other procedures listed in the "READ & RUN ME FIRST" guide. Anyways, does anyone have any suggestions or have had a similar case? Thank you.

 

Help. Please. i've followed majority of the read and run me guide but to no avial. I still have norton/windows defender messages coming up like every second. Not only that, these pop ups keep coming up on their own. I've used adware and have deleted a great deal (a few were quarantined). Please help. I've been at this for 3 days now! Please (I apologize for begging). I just want to get my system back in good working condition and get on with my life.

 

If you have complete the steps in the Read Me. Then please post the required logs as attachments.

 

Hey. Thank you so much for replying. I've attached my HJT log and my BDSCAN log. Unfortunately, my previous problem with the desktop icons arose. Then to make things worse, whenever I load my admin account for windows, I get a message saying corrupted profile or profile is in use(it still loads but with majority or desktop items gone or not present). Please note, the HJT log is from the other windows account, not the admin. Also, thanks again for the reply.

 

Download
- Pocket Killbox

Read and understand how to do the following:
How to view hidden, system files & folders!
Searching for Hidden Files on WinXP

Empty the Norton AV Quaratine Folder
Empty the Norton Protected Recycle Bin
Emtpy the Recycle Bin
Empty the Browser Cache for both Internet Explorer and Firefox.

Run CCleaner

Using Add or Remove Programs in the Control Panel; uninstall the following:
ViewPoint
MyWebSearch
New.net or New Dot Net
ViewPoint (Everything)
WeatherBug
WhenUSaveNow
WildTangent (Everything)

<< The installed version of Java on this compter is out-dated. Install version 1.5.0_07 available from http://www.java.com/en/download/manual.jsp. Uninstall all older versions of Java on your computer, before installing the latest version of Java. >>

Download DelDomains and unzip it to your desktop.

Find the files from deldomains.zip on your Desktop and RightClick on the deldomains.inf file and select Install.

Afterwards run Spybot and make sure you re-Immunize immediately. Then run a full system scan. If you get any reported problems, attach the log from Spybot.

Click on Start, then Run ... type services.msc into the box that opens up, and press 'OK'.

On the page that opens, scroll down to Command Service or cmdService (Whichever is present) ... right click the entry, select 'Properties' and press 'Stop Service'. When it shows that it is stopped, next please set the 'Start-up Type' to 'Disabled'. Press 'OK' until you get back to Windows.

Next, run HJT, but instead of scanning, click on the 'None of the above, just start the program' button at the bottom of the choices. At the lower right, click on the 'Config' button, and then the 'Misc tools' button ... select 'Delete an NT Service' ... copy/paste the following into the box that opens, and press 'OK':

Command Service or cmdService (Whichever you found above)

Repeat the process for the following Services:

In HJT Choose Open the Misc Tools Section choose Process Manager, Highlight:

Choose Kill Process

Now Run HijackThis. Click the 'Do a system scan only' button. Place a checkmark in the box next to the following lines:

Click on the 'Fix checked' button. Wait for HijackThis to finish; close HijackThis.

Now run Pocket Killbox:

Choose Tools -> Delete Temp Files and click the RED X.

Run Killbox.exe. Paste the below filenames into KILL BOX one at a time. Check mark the box that says "Delete on Reboot" and checkmark the box "Unregister DLL" (If available) Click the RED X and it will ask you to confirm the file for deletion say YES and when the next box opens prompting you to reboot now...click NO...and proceed with the next file. Once you get to the last one click YES and it will reboot. Note many of the file list below may not exist but we need to check for them anyway.

If Killbox does not reboot or you get a Pending Operations type error message just reboot your PC yourself.

Now boot into SAFE MODE

Open Windows Explorer navigate to and DELETE the following: (Some of these may have already been deleted by Pocket Killbox)

Using the Search function in the Start Menu; search for repairs303169590.dll; delete every occurance.

Now run CCleaner. If you have Windows XP delete the contents of C:\WINDOWS\Prefetch.

Then, as an added precaution, Go to Start -> Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

REBOOT to Normal Mode.

Post a fresh HijackThis log.

 

Thank you from the bottom of my heart. Thank you for your time, effort and enourmous help. My computer is back up and running. Oh yeah, almost forgot to mention that the rest of the problems were handeled by a friend of mine, so no worries. Many many thanks.