When ever I start up my Antivirus (Symantec AntiVirus 8.1.0.821) or ANYTHING ELSE that has to do with removal of a virus, like for example this site,it is automatically shutdown(using different computer).I was surprised that Ad-Aware actually scanned but the problems still there.When I tried to scan with my own antivirus or even online scanner like House Trend Micro free scan it automatically closes them with in 10 to 20 seconds.I went into safe mode then scanned,and it worked and found 3 trojan horses and another virus.1 virus was cleaned and the other 3 trojans were deleted, but the problem persists once out of safe mode.If somebody can please advice me on how to remove this problem from my computer I will be very Thankful, ADAM

Hello Adam, this problem looks better to be related with your Internet Explorer program which allow you to go to internet. Maybe for any reason you corrupted or damaged a file or a DLL. You have a way to "repair" it. Go to your control panel, open "add & remove program", find line "internet explorer and his tools", open it, 3 options, one is "repair", bookmark "repair" and send the procedure, IE will scan for damaged and corrupted files and will repair it, you will need to reboot at the end of procedure... That should fix the problem, if not let's know.... :))) If problem comes from your Anti-virus program, just uninstall it, using the control panel "add & remove programs", then reboot and reinstall it...

Adam, Go to the link below and download the Fixswen.inf file onto a floppy disk, then transfer the floppy to the problem computer and run it. It's worth a try. "Save the Fixswen.inf file to your local hard disk, right-click on the file and choose install". "A Setup INF file to undo registry changes made by W32/Swen@MM and other threats that prevent REGEDIT, BAT, COM, EXE, PIF, REG and SCR files from running". Fixswen Tufenuf

Well, I tried the Fixswen.inf file and it didnt work,my norton still shuts down automatically after 10 secs and never appears in the system tray.And as for repairing the internet explorer,i doidnt see any repair option,only change/remove but im almost 100% sure its some sort of virus.It closes anything that trys to scan for viruses, and any window that has info or is trying to install any virus removal program. Since it only let my antivirus load for 20 secs and it dosent let me live update at all, I quickly went to the symantec site and downloaded the correct intellegent updater file for my antivirus.I then tried to install the virus definitions with the intellegent updater but it also repeatedly shut that down half way through the installation so i went in safe mode.I installed the definitions and scanned in safe mode but found nothing.after that i went back from safe mode and tried SpyBot search & destroy, but just like Ad-Aware it was also a failure.It found a few things but nothing that helped my situation.As a last result ive downloaded HiJackThis and am going to post the log result, anyone that can help me please do for I am in great need of it... Logfile of HijackThis v1.97.7 Scan saved at 6:38:31 PM, on 1/15/2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\Explorer.exe C:\WINDOWS\System32\RunDll32.exe C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe C:\WINDOWS\System32\lmsxxef.exe C:\WINDOWS\System32\vgsmon.exe C:\Program Files\Athan\Athan.exe C:\Program Files\Xerox\NWWia\XrxFTPLt.exe C:\WINDOWS\System32\server.exe C:\Documents and Settings\farooq\My Documents\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.yahoo.com/ext/search/search.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr*http://my.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.yahoo.com/ext/search/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr/*http://www.yahoo.com O2 - BHO: (no name) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Common\ycomp5_2_3_0.dll O2 - BHO: (no name) - {029CA12C-89C1-46a7-A3C7-82F2F98635CB} - C:\Program Files\Kontiki\bin\bh304181.dll (file missing) O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O2 - BHO: (no name) - {08351226-6472-43BD-8A40-D9221FF1C4CE} - C:\WINDOWS\Downloaded Program Files\SbCIe026.dll (file missing) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5_2_3_0.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.exe C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [XE Fax LM Status] lmsxxef.exe O4 - HKLM\..\Run: [monitorex] C:\WINDOWS\System32\vgsmon.exe O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\NavNT\vptray.exe O4 - HKLM\..\Run: [XeroxScannerDaemon] C:\Program Files\Xerox\NWWia\XrxFTPLt.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RunProg] C:\WINDOWS\System32\server.exe O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl O4 - HKCU\..\Run: [cnet] "C:\Program Files\Kontiki\bin\kontiki.exe" -s cnet -q O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - Startup: PalNetaware.lnk = C:\Paltalk\pnetaware.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.exe O4 - Global Startup: XE_fx Status Monitor.lnk = C:\Program Files\XWC_90fx\X9ENGSS.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM) O9 - Extra button: AIM (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Messenger (HKLM) O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct0_x.cab O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potc_x.cab O16 - DPF: {0837121A-6472-43BD-8A40-D9221FF1C4CE} - http://download.sidestep.com/get/k42033/sb026.cab O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0309.cab O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2003120501/housecall.antivirus.com/housecall/xscan53.cab O16 - DPF: {9D614E8E-03AA-11D3-90FC-0040C7157029} (PDMSInstallerCtl Class) - http://www.pakdata.com/download/PDMSInstaller.cab O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll O16 - DPF: {CAAE28D1-ADCC-11D1-BD4D-004845401881} (Urdu98 Control) - http://www.pakdata.com/download/urduplugin.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4304/mcfscan.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E6881F20-9CF4-4C84-BF07-79373F0E640C}: NameServer = 192.168.0.1 Someone Please Help Me and tell me what i need to remove from this list to stop this problem... ADAM

Adam, Check out the link below for the entry "O4 - HKCU\..\Run: [cnet] "C:\Program Files\Kontiki\bin\kontiki.exe" -s cnet -q". I can't help with the log but Kontiki appears to be a Browser Helper Object: ((BHO). Kontiki Removal Instructions Tufenuf

Go to macafee.com and download their Stinger antivirus tool . this will help get rid any of the nasty viruses that do shut off your antivirus . Last time I looked it would still fit on a single floppy disk . nice tool to keep on your harddrive for occasions like this .

Go to macafee.com and download their Stinger antivirus tool . this will help get rid any of the nasty viruses that do shut off your antivirus . Last time I looked it would still fit on a single floppy disk . nice tool to keep on your harddrive for occasions like this . Go to http://vil.nai.com/vil/stinger/