When I run MSConfig, Regedit or other system utilities they close after a few seconds. I donwloaded the Norton Antivirus 04 trial, but this too closes after a few seconds. In safe mode Norton Antivirus will not run at all. Any ideas?

That is because you are infected with a virus. First try this. Go to House Calls and do an online scan. If problems till persist then go and get Hijackthis and post a log file but only after you have run the Online Scan. KTTD

It sounds like you have a virus, possibly W32.Spybot or W32.Gaobot. Download 'Hijack This!'. Unzip, doubleclick HijackThis.exe, and hit "Scan". When the scan is finished, click "Save Log", and copy and paste it in a reply. HijackThis!

Logfile of HijackThis v1.97.7 Scan saved at 22:48:06, on 29/01/2004 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\inetsrv\inetinfo.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.exe C:\WINDOWS\System32\RUNDLL32.exe C:\Program Files\Slim Multimedia Keyboard\MagicKey.exe C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\mqtgsvc.exe C:\WINDOWS\System32\inetsrv\DavCData.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\System32\wmplayer.exe C:\WINDOWS\System32\dllhost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\explorer.exe C:\PROGRA~1\WINZIP\winzip32.exe C:\Documents and Settings\Tom Gillespie\Local Settings\Temp\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.michaelmoore.com/ N2 - Netscape 6: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%206%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Tom Gillespie\Application Data\Mozilla\Profiles\default\hgxzjeu3.slt\prefs.js) O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [Windows Media Player] wmplayer.exe O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.exe C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\RunServices: [Windows Media Player] wmplayer.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - Global Startup: Slim Multimedia Keyboard.lnk = C:\Program Files\Slim Multimedia Keyboard\MagicKey.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.exe O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM) O9 - Extra button: Net2Phone (HKLM) O9 - Extra 'Tools' menuitem: Net2Phone (HKLM) O9 - Extra button: Related (HKLM) O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37985.6836226852 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {EC5A4E7B-02EB-451D-B310-D5F2E0A4D8C3} (webhelper Class) - http://register.btopenworld.com/templates/btwebcontrol012.cab O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by2fd.bay2.hotmail.msn.com/activex/HMAtchmt.ocx O17 - HKLM\System\CCS\Services\Tcpip\..\{3C6D6329-1258-444F-B384-64C5F89176AE}: NameServer = 213.1.119.97 213.1.119.98

I still would have prefered that they ran an online scan first to see if it resolved the issue but because Tom41 loves to read log files and he most likely did not see my post I'll let him have fun but as I said. You are infected. KTTD

1. Download, unzip and run Process Explorer and end process (kill) on the following: C:\WINDOWS\System32\wmplayer.exe Process Explorer 2. Run HT again and check the following items. Doublecheck so as to be sure not to miss one. Next, close all browser Windows, and have HT 'fix checked'. You Must restart your computer in safe mode when you're done. O4 - HKLM\..\Run: [Windows Media Player] wmplayer.exe O4 - HKLM\..\RunServices: [Windows Media Player] wmplayer.exe Once in safe mode, delete the following: C:\WINDOWS\System32\wmplayer.exe 3. Run the online scan and delete any remaining infected files.

Yeah sorry, I'm just getting the Active Update for Housecall at the moment... takes a while on a 56k modem