Need serious help. Have a weird problem with my PC. For one, my antivirus has been disabled. Everytime I open it, it closes after 5 seconds. Next, Windows Installer has also stopped working, so I can't install anything anymore. My System restore entries have all been emptied out, so the dates still exist, just theres nothing to restore back to. When I open MusicMatch, it tells me that "Drag and Drop failed". I also have problems copy-pasting. Plz help!!!!!!!!

Logfile of HijackThis v1.97.2
Scan saved at 10:40:47 PM, on 9/19/2003
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ahead\InCD\InCD.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\CMEII\CMESys.exe
C:\WINDOWS\System32\taskswitch.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\WINDOWS\System32\SERVlCES.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Common Files\GMT\GMT.exe
C:\Program Files\iM Networks\iM Radio Tuner\iM_Tray.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\AARONC~1\LOCALS~1\Temp\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: 3DNA Toolbar - {2ECB7FB2-0333-416F-92FD-4904AD49252B} - C:\WINDOWS\system32\3DNATO~1.DLL
O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qt

Go to pcpitstop.com and run their free virus scan. I'm not sure but it looks like you have copped a 'dose'. There are quite a few viruses out there that disable Norton - i.e. run the cursor over the norton icon in your system tray and if it just disappears after a second or two, you have been got!

HTH
Dog

Thx 4 the advise, but the virus scan didn't find nethin. Dunno what 2 do now.

hello
this sounds like the klez virus.
this link has macafee,s stinger for d/l it should still have the klez removel tool in it
mcafee avert stinger
http://vil.nai.com/vil/stinger/
here are some more on line scan links better than the pcpitstop one because they are complette rather than just the top 40 viruses.
free trojin scan
http://www.trojanscan.com/trojanscan/scanner.htm
panda scan
http://www.pandasoftware.es/activescan/
housecall
http://housecall.trendmicro.com/housecall/start_corp.asp
nrav av
http://www.ravantivirus.com/scan/
avast cleaning tool
http://www.avast.com/i_idt_171.html
mcafee avert stinger
http://vil.nai.com/vil/stinger/
scans for open trojin ports
http://scan.sygate.com/pretrojanscan.html
test my sheilds grc
https://nanoprobe.grc.com/x/ne.dll?bh0bkyd2

apparently it isn't the klez virus, because stinger couldn't find it, nor could symantec's klez removal tool. Oddly, even after trying all these different virus scans, nothing had been found. I really don't know what to do now, could this be a new virus? If so, what should I do?

The trojan is probably the file servlces.exe (note the ´l´ instead of ´i´) In the start menu choose ´run´ and type msconfig, in the startup tab uncheck ´servlces.exe´ and reboot. That fixed it for me, hope it works for you.

(If it doesn´t work you can try to disable the program while your computer is starting up, using ´ctrl - alt- del´)

Good luck

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_AGOBOT.M

I hope this message does not come to late but this sounds like the W32/Msblast worm that I got. Especially when it shuts down your antivirus application even before it starts. You can try to end it's process in Task Manager and then run updated anti virus software if you'r able.

Good luck