computer internally melting down...

Yesterday my computer had something happen to it and now it's definetely got some issues that I need help with. It's pretty much "melting down" and I can't do anything. I minimize windows and they disappear. I can't move anything on my desktop (like to a zip drive or a memory key). I can't run add/remove programs because it says microsoft installer is corrupt or something along those lines. Norton's antivirus 2003 no longer works and can't be run. I can't use my burner to back things up. I can't access my computer's shared files on the other computer on my network. I've ran and used ad-aware, spybot s&d, registry mechanic, ewido, cwshredder, cleanup40, norton's utilities, and hijack this. I'd be happy to post my log if someone could analyze it for me. I have absolutely no idea what happened. My start menu doesn't appear half the time either. I can't do a system restore back to a previous point, it never works. I ran house call and it found something called troj keenval.e. It used to take 30 seconds to boot up my computer, it now takes 5+ minutes. I have 3+ years of stuff on this computer and I don't want to just wipe it all out. I want to try everything possible first. I've been working on things for over a day now, and I don't know what to do anymore. Can anyone help me???

 

I really apologize, but I can't click on any links. I click on them and nothing happens, they won't take me anywhere. I have my hijack log file though. I'm sorry too but I can't attach the file, I'm lucky that I can even paste it in here. I know you're not supposed to paste it, but I couldn't attach it.

Edit by chaslang: Inline log attached

 

Well I was able to follow your directions as best I could. There was one problem...my computer would NOT let me disable system restore. it said there was a problem enabling/disabling it, please restart your machine and try again. I did that, but it still wouldn't let me. Thanks for all the help so far and I apologize for not following the correct directions. I still can't move items on my desktop and they still disappear when I minimize them. Both Norton's programs still are corrupt. It still takes just as long to start up. I'm not sure if there's any difference. I can't copy and paste things either. Windows installer service cannot be accessed. I can't make a data CD to try and back things up.

Here's my new hijack log. Once again I apologize for not attaching it. Thanks again for the help. It's much appreciated.

Edit by chaslang: Inline log attached

 

Also, I was still unable to click on the sticky thread the "READ ME FIRST BEFORE ASKING FOR SUPPORT" The little pointer acts like you can click it, but if you do, nothing happens.

 

I uninstalled utilities, but it won't let me do norton's antivirus. It says "preparing to install" then it says "the windows installer service could not be accessed. This can occur if you are running in safe mode (which i'm not) or if the Windows installer is not correctly installed."

Anything stand out on the new highjack log?

 

If I right click on the READ THIS FIRST and save the target, i can then open it. I went down and ran services.msc when it came up, to the right of Services (Local) ... in the big box, nothing is showing, half of the screen is just pure red. Do you have any idea what could be wrong? I'm running a squared right now and housecall

 

I really just want to be able to drag and move things so i can backup some of my files, then I'm just going to reinstall xp. Do you know what could cause my computer to not be able to move things on the desktop? or copy and paste it or drag and drop it?

 

I doubt this helps, but here are some more errors/problems I'm experiencing.

*I can't open media player because of "low memory"
*I could open that website from symantec for the norton's uninstaller but it wouldn't open the file to download
*In my task manager it doesn't display my name under the "user name" it's just blank
*I can semi open norton's antivirus, however everything just says "refreshing" and i can't scan for viruses.

A squared has currently found 4 malware files and is about 40% done.

I really don't know what else to do or try.

 

This is what house call found
Troj Keenval.e in C:\System Volume information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP1363\A0217447.exe

This is what HiJack Free Found

Name Command Description
Norton Auto ccApp.exe Added by the Akher.d worm
Protect

Symantect ccApp.exe Added by the Akher.d worm
Service

ccApp [random Added by the Absorb trojan
filename]

ccApp WMADZ.Exe Added by the RBOT-LJ Worm

AVG Grifsoft updater.exe Added by the AGOBOT-OT Worm
Updater



Then one more

Port Protocol
1492 TCP FTP99CMP,Back.Orifice.FTP


Those are the things that are messing up my computer...Do you know how to get rid of them? Granted the system restore can't be shut down and norton's doesn't work?

 

My computer is running efficiently and seemingly perfectly smoothly, however when i ran hijack free with a squared and it still says the same trojans/worms were found. any idea how to get rid of them? Norton's virus definitions doesn't include these which is why i'm assuming it's not catching it. I have no idea how to clean those out of my computer.

 

I couldn't find WMADZ.exe (or don't know how to find it correctly)

I uninstalled norton's 2003 and ran the a squared hijack program and all 4 of the errors/bugs/worms in ccapp were gone (obviously since it was no longer on my computer) (system restore was disabled) then i reinstalled norton's and ran the a squared hijack free analysis and all 4 of those things were back. this is exactly what it says on the website analysis

Name: ccApp
Path: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Good - 1 Bad - 4

X Norton Auto-Protect ccApp.exe Added by the AKHER.D WORM! Note - for the valid Norton AV entry the filename is "navapexe". This is also not the valid Norton AV file with the same filename

X Symantec Service ccApp.exe Added by the AKHER.D WORM! Note - this is also not the valid Norton AV file with the same filename

Y ccApp ccApp.exe Part of Norton AntiVirus 2003. Auto-protect and E-mail check will not function without this

X ccApp [random filename] Added by the OBSORB TROJAN! Note the random filename compared to the valid Norton AntiVirus

X ccApp WMADZ.EXE Added by the RBOT-LJ WORM!

key:
"Y" - Normally leave to run at start-up
"N" - Not required - typically infrequently used tasks that can be started manually if necessary
"U" - User's choice - depends whether a user deems it necessary
"X" - Definitely not required - typically viruses, spyware, adware and "resource hogs"
"?" - Unknown

Then...

Port: 1025 TCP
Path: C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Process ID: 120)

1025 TCP/UDP NetSpy, Maverick's Matrix, RemoteStorm



That's all that it finds for problems. Everything else i've ran found nothing (housecall, spybot, nortons, nortons utilities, registry mechanic and panda)