i think there's a worm in my system

i desperately need help to get rid of the problems i'm having with my windows xp
system.
some of the problems i have are:
*"paste" function is disabled ... i can't paste folders/files, can't paste links in the IE browser address bar
*I can't drag folders/files
*I can't restore folders/files that are in the recycle bin
*Minimizing windows closes them instead of minimizing them
*I can't open task manager
*Windows Installer Service does not work
*I can't view properties of the Services in the Administrative Tools folder
*I've noticed when shutting down my computer, the floppy drive light goes on for a while
*I've scanned my computer for viruses and other malwares ... but still the same problems ...
*I can't download anything from Microsoft Windows Update site, simply because I can't enter it
*Clicking on the "Go" button in the Symantec Security Check website does not do anything
*MSN Messenger IM windows do not open when someone sends me an MSN IM message
*Clicking on some links in some sites do not do anything
*I can't kill processes running because I don't have the administrative rights ... or something like that ... but, before the problems occurred, this used to work with the not-so-important processes
*I can't search for files/folders in my computer
*My Network Connections folder is magically gone
*Loading Windows and its settings takes a long time (about 3 minutes). Before, it only took around 30 seconds.

I'm very sure there's a big fat worm/virus or some other malware in the computer that's causing this. It can't be anything else.

Please help, and thanks in advance.

 

First, Welcome to MG. . .

Have you already gone through this sticky? If not please do so. . .
READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal:
Double check everything and make sure you did do everything
and all software is up to date

 

I've scanned with the latest versions of spybot and ad-aware, scanned with Housecall's online antivrius scanner, enabled all protection with spyware blaster, immunized everything with spybot ... all updated and in safe mode (with networking) ... couldn't access symantec security check scanner, though, and stinger did not detect anything in my computer, system restore is off (actually i don't know if it's on/off cause I can't launch it and the system restore tab is no longer there in the System file of Control Panel, but it was off before my computer got infected)

 

Disable And Enable System Restore

That informatuon is ther in the link I gave you before. . .

Make sure you download everything in the read me


then when that is complete

NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting:
*Note that your HijackThis should be up-to-date (v1.99) and MUST be extracted to its own safe folder - C:\Program Files\HijackThis! Please do this!!!*

 

I see no system restore tab in the properties of My Computer

I have the latest version of HijackThis! do I post the log here or what?

Thanks again

 

if you followed the links, go ahead and attach one

 

ok, here's the log

 

the log looks pretty clean to me
are you still having problems?

 

as a third party plug-in to MSN Messenger, I thought that was only a user choice thing, my mistake
thanks, chas.


alot of the "symptoms" could be due to the admin. rights, right?

 

no, i did it in normal mode, not safe mode

but yeah, even if there was something to kill in the scanned list, I couldn't cause of admin rights. how do i get it back, if possible ...

the pc is my own

About Messenger Plus, I know it's a risky program to use, but I've had it way before the the computer got infected

I think the problems first appeared when I finished downloading a zipped file from Limewire, although I didn't unzip the files in it. I just simply deleted the zipped file, but the symptoms stayed.

But also, today I remembered that on the day my PC got infected and before downloading the zipped file from Limewire, I actually used a program called Registry Analyst and with it removed all the "invalid" entries that Registry Analyst told me to clean. But I really don't think that's the problem ... I hope not ...

 

ok, i uninstalled MSN plus and limewire, still the problems

about the registry backups, sad to say but I was too careless to create backups, but still the problems can't be the result of just errors in the registry, my logic says a malware (or more) is causing this, and it happened right after I downloaded the zipped file from Limewire (like I said before)

Yes, I can boot in safe mode as administrator ... fortunately! but the internet connection there only works for a while ... strange ... but when in safe mode as another user, the internet connection works just fine ... also in safe mode (no matter what user), the same problems appear ...

 

here they are

I noticed that with Internet Explorer I don't see the Manage Attachments button, but with Mozilla I can

anyway, first log is as administrator

and second as another user

both in safe mode

 

here's what Spybot detected ... i did a scan with it just now (in normal mode)

 

ok, first the HJT log

also, I want to tell you that when I log into normal mode, I don't get an option to select which user to login as, I automatically login, so I'm not sure if I'm logging in as administrator or a normal user ...

 

i can't change the firewall (due to ICS (Internet Connection Sharing cannot start) problem)

I did disable certain services like universal plug n play and shoot messenger or something like that and with bugoff program i disabled the services, but i forget whether that was before or after the problems appeared

 

Damn...

There is not any singular cuase that I can see here, but a whole buttload of little ones.

Lets see if we can kill off the easy ones first.


*"paste" function is disabled ... i can't paste folders/files, can't paste links in the IE browser address bar
--Make a new user account and test.

*I can't drag folders/files
--Should fall under new user account

*I can't restore folders/files that are in the recycle bin
--Do you have any Norton products installed? A Norton Protected recycle bin can pose problems such as this.

*Minimizing windows closes them instead of minimizing them
--I've seen issues like this when the mouse is not working right, or is not accurate. I know, a bit of a long shot there.

*I can't open task manager
--Does it work in Safe Mode? Are there any errors?

*Windows Installer Service does not work
--What is the error?

*I can't view properties of the Services in the Administrative Tools folder
--Is there an error? Is it greyed out?

*I've noticed when shutting down my computer, the floppy drive light goes on for a while
--Perfectly normal. Most antivirus applications are configured to scan floppies on shutdown, whether there is a floppy in the drive or not.

*I've scanned my computer for viruses and other malwares ... but still the same problems ...
--An effective virus/worm, is the one that can't easily be found, although save for some problems here, I'm not sure it is a virus.

*I can't download anything from Microsoft Windows Update site, simply because I can't enter it
--Sounds like a blocked port. Can you get to this site instead? https://www.microsoft.com:443

*Clicking on the "Go" button in the Symantec Security Check website does not do anything
--Start, run, regsvr32.exe jscript.dll
click ok, and make sure it succeeds.

*MSN Messenger IM windows do not open when someone sends me an MSN IM message
--Stumped.

*Clicking on some links in some sites do not do anything
--the abbove command for jscript.dll may resolve this.

*I can't kill processes running because I don't have the administrative rights ... or something like that ... but, before the problems occurred, this used to work with the not-so-important processes
--I thought you couldnt get into task manager??

*I can't search for files/folders in my computer
--jscript issue

*My Network Connections folder is magically gone
--Make certain the Network Connections Service is running.
If you can't get to it by services.msc, tthen open regedit.exe, locate this key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netman
Set the start type to 3. Then reboot. If that still doesn't start it, go to a cmd.exe prompt, and type:
net start netman
press enter

*Loading Windows and its settings takes a long time (about 3 minutes). Before, it only took around 30 seconds.
--have you done a repair install lately?

 

Classic symptom of mismatched files. Another reason why i asked above if you have done a repair recently.

Open msconfig from start, run. Click Launch System Restore and post back with the error message.

 

I've some ideas about that, but I have to go to bed.

I'll post more on it later.

 

thanks guys for all the help ... i really appreciate it ... too bad this isn't easy to solve
well, i can't create a new user account, it seems, cause when I open the user Account in Control Panel, the box appears but it is blank ... only the title bar is is normal with "Back" "Forward" and "Home" buttons which don't work

I'm sure I don't have Norton utilities installed

Task Manager doesn't work in Safe mode

The Windows Installer Ervice error is "The Windows Installer service could not be accessed. This can occur if you are running in safe mode or if the Windows Installer is not correctly installed."

The Properties of the Services in Administrative Tools isn't greyed out, but when I click on it, no box appears

About the links, well, I think there's a problem with Internet Explorer, cause with Mozilla I can access any link no problem

About task manager, true, I can't open it, but I have a program that kills processes

The jscript thing didn't fix any error, neither the other instructions you told me to do

no repair install lately.

'System restore is not able to protect you computer. Please restart and your computer and start again' error occurs when i do the Lauch System Restore

Anyway, I don't mind reformatting, but I just want to make sure if these can be fixed without doing that process ... but since adrynalyn still has some solutions, i'll wait before reformatting

Thanks again, guys, for the help

 

Missing RPC.

The RPC service missing from the system fubars most things, too.

A missing service can be something as simple as it missing a start value, or it missing a type value.
Check HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcSs via regedit and see if it matches what you see here (keep in mind I have Sp2, which changes some of these values:

 

"RpcSs" is missing ... I don't see it

 

weird, when yesterday, i couldn't access the system volume folder, now i can

and it has mountpointmanagerremotedatabase file and tracking.log

 

Here is a copy of the RPC service.

Unzip it and run it.

 

man, you're a genius! Thanks to you and Chaslang, most of the problems got fixed! You guys are wonders!

Task Manager still doesn't open, but that's probably cause I killed it with x-raypc program. Any ways to get it back?

System Restore, Minimize windows, copy/paste, drag, startup problems, all solved! And hopefully, the links and other stuff, too

Thanks again, guys

 

Try start, run, taskmgr.exe

Does that bring it up?

 

it says "file not found"

but i can live without it, I have a couple of substitute programs for task manager, so it's no big problem

thanks for the help

 

Amazing!

Thanks for the help, mate! This is definitely the best computer-related problems forum! I'm gonna recommend this site to my friends!

 

those guys are good ,ain't they?

 

They sure are