1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

C drive has disappeared

Discussion in 'Virus & Other Malware Removal' started by debbiesg, Oct 3, 2008.

Thread Status:
Not open for further replies.
  1. debbiesg

    debbiesg Thread Starter

    Joined:
    Aug 9, 2004
    Messages:
    407
    First Name:
    Debbie
    I know I got a virus. I have been alerted by everything. When I ran an AVG virus scan it said it was on the C drive but I cannot access my C drive. I don't even see it. I am attaching my hijackthis log file. It would not attach so I pasted it in. I hope someone can help me.
    Thanks, Debbie

    more info: So many things popped up alerting me to the fact that I had a virus that I didn't know what was from windows and what was just more virus stuff. It pops up so many windows it is hard to close them all. When I open windows explorer my c drive is not shown. When I click on start settings all that is there is taskbar and start menu. Task manager is unavailable. Second time I ran avg it showed no virus. I have run spybot and there was double click adware. What do I need to do to get my computer back? Thanks.


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:54: VIRUS ALERT!, on 10/2/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Creative\Shared Files\CTAudSvc.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\WINDOWS\system32\inetsrv\inetinfo.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe
    P:\Unlocker\UnlockerAssistant.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\WINDOWS\system32\CTHELPER.EXE
    C:\WINDOWS\system32\CTXFIHLP.EXE
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
    C:\Program Files\TrojanHunter 5.0.962\THGuard.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\System32\snmp.exe
    C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    C:\WINDOWS\System32\svchost.exe
    P:\Pando\pando.exe
    C:\WINDOWS\system32\mqsvc.exe
    P:\NoAds\NoAds.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\WINDOWS\system32\mqtgsvc.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
    C:\Program Files\AVG\AVG8\avgscanx.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    P:\HiJackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Roadrunner
    O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - G:\!Hidden Objects\Time Stand Still\Msdxm6.ocx
    O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
    O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe"
    O4 - HKLM\..\Run: [UnlockerAssistant] "P:\Unlocker\UnlockerAssistant.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 5.0.962\THGuard.exe"
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [80467dc2] rundll32.exe "C:\WINDOWS\system32\rasalsha.dll",b
    O4 - HKCU\..\Run: [BitTorrent] "P:\Bit Torrent\bittorrent.exe" --force_start_minimized
    O4 - HKCU\..\Run: [Pando] "P:\Pando\pando.exe" /Minimized
    O4 - HKCU\..\Run: [NoAds] "P:\NoAds\NoAds.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: Download with Rapget - P:\RApGet 141\rapget.htm
    O8 - Extra context menu item: Druid: Download All Files - P:\Download Druid\Druid.html
    O8 - Extra context menu item: Druid: Download Highlighted Files - P:\Download Druid\DruidHighLighted.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Download - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - P:\Download Druid\Druid.exe
    O9 - Extra 'Tools' menuitem: Druid: Download All Files - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - P:\Download Druid\Druid.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Druid Bar - {A6B25D86-CB76-44C1-8E35-328EE8F4BEF0} - P:\Download Druid\DruidBar.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - P:\SPYBOT~1.6\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - P:\SPYBOT~1.6\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.rr.com
    O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://supportcenter.rr.com/sdccommon/download/tgctlcm.cab
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://dev.srtest.com/srl_bin/sysreqlab3.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1212604147903
    O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
    O16 - DPF: {C75BE5CC-7F80-458C-8B66-FAB86E3B13C3} (FotkiUploader Control) - http://images.fotki.com/activex/FotkiUploader.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Filter hijack: text/html - {d9e1cdff-7808-4005-add4-4ae5fe030d23} - C:\WINDOWS\system32\msiebbar.dll
    O20 - AppInit_DLLs: avgrsstx.dll
    O21 - SSODL: xgpsarbm - {778F4A4D-6D06-42D2-85BC-20B46B8D29E3} - C:\WINDOWS\xgpsarbm.dll
    O21 - SSODL: neksolda - {0451D4CC-8159-4B1C-B2D2-423AC9DD75B3} - C:\WINDOWS\neksolda.dll
    O21 - SSODL: GenShMon - {584A6E46-8882-E543-C713-08560AAB706B} - C:\Program Files\bplczke\GenShMon.dll
    O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 10323 bytes
     

    Attached Files:

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/755663

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice