1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

no Control panel, no search files and folders Pls HELP

Discussion in 'General Security' started by dtamang, May 31, 2009.

Thread Status:
Not open for further replies.
  1. dtamang

    dtamang Thread Starter

    Joined:
    Apr 26, 2008
    Messages:
    2
    Please help me,

    my computer is infected and I can not access Control Panel, search for files and folders does not work, c:\windows\system32 is empty:

    Here is hijack this log:


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 9:13:51 PM, on 5/18/2009
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    Boot mode: Normal

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\spoolsv.exe
    C:\Apache2.2\bin\httpd.exe
    C:\WINNT\System32\svchost.exe
    C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    C:\WINNT\system32\regsvc.exe
    C:\Apache2.2\bin\httpd.exe
    C:\WINNT\Explorer.EXE
    C:\WINNT\system32\stisvc.exe
    C:\WINNT\system32\inetsrv\inetinfo.exe
    C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    D:\Program Files\AIM\aim.exe
    C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Config\smss.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant =

    http://search.bearshare.com/sidebar.html?src=ssb
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    O1 - Hosts: ::1 localhost
    O1 - Hosts: 94.232.248.66 browser-security.microsoft.com
    O1 - Hosts: 94.232.248.66 antivirprotection.com
    O1 - Hosts: 94.232.248.66 www.antivirprotection.com
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -

    C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program

    files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -

    C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O2 - BHO: Browser protection - {FB9FFB4B-9680-4256-8178-5ECDB2C19B23} -

    C:\PROGRA~1\SPYNOM~1\SNMIEG~1.DLL
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program

    Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -

    C:\WINNT\system32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program

    files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat

    7.0\Distillr\Acrotray.exe"
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop

    Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program

    Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software

    Update\HPWuSchd2.exe"
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
    O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
    O4 - HKCU\..\Run: [swg] C:\Program

    Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat

    7.0\Acrobat\AdobeUpdateManager.exe" AcPro7_0_8 -reboot 1
    O4 - HKCU\..\Run: [AIM] D:\Program Files\AIM\aim.exe -cnetwait.odl
    O4 - HKUS\S-1-5-21-1606980848-1563985344-1343024091-1000\..\Run: [Yahoo! Pager]

    "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet (User '?')
    O4 - HKUS\S-1-5-21-1606980848-1563985344-1343024091-1000\..\Run: [NBJ] "C:\Program

    Files\Ahead\Nero BackItUp\NBJ.exe" (User '?')
    O4 - HKUS\S-1-5-21-1606980848-1563985344-1343024091-1000\..\Run: [swg] C:\Program

    Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User '?')
    O4 - HKUS\S-1-5-21-1606980848-1563985344-1343024091-1000\..\Run: [updateMgr]

    "C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe" AcPro7_0_8 -reboot

    1 (User '?')
    O4 - HKUS\S-1-5-21-1606980848-1563985344-1343024091-1000\..\Run: [AIM] D:\Program

    Files\AIM\aim.exe -cnetwait.odl (User '?')
    O4 - HKUS\S-1-5-21-1606980848-1563985344-1343024091-1004\..\RunOnce:

    [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe

    /desktop (User '?')
    O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program

    Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet

    Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
    O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay

    Toolbar2\eBayTb.dll/RCSearch.html
    O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program

    Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program

    Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program

    Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert selected links to existing PDF -

    res://C:\Program Files\Adobe\Acrobat

    7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program

    Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program

    Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program

    Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert to existing PDF - res://C:\Program

    Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

    Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}

    - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
    O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program

    Files\Yahoo!\Common\ylogin.dll
    O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} -

    C:\Program Files\Yahoo!\Common\ylogin.dll
    O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program

    Files\Yahoo!\Messenger\yhexbmes0521.dll
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD}

    - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\Program

    Files\AIM\aim.exe
    O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client Control

    (redist)) - https://www.taxsimple.com/tsweb/msrdp.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.5.0_06) -
    O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) -
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -

    C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O22 - SharedTaskScheduler: IPC Configuration Utility - IPC Configuration Utility - (no

    file)
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe

    Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apache2 - Apache Software Foundation - C:\Apache2.2\bin\httpd.exe
    O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS

    Software Corp. - C:\WINNT\System32\dmadmin.exe
    O23 - Service: Ektron Extensibility Server (EktronExtensibilityServer) - Unknown owner

    - (no file)
    O23 - Service: Google Desktop Manager 5.7.806.10245

    (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop

    Search\GoogleDesktop.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program

    Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation -

    C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
    O23 - Service: QuickBooks Database Manager Service (QBCFMonitorService) - -

    C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program

    Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
    O23 - Service: QuickBooksDB17 - iAnywhere Solutions, Inc. -

    C:\PROGRA~1\Intuit\QUICKB~1\QBDBMgrN.exe
    O23 - Service: Roxio UPnP Renderer 9 - Unknown owner - C:\Program Files\Roxio\Digital

    Home 9\RoxioUPnPRenderer9.exe (file missing)
    O23 - Service: Roxio Upnp Server 9 - Unknown owner - C:\Program Files\Roxio\Digital

    Home 9\RoxioUpnpService9.exe (file missing)
    O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program

    Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program

    Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

    --
    End of file - 9305 bytes
     
  2. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    113,908
    The General Security forum is only for general questions regarding security software and things of that nature but not for actually removing malware as we have qualified helpers who are the only members who are authorized to assist with those matters. You can easily identify them as they have either a gold or blue shield beside their usernames. Please refer to this excerpt from the rules:

    I'm going to close this thread and ask you to repost in the Malware Removal & HijackThis Logs forum for the proper assistance.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Control panel search
  1. Money Pit
    Replies:
    38
    Views:
    16,317
  2. ottiliegirl
    Replies:
    3
    Views:
    6,774
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/831314

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice