Guys I NEED your help really BADLY,

My PC was fine and running fine until this afternoon, when strangely one of my exe files went missing. I thought ok it happens since it was a game file (HL.exe) than it was most likely there was a bug so I re-installed the game and played etc. After a while it went missing again, so I checked all my other programs and to my "SURPRISE" windows browses for the target exe files and says the target cannot be found and has been moved. When I manually check inside all the program files, I see all the EXE files are GONE!

How could this be even my Virus protection software is not functioning, I have most the latest detection software like spybot S&D, trojan remover, NAV, Ad-aware, none of them caught anything, I think after a while my system is gonna be crippled.

I've been to Norton's website and downloaded various tools which describe this dangerous virus. Tools I have used are fixblast.exe, FixSirc, fixnavid.com, but to no avail the problem remains I have also tried Stinger.exe and have used the RX-Pack to remove the known viruses, it didn't help.

Any ideas at all, time is of the essence.....Please all you Techies on here, please respond. Thanks very much in advance.

What file "went missing"?
On line games?
Have you run HijackThis ?
It might find some stuff.
Post your log here.

hth
shep

The files that have gone missing are all exe file, they include: -
*CDRwin5.exe
*Regcleaner.exe
*PowerDVD.exe
*Divx player2.1.exe
*ISOBuster.exe
*quicktime Player.exe
*Paintshop Pro.exe
*Realplayer.exe
*Microsoft Office = corrupted
*NAV2002 = Malfunctioning
*HL.exe (game)
*CS.exe (game)
*GTA3.exe (game)
*GTA VC.exe (game)
*Jazz Jackrabbite 2.exe (game)
*Suddenstrike.exe (game)
*WWE RAW.exe (game)
*Zoo Tycoon.exe (game)

The list is endless, the above are just some of the programs that I have found to be affected. What's even strange is entries for ports which I blocked with my firewall have disappeared completely.

I have downloaded Hijackthis from their website and saved the log, here it is:-

Logfile of HijackThis v1.97.2
Scan saved at 01:17:31, on 18/09/2003
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
G:\PROGRA~1\NORTON~1\navapw32.exe
G:\Program Files\Pop-Up Stopper\dpps2.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
G:\Program Files\Norton Antivirus 2002\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Tiny Personal Firewall\PERSFW.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\knlwrap.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ikernel.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\Grisoft\AVG7\avgemc.exe
C:\Documents and Settings\GTA3\Desktop\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fasterinternetpro.com/start/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=:0
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - G:\Program Files\Norton Antivirus 2002\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - G:\Program Files\Norton Antivirus 2002\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {6ED7EE01-136C-4231-B663-F47354D951F1} - (no file)
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [NAV Agent] G:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [Cleanup] G:\Program Files\Complete Cleanup Trial\compind.bat
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Pop-Up Stopper] "G:\Program Files\Pop-Up Stopper\dpps2.exe"
O4 - HKLM\..\Run: [QuickTime Task] "G:\program files\QuickTime 6\qttask.exe" -atboottime
O4 - HKLM\..\Run: [kkkSrng] \Program Files\Srng\Srng.exe
O4 - HKLM\..\Run: [kkknwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [AVG7_RegCleaner] C:\PROGRA~1\Grisoft\AVG7\avgregcl.exe /BOOT
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Documents and Settings\GTA3\Desktop\FRXP\FreeRAM XP Pro 1.31.exe" -win
O4 - HKCU\..\Run: [Speaking Clock Deluxe] "G:\Program Files\Speaking Clock Deluxe\SpClDlx.exe"
O4 - HKCU\..\RunOnce: [washindex] C:\Program Files\Washer\washidx.exe "GTA3"
O4 - Startup: MemTurbo.lnk = G:\Program Files\MEM\memturbo.exe
O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://G:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Trace (HKLM)
O9 - Extra 'Tools' menuitem: VisualRoute Trace (HKLM)
O9 - Extra button: Net2Phone (HKLM)
O9 - Extra 'Tools' menuitem: Net2Phone (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37563.6183449074
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{085FAFAD-E0F8-43FB-B750-C2D190ACC036}: NameServer = 212.158.192.2,212.158.192.3

Nothing looks too scary there. Others might find more.
You might have a file association problem, if so the fix here might help. Look for "Exe File Association Fix".

Read This Post First

The Dougknox Fix Page

hth
shep

Following what I have read, it seems you have damaged the config.sys and windows.sys files.
In that case, no hesitation, to reinstall all your windows XP immediately, don't waist your time, you are not a specialist, neither I !!!

sxshep thank you for your suggestions, but it didn't help the problem is still there. I lost my internet access this morning.

Thanx "Imp" following your advice, I re-installed windows on a different drive and I can just about access the internet. I have lost access to all other programs on my computer, an "Access Denied" message pops up everytime I try, I'm confused here people what is my next step?

I was gonna back up all my files on CD, but it dawned on me that the exe files are gone so they won't work. Is there a way I can un-install the windows installation on the C drive, without accidently un-installing my new installation of Windows on the G drive...Do I HAVE to re-install all my programs again? Please ANYBODY respond, computing.net admins you are more than welcome to intervene here.

As far as I know you're gonna have to re-install all of your apps. Backup all your non application files to partition/another harddrive/cd whatever... blow your OS away and re-install it clean. Sounds to me like user error... no offence. Seems you may have done something without realizing it... or someone else in your household did. Corrupted a cfg or sys file somehow... If your worried then I suggest waiting to hear from a few more ppl here, and then decide what you want to do. If you have access to the internet from somewhere else friends/work/school then try to post there until you get fixed up, and keep your computer off as much as possible. <--that is if stuff just keeps disappearing... soon your only gonna have help files lol.

Sorry I couldn't be of more help, play the waiting game a little longer, I'm sure someone at this site will have an educated answer for you.

Good luck
~SS~