Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

XP Home Boots but No Icons


  • This topic is locked This topic is locked
3 replies to this topic

#1 maf5433

maf5433

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 20 March 2009 - 02:40 PM

My computer won't allow me to save the DDS Notepad file. So, just copied it below. Also, did not know how to link to my previous post of today with the Hijackthis Analisis. Did the best I could. I appreciate your help very much...

//Edit: Link is here http://www.bleepingcomputer.com/forums/ind...p;#entry1185452

"UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-03-16.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 12/22/2002 1:52:49 AM
System Uptime: 3/20/2009 10:29:33 AM (2 hours ago)

Motherboard: Dell Computer Corporation | | Inspiron 4150
Processor: Mobile Intel® Pentium® 4 - M CPU 1.70GHz | Microprocessor | 1185/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 28 GiB total, 10.496 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 3Com 3C920 Integrated Fast Ethernet Controller (3C905C-TX Compatible)
Device ID: PCI\VEN_10B7&DEV_9200&SUBSYS_012A1028&REV_78\4&139E449D&0&00F0
Manufacturer: 3Com
Name: 3Com 3C920 Integrated Fast Ethernet Controller (3C905C-TX Compatible)
PNP Device ID: PCI\VEN_10B7&DEV_9200&SUBSYS_012A1028&REV_78\4&139E449D&0&00F0
Service: EL90Xbc

Class GUID: {36FC9E60-C465-11CF-8056-444553540000}
Description: NEC PCI to USB Open Host Controller
Device ID: PCI\VEN_1033&DEV_0035&SUBSYS_A50019CD&REV_43\5&1A7313E&0&0109F0
Manufacturer: NEC
Name: NEC PCI to USB Open Host Controller
PNP Device ID: PCI\VEN_1033&DEV_0035&SUBSYS_A50019CD&REV_43\5&1A7313E&0&0109F0
Service: usbohci

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: PANTECH PC Card WWAN Controller
Device ID: USB\VID_106C&PID_3702&MI_02\8&29354318&0&8515
Manufacturer: PANTECH CO, LTD.
Name: PANTECH PC Card WWAN Controller
PNP Device ID: USB\VID_106C&PID_3702&MI_02\8&29354318&0&8515
Service: PTDCWWAN

==== System Restore Points ===================

RP217: 12/24/2008 11:58:28 AM - Software Distribution Service 3.0
RP218: 12/29/2008 7:23:37 PM - System Checkpoint
RP219: 12/30/2008 8:35:24 PM - System Checkpoint
RP220: 1/1/2009 11:53:59 AM - System Checkpoint
RP221: 1/2/2009 4:10:01 PM - System Checkpoint
RP222: 1/4/2009 9:45:17 PM - System Checkpoint
RP223: 1/5/2009 10:03:39 PM - System Checkpoint
RP224: 1/7/2009 5:22:14 PM - System Checkpoint
RP225: 1/8/2009 4:19:01 PM - Spybot-S&D Spyware removal
RP226: 1/9/2009 11:45:56 PM - System Checkpoint
RP227: 1/11/2009 12:17:17 AM - System Checkpoint
RP228: 1/12/2009 1:23:17 AM - System Checkpoint
RP229: 1/13/2009 1:27:46 PM - System Checkpoint
RP230: 1/14/2009 1:40:51 PM - System Checkpoint
RP231: 1/14/2009 8:13:41 PM - Software Distribution Service 3.0
RP232: 1/15/2009 7:22:19 AM - Removed Ad-Aware 2007
RP233: 1/16/2009 4:37:13 PM - System Checkpoint
RP234: 1/18/2009 1:43:58 AM - System Checkpoint
RP235: 1/19/2009 12:29:46 PM - System Checkpoint
RP236: 1/20/2009 4:22:06 PM - System Checkpoint
RP237: 1/21/2009 8:31:18 PM - System Checkpoint
RP238: 1/22/2009 8:47:37 PM - System Checkpoint
RP239: 1/23/2009 8:51:49 PM - System Checkpoint
RP240: 1/26/2009 1:36:19 PM - System Checkpoint
RP241: 1/27/2009 8:56:50 PM - System Checkpoint
RP242: 1/29/2009 10:26:53 PM - System Checkpoint
RP243: 2/2/2009 6:14:02 PM - System Checkpoint
RP244: 2/5/2009 9:45:15 AM - System Checkpoint
RP245: 2/6/2009 10:23:36 AM - System Checkpoint
RP246: 2/7/2009 4:14:42 PM - System Checkpoint
RP247: 2/8/2009 5:22:08 PM - System Checkpoint
RP248: 2/10/2009 4:49:01 PM - System Checkpoint
RP249: 2/12/2009 8:39:28 AM - Software Distribution Service 3.0
RP250: 2/15/2009 5:08:06 PM - System Checkpoint
RP251: 2/17/2009 1:33:26 PM - System Checkpoint
RP252: 2/24/2009 2:15:48 PM - System Checkpoint
RP253: 2/24/2009 10:57:22 PM - Software Distribution Service 3.0
RP254: 2/26/2009 6:49:59 PM - System Checkpoint
RP255: 3/1/2009 12:40:05 PM - System Checkpoint
RP256: 3/2/2009 9:13:15 PM - System Checkpoint
RP257: 3/3/2009 10:20:01 PM - System Checkpoint
RP258: 3/4/2009 7:12:00 PM - Spybot-S&D Spyware removal
RP259: 3/5/2009 7:37:16 PM - System Checkpoint
RP260: 3/8/2009 8:38:56 PM - System Checkpoint
RP261: 3/13/2009 1:43:54 PM - Software Distribution Service 3.0
RP262: 3/15/2009 1:37:32 PM - System Checkpoint
RP263: 3/16/2009 3:48:49 PM - System Checkpoint
RP264: 3/18/2009 10:29:50 AM - System Checkpoint
RP265: 3/19/2009 12:00:02 PM - System Checkpoint
RP266: 3/19/2009 8:11:27 PM - Removed SofTest
RP267: 3/19/2009 8:16:35 PM - Removed QuickTime
RP268: 3/20/2009 9:20:44 AM - Restore Operation
RP269: 3/20/2009 9:29:59 AM - Restore Operation

==== Installed Programs ======================

Actiontec MD56ORD V92 MDC Modem
Adobe Acrobat 5.0
Adobe Flash Player 10 ActiveX
Adobe Photoshop Album 2.0 Starter Edition
Adobe Reader 7.0.9
AntsDownloader
AppCore
Apple Software Update
ATI Display Driver
ccCommon
CCleaner (remove only)
Compatibility Pack for the 2007 Office system
Component Framework
Dell Solution Center
EPSON Printer Software
FranklinCovey PlanPlus for Microsoft® Outlook®
Google Toolbar for Internet Explorer
GoToAssist 8.0.0.480
Help and Support Customization
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB952287)
iPod for Windows 2006-03-23
iPod Update 2004-04-28
iTunes
Java™ 6 Update 11
Java™ 6 Update 2
Java™ 6 Update 5
Java™ 6 Update 7
LimeWire 4.16.6
LiveUpdate (Symantec Corporation)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Media Content
Microsoft Office XP Professional
Microsoft Office XP Professional with FrontPage
Microsoft Publisher 2002
Microsoft Visual C++ 2005 Redistributable
MINOLTA-QMS PagePro 1250W
Modem Helper
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
Norton AntiVirus
Norton AntiVirus (Symantec Corporation)
Norton AntiVirus Help
Norton Protection Center
PANTECH PC Card Software
RealPlayer
Registry Mechanic
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
SPBBC 32bit
Spybot - Search & Destroy
Spybot - Search & Destroy 1.5.2.20
Symantec Real Time Storage Protection Component
Symantec Technical Support Web Controls
SymNet
Synaptics Pointing Device Driver
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Viewpoint Media Player
VitalSource Bookshelf
VZAccess Manager
WebEx
WebFldrs XP
Winamp (remove only)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows XP Service Pack 3
Yahoo! Toolbar

==== End Of File ==========================="

Edited by KoanYorel, 20 March 2009 - 03:29 PM.


BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:06:34 AM

Posted 20 March 2009 - 05:49 PM

Hello maf5433,

Welcome to BC HijackThis forum. I am farbar. I am going to assist you with your problem.

Please refrain from making any changes to your system (updating Windows, installing applications, removing files, etc.) from now on as it might prolong handling your log and make the job for both of us more difficult.

Note: Your log(s) show that you are using so called peer-to-peer or file-sharing programs. We are not here to pass judgment on file-sharing as a concept. But file-sharing is used to infect users as tremendous amount of prospective victims can be reached through it.

It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."


Removal Instructions

Other than boot problem I see traces of malware on your computer. We are going to resolve the boot problem and then clean the malware.
  • After booting when the walpaper appeared:
    • Press Ctrl+Alt+Del to open the Task Manager.
    • Under File menu select New Task (Run ...).
    • Type in explorer and click OK.
  • Open a notepad (Start > Run and type in Notepad ) make sure the wordwrap under Format menu is not selected.
    Copy and paste the text in code box into it.

    Windows Registry Editor Version 5.00
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "Shell"="Explorer.exe"
    • Save the file to the desktop as regfix.reg
    • Make sure the Save as type field says All files.
    • Locate regfix.reg on the desktop and double-click on it and confirm.
    • A window pops up asking if you are sure to add the file to the registry. Click Yes.
    • You get another window popup saying that regfix.reg successfully added to the registry.
    Note: You have to turn off any registry protector software you have in order the changes to be taken place.

  • Now reboot you computer and tell me if it boot normally.

  • To get an idea about the current condition of you computer download random's system information tool (RSIT) by random/random from here and save it to your desktop.
    • Double click on RSIT.exe to run RSIT.
    • Set the list of files/folders created to 3 Months and click Continue at the disclaimer screen.
    • Once it has finished, two logs will open.
    • log.txt (<<will be maximized)
    • info.txt (<<will be minimized).
  • Please copy and paste the content of just log.txt to your reply. No need for info.txt

    Note 1: If you have difficulty finding the log, the logs is in this folder: C:\rsit

    Note 2: The tool takes not more than one minute to scan the system.
You might want to save this page on your favorites, so you can find it again when you return.

Edited by farbar, 20 March 2009 - 05:49 PM.


#3 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:06:34 AM

Posted 23 March 2009 - 01:56 PM

Is anybody there?

#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:06:34 AM

Posted 24 March 2009 - 02:16 PM

This thread will now be closed due to lack of activity.


If you still have an issue, please start a new topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users