Windows XP Desktop Icons

thankyou1123

Junior Member
Apr 9, 2012
5
0
0
Well, my computer suffered severe malware attacks before I received it. I actually received it for free for me to fix. After fixing it I decided to keep it for myself, it was perfectly fine. I also got Microsoft Office 2007 installed on it. No problems occurred whatsoever until one day when running Disk Cleanup a window appeared saying, "Files that are required for Windows to run properly have been replaced by unrecognized versions. To maintain system stability, Windows must restore the original versions of these files. ----Insert your Windows XP Professional CD-ROM now." [Options: Retry-More Information-Cancel]. I do not have a Windows XP CD-ROM because I fixed the computer manually, thus I cannot simply enter it and retry. So I am forced to Cancel and keep the unrecognized versions.

This was the only thing that happened and no side effects were noticable so I left it. Another couple of months passed and I got the morbid blue shut-down screen.....3 times in 1 week. I am not smart enough to know what to do in that situation so I kept working as I needed to finish some work on the computer hoping to get back to it later.

Then one day I realized that my Quick Launch Toolbar was not working (I would click the icons and nothing would happen). This was always my preferred method. So after that not working I double-clicked on my Fire Fox desktop Shortcut Icon. Nothing happened except the icon going semi-translucent. I found the only way to open programs was to right-click and click open (Not even clicking them from the start menu works). Please note that if I had a folder or PNG file on my desktop I could open it with ease, just not programs such as My Computer, Fire Fox, Internet Explorer, Windows Media Player, Etc. Even programs that I downloaded separate from Windows programs.

I did some quick Google searches and figured I had a problem with my registry. I don't have enough training to mess with any of that. So I downloaded CCleaner, ran it, cleaned everything, apparently fixed all registry problems, I downloaded an Anti-Virus program that said my computer was clean of any viruses and everything I knew to do. I even tried System Restore (Which I also had to Right-Click and open as well) but to no avail (It would run and say it was unsuccessful and that no changes were made).

I tried a Clean Boot, I tried EVERYTHING I could find on Google...thus, links to other sites/forums will most likely not be very helpful. I need help. This isn't a SERIOUS problem....yet....but it is VERY ANNOYING. If anyone could shed light on this, please do. Here is my HiJackThis File....

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:45:11 PM, on 4/8/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
CWINDOWS\System32\smss.exe
CWINDOWS\system32\winlogon.exe
CWINDOWS\system32\services.exe
CWINDOWS\system32\lsass.exe
CWINDOWS\system32\Ati2evxx.exe
CWINDOWS\system32\svchost.exe
CWINDOWS\System32\svchost.exe
CWINDOWS\system32\svchost.exe
CProgram Files\AVAST Software\Avast\AvastSvc.exe
CWINDOWS\system32\Ati2evxx.exe
CWINDOWS\system32\spoolsv.exe
CWINDOWS\Explorer.EXE
CDocuments and Settings\Owner\Local Settings\Application Data\CrossLoop\CrossLoopService.exe
CProgram Files\Java\jre6\bin\jqs.exe
CProgram Files\AVAST Software\Avast\avastUI.exe
CProgram Files\Common Files\Java\Java Update\jusched.exe
CWINDOWS\SOUNDMAN.EXE
CWINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE
cProgram Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
CWINDOWS\system32\svchost.exe
CProgram Files\DivX\DivX Update\DivXUpdate.exe
CWINDOWS\ALCWZRD.EXE
CWINDOWS\ALCMTR.EXE
CWINDOWS\AGRSMMSG.exe
CProgram Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
CWINDOWS\system32\ctfmon.exe
CWINDOWS\system32\wuauclt.exe
CProgram Files\Mozilla Firefox\firefox.exe
CProgram Files\Magical Jelly Bean\keyfinder.exe
CProgram Files\Mozilla Firefox\plugin-container.exe
CProgram Files\Mozilla Firefox\plugin-container.exe
CProgram Files\Google\Update\GoogleUpdate.exe
Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe
CDocuments and Settings\Owner\My Documents\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpr...9-7775CA0B3F26}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpr...9-7775CA0B3F26}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - CProgram Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - CProgram Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - CProgram Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: HrefNewTabBHO - {9EE1A6E7-E822-4D0E-9664-815F94B00373} - CDocuments and Settings\Owner\Local Settings\Application Data\EpicNewTab\HrefIENewTab.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - CProgram Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Facebackgrounds BHO - {B11CBDA9-6702-469E-9CE1-64E3971A6B44} - CDocuments and Settings\Owner\Local Settings\Application Data\EpicAssistants\fb.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - CProgram Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - CProgram Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: TravelGraspBHO - {F1813754-5468-41D5-BB9F-A922BBB20399} - CDocuments and Settings\Owner\Local Settings\Application Data\EpicAssistants\TravelGrasp.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - CProgram Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O3 - Toolbar: (no name) - {b278d9f8-0fa9-465e-9938-0c392605d8e3} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - CProgram Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "CProgram Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "CProgram Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "CProgram Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "CProgram Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PHIME2002ASync] CWINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] CWINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IMJPMIG8.1] "CWINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [EPSON Stylus CX3800 Series] CWINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE /P26 "EPSON Stylus CX3800 Series" /O6 "USB001" /M "Stylus CX3800"
O4 - HKLM\..\Run: [DivXUpdate] "CProgram Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [APSDaemon] "CProgram Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] CPROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "CProgram Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "CProgram Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CrossRiderPlugin] CProgram Files\CrossriderWebApps\Crossrider.exe
O4 - HKCU\..\Run: [ctfmon.exe] CWINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Wisdom-soft AutoScreenRecorder 3.1 Free] 0
O4 - HKCU\..\Run: [Weather] CProgram Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [Skype] "CProgram Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [RockMelt Update] "CDocuments and Settings\Owner\Local Settings\Application Data\RockMelt\Update\RockMeltUpdate.exe" /c
O4 - HKCU\..\Run: [Google Update] "CDocuments and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [epic] CProgram Files\Epic\epic.exe
O4 - HKCU\..\Run: [chromium] CDocuments and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe --no-startup-window
O4 - HKCU\..\Run: [Aim] "CProgram Files\AIM\aim.exe" /d locale=en-US
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] CWINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] CWINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] CWINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] CWINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = CProgram Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: USB Link Speed & Distance System.lnk = ?
O4 - Global Startup: Lunascape6.lnk = CProgram Files\Lunascape\Lunascape6\Luna.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://CPROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - CPROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - CPROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - CPROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - CWINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - CWINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - CProgram Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - CProgram Files\Messenger\msmsgs.exe
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - CProgram Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - CWINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - CWINDOWS\system32\browseui.dll
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - CProgram Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - CWINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - CWINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - CProgram Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: CrossLoop Service (CrossLoopService) - CrossLoop - CDocuments and Settings\Owner\Local Settings\Application Data\CrossLoop\CrossLoopService.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - CProgram Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - CProgram Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - CProgram Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - CProgram Files\Java\jre6\bin\jqs.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - CWINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - CDocuments and Settings\Owner\Local Settings\Application Data\CrossLoop\tvnserver.exe

--
End of file - 10608 bytes

It saw C:\\ as a smiley so I had to delete all of the smileys to get it from 95 images to under 10 images. :\ So if you see a 'C' in front of something it means my C drive.


Thank you so much....

-Thankyou1123
~Apologist Of Christ~ || ~Jeremiah 1:7-8 ; Habakkuk 1:5~
 

VirtualLarry

No Lifer
Aug 25, 2001
56,572
10,207
126
have you tried downloading and burning a bootable CD-ROM image of hard drive mfg's diagnostics utils for DOS?

You download the ISO image, burn it (IMGBURN is free and works well), and boot off of it. It will scan your HD for errors.

It sounds almost like your HD is failing to me.

Either that, or you have some sort of wicked virus.
 

Matt1970

Lifer
Mar 19, 2007
12,320
3
0
There is spyware known to do just that. Anti-exe. Considering that you had all that happen before it may be time for a good format & reload.
 

thankyou1123

Junior Member
Apr 9, 2012
5
0
0
have you tried downloading and burning a bootable CD-ROM image of hard drive mfg's diagnostics utils for DOS?

You download the ISO image, burn it (IMGBURN is free and works well), and boot off of it. It will scan your HD for errors.

Hmm....sounds like it might work....only thing is, I don't know what you're talking about. :D I'm not THAT smart yet.... Hahaha. If you could put it in civilian terms I would appreciate it. Also not sure if I have the equipment and such.

Thanks for replying.

Thank you so much....

-Thankyou1123
~Apologist Of Christ~ || ~Jeremiah 1:7-8 ; Habakkuk 1:5~