I had the same issue as this person, with the whole wallpaper being this one:
I don't know what's going on, but I'm pretty sure some virus is lurking around, just messing around with me. I originally found out that there was a virus when Norton told me that a virus generically named "Trojan Horse" was installed, and that it could not remove it. There was no specific name for it, so I decided to run it in safe mode...but, it seemed like some of the spyware was still able to execute even through safe mode. And NOW, I've tried booting my computer up again, and I can't even ACCESS it. Like, I'll try and go into safe mode, and I'll put in my password to enter Windows, and it'll just show me the Safe Mode black wallpaper, and then it will log me out. Luckily, I was able to get an HJT log before this whole log-in and then log-out session started...
Any suggestions?
Anyways, here's my HJT log.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:00:03 PM, on 12/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Documents and Settings\Corey\Desktop\remover.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Corey\Desktop\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://spacepyro.proboards25.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = SpacePyro Inc.
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=explorer.exe
F2 - REG:system.ini: UserInit=c:\windows\system32\lpcywinp.exe,c:\windows\system32\userinit.exe,
O1 - Hosts: 194.54.90.238 http://www.google.com
O1 - Hosts: 194.54.90.238 http://www.google.ca
O1 - Hosts: 194.54.90.238 http://www.google.com.ag
O1 - Hosts: 194.54.90.238 http://www.google.com.ar
O1 - Hosts: 194.54.90.238 http://www.google.com.au
O1 - Hosts: 194.54.90.238 http://www.google.at
O1 - Hosts: 194.54.90.238 http://www.google.az
O1 - Hosts: 194.54.90.238 http://www.google.be
O1 - Hosts: 194.54.90.238 http://www.google.com.br
O1 - Hosts: 194.54.90.238 http://www.google.vg
O1 - Hosts: 194.54.90.238 http://www.google.bi
O1 - Hosts: 194.54.90.238 http://www.google.ca
O1 - Hosts: 194.54.90.238 http://www.google.td
O1 - Hosts: 194.54.90.238 http://www.google.cl
O1 - Hosts: 194.54.90.238 http://www.google.com.co
O1 - Hosts: 194.54.90.238 http://www.google.co.cr
O1 - Hosts: 194.54.90.238 http://www.google.dk
O1 - Hosts: 194.54.90.238 http://www.google.com.do
O1 - Hosts: 194.54.90.238 http://www.google.fm
O1 - Hosts: 194.54.90.238 http://www.google.fi
O1 - Hosts: 194.54.90.238 http://www.google.fr
O1 - Hosts: 194.54.90.238 http://www.google.gm
O1 - Hosts: 194.54.90.238 http://www.google.ge
O1 - Hosts: 194.54.90.238 http://www.google.de
O1 - Hosts: 194.54.90.238 http://www.google.com.gi
O1 - Hosts: 194.54.90.238 http://www.google.com.gr
O1 - Hosts: 194.54.90.238 http://www.google.gl
O1 - Hosts: 194.54.90.238 http://www.google.gg
O1 - Hosts: 194.54.90.238 http://www.google.co.il
O1 - Hosts: 194.54.90.238 http://www.google.it
O1 - Hosts: 194.54.90.238 http://www.google.co.kr
O1 - Hosts: 194.54.90.238 http://www.google.lu
O1 - Hosts: 194.54.90.238 http://www.google.mw
O1 - Hosts: 194.54.90.238 http://www.google.ro
O1 - Hosts: 194.54.90.238 http://www.google.se
O1 - Hosts: 194.54.90.238 http://www.google.co.uk
O1 - Hosts: 194.54.90.238 http://www.google.uz
O1 - Hosts: 194.54.90.238 google.com
O1 - Hosts: 194.54.90.238 google.ca
O1 - Hosts: 194.54.90.238 google.com.ag
O1 - Hosts: 194.54.90.238 google.com.ar
O1 - Hosts: 194.54.90.238 google.com.au
O1 - Hosts: 194.54.90.238 google.at
O1 - Hosts: 194.54.90.238 google.az
O1 - Hosts: 194.54.90.238 google.be
O1 - Hosts: 194.54.90.238 google.com.br
O1 - Hosts: 194.54.90.238 google.vg
O1 - Hosts: 194.54.90.238 google.bi
O1 - Hosts: 194.54.90.238 google.ca
O1 - Hosts: 194.54.90.238 google.td
O1 - Hosts: 194.54.90.238 google.cl
O1 - Hosts: 194.54.90.238 google.com.co
O1 - Hosts: 194.54.90.238 google.co.cr
O1 - Hosts: 194.54.90.238 google.dk
O1 - Hosts: 194.54.90.238 google.com.do
O1 - Hosts: 194.54.90.238 google.fm
O1 - Hosts: 194.54.90.238 google.fi
O1 - Hosts: 194.54.90.238 google.fr
O1 - Hosts: 194.54.90.238 google.gm
O1 - Hosts: 194.54.90.238 google.ge
O1 - Hosts: 194.54.90.238 google.de
O1 - Hosts: 194.54.90.238 google.com.gi
O1 - Hosts: 194.54.90.238 google.com.gr
O1 - Hosts: 194.54.90.238 google.gl
O1 - Hosts: 194.54.90.238 google.gg
O1 - Hosts: 194.54.90.238 google.co.il
O1 - Hosts: 194.54.90.238 google.it
O1 - Hosts: 194.54.90.238 google.co.kr
O1 - Hosts: 194.54.90.238 google.lu
O1 - Hosts: 194.54.90.238 google.mw
O1 - Hosts: 194.54.90.238 google.ro
O1 - Hosts: 194.54.90.238 google.se
O1 - Hosts: 194.54.90.238 google.co.uk
O1 - Hosts: 194.54.90.238 google.uz
O1 - Hosts: 194.54.90.238 search.yahoo.com
O1 - Hosts: 194.54.90.238 de.search.yahoo.com
O1 - Hosts: 194.54.90.238 search.msn.com
O1 - Hosts: 194.54.90.238 search.msn.de
O1 - Hosts: 194.54.90.238 search.live.com
O1 - Hosts: Ðmìð«7‘
O2 - BHO: (no name) - {029e02f0-a0e5-4b19-b958-7bf2db29fb13} - (no file)
O2 - BHO: (no name) - {6abc861a-31e7-4d91-b43b-d3c98f22a5c0} - (no file)
O2 - BHO: (no name) - {a4a435cf-3583-11d4-91bd-0048546a1450} - (no file)
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {c2680e10-1655-4a0e-87f8-4259325a84b7} - (no file)
O2 - BHO: (no name) - {c4ca6559-2cf1-48b6-96b2-8340a06fd129} - (no file)
O2 - BHO: (no name) - {d8efadf1-9009-11d6-8c73-608c5dc19089} - (no file)
O2 - BHO: (no name) - {e9306072-417e-43e3-81d5-369490beef7c} - (no file)
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe
O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKLM\..\Run: [dmnmdwta] regsvr32 /u "C:\Documents and Settings\All Users\Application Data\dmnmdwta.dll"
O4 - HKLM\..\Run: [ChkDsk32] C:\DOCUME~1\Corey\LOCALS~1\Temp\ssmmt.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [AlphaXP] "C:\Program Files\ZeroHero Software\AlphaXP\AlphaXP.exe"
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Hide IP Platinum] C:\Program Files\Hide IP Platinum\hideippla.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_01] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_02] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_03] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_01] cmd.exe /c md "%USERPROFILE%\Local Settings\Temp" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Task Manager.lnk = C:\WINDOWS\system32\taskmgr.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: AccountLogon - C:\WINDOWS\al-popup-corey.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: AccountLogon - {1CB13C88-96B6-11d6-9AF5-D12D26EE1F36} - C:\WINDOWS\al-popup-corey.html (HKCU)
O9 - Extra 'Tools' menuitem: AccountLogon - {1CB13C88-96B6-11d6-9AF5-D12D26EE1F36} - C:\WINDOWS\al-popup-corey.html (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - http://mediaplayer.walmart.com/installer/install.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O20 - AppInit_DLLs: interceptor.dll c:\progra~1\google\google~2\goec62~1.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O21 - SSODL: Adobe Photoshop 7.0 - {CAB80D90-55AF-2EF3-F0B2-8A80FE927D04} - c:\program files\adobe\photoshop 7.0\wcbnu3.dll
O22 - SharedTaskScheduler: IE Component Categories cache daemon - {553858A7-4922-4e7e-B1C1-97140C1C16EF} - C:\WINDOWS\system32\ieframe.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MaxBackServiceInt - Unknown owner - C:\Program Files\Maxtor\Maxtor Backup\MaxBackServiceInt.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NTBOOTMGR (NTBOOT) - Unknown owner - C:\WINDOWS\SYSTEM\DRIVER\ntuser.exe (file missing)
O23 - Service: NTLOAD - Unknown owner - C:\WINDOWS\SYSTEM\DRIVER\ntsrv.exe (file missing)
O23 - Service: MaxSyncService (NTService1) - - C:\Program Files\Maxtor\OneTouch\Utils\SyncServices.exe
O23 - Service: NTSVCMGR - Unknown owner - C:\WINDOWS\SYSTEM\DRIVER\ntsrv.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe