|
| ||
| What keeps eating Windows Explorer? Okay. I've been regularly running two different virus programs, Panda Titanium 2007 and Trend Micro Housecall. I've also been regularly scanning with Ad-Aware. Something got through. The problem doesn't happen all the time but it's consistent enough that I finally realized it wasn't just a random computer hiccup. Sometimes when I try to open My Computer, My Documents or any related action or try to run a search, the computer pauses. Then everything -- all the icons on my desktop and the entire Windows Start Bar -- vanishes. It lasts a couple of seconds then everything comes back, no problems. Any other programs I was running are still there and working fine. But my folder hasn't come up or my search is gone. This has even affected CTRL+ALT+DEL. I've d/led and scanned with SpyBot. I'm not sure how much it fixed. The problem seemed to have gone away but now it's definitely back. It seems to have come down a couple of months ago when I d/led an updated to Trillian. Here's my Hijack This log: Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 2:35:17 PM, on 11/24/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\AVENGINE.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe C:\Program Files\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsCtrls.EXE C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe c:\program files\panda software\panda antivirus + firewall 2007\firewall\PSHOST.EXE C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\ApvxdWin.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\PROGRA~1\LEXMAR~1\ACMonitor_X84-X85.exe C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X84-X85.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\explorer.exe C:\Program Files\OpenOffice.org 2.1\program\soffice.exe C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\WebProxy.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\HiJackThis_v2.exe C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\avciman.exe C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\psimreal.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.ca/myway R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gmail.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.ca/myway R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.ca/myway R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.screensavers.com/landing/.../dynapage.html O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [Lexmark X84-X85 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X84-X85.exe O4 - HKLM\..\Run: [Lexmark X84-X85 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X84-X85.exe O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe /autorun O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [PPFW] c:\program files\panda software\panda antivirus + firewall 2007\firewall\PPFW.EXE PPFW.EXE /cmd:allowpandarules /prod:titanium /mod:3 /flg:2 /ver:6.1.0 O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Word\Office\OSA9.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.5) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...9/mcinsctl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1127433792562 O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Trend Micro ActiveX Scan Agent 6.5) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/sh...26/mcgdmgr.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab O16 - DPF: {E3E02F12-2ADB-478C-8742-5F0819F9F0F4} (Quantum Streaming IE VersionManager Class) - http://qmedia.xlontech.net/100170/sd...ie06041001.cab O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Ad-Aware 2007\aawservice.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Sony SPTI Service for DVE (ICDSPTSV) - Sony Corporation - C:\WINDOWS\system32\IcdSptSv.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsCtrls.EXE O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files\panda software\panda antivirus + firewall 2007\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe I'm seriously thinking of just backing up and reformatting. We've tried to apply some of the solutions I've seen elsewhere on this forum but, among other things, we can't seem to get the computer to boot in Safe Mode. I would greatly appreciate any help. |
| ||
| Re: What keeps eating Windows Explorer? For a one-off restart into Safe Mode go Start, run, enter msconfig; under Boot.ini tab check /Safeboot, Apply, Close, select Restart. You could run this to give us a look at recent files and a few other settings.. ==Download this file to your desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe - to run it dclick combofix.exe and follow the prompts to start it. When finished, it will produce a log, C:\Combofix.txt - post that log in your next reply. A word of caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs reboot to restore the desktop. Other than that it appears that some registrations have been corrupted; I would try a Repair of Windows via the Setup on your installation CD. |
| ||
| Re: What keeps eating Windows Explorer? ((((((((((((((((((((((((( Files Created from 2007-10-25 to 2007-11-25 ))))))))))))))))))))))))))))))) . 2007-11-24 14:31 1,308,216 --a------ C:\Program Files\HiJackThis_v2.exe 2007-11-07 19:56 532,480 --a------ C:\Program Files\cwshredder.exe 2007-11-07 19:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-11-07 19:00 7,467,056 --a------ C:\Program Files\spybotsd15.exe 2007-11-07 18:49 <DIR> d-------- C:\Program Files\SpywareBlaster 2007-11-07 18:49 115,920 --a------ C:\WINDOWS\system32\MSINET.OCX 2007-11-07 18:48 2,566,736 --a------ C:\Program Files\spywareblastersetup351.exe 2007-11-07 18:35 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2007-11-07 18:32 <DIR> d-------- C:\WINDOWS\system32\DRVSTORE 2007-11-07 18:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple 2007-11-07 18:25 <DIR> d-------- C:\WINDOWS\LastGood(2) . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-11-25 19:34 295,096 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT.bck 2007-11-25 19:34 295,096 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT 2007-11-25 19:34 1,204 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG.bck 2007-11-25 19:34 1,204 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG 2007-11-25 19:34 --------- d-----w C:\Documents and Settings\Heather\Application Data\OpenOffice.org2 2007-11-24 19:35 10,479 ----a-w C:\Program Files\hijackthis.log 2007-11-21 17:28 --------- d-----w C:\Program Files\Juno 2007-11-18 21:00 --------- d-----w C:\Program Files\Trillian 2007-11-07 23:37 --------- d-----w C:\Program Files\Ad-Aware 2007 2007-11-07 23:35 --------- d-----w C:\Program Files\Games 2007-11-07 23:35 --------- d-----w C:\Program Files\Forgotten Riddles - The Mayan Princess 2007-11-07 23:35 --------- d-----w C:\Program Files\Dream Day Honeymoon 2007-11-07 23:35 --------- d-----w C:\Program Files\bfgclient 2007-11-07 23:35 --------- d-----w C:\Documents and Settings\Heather\Application Data\HouseCall 6.6 2007-11-07 23:34 --------- d-----w C:\Program Files\FastStone Image Viewer 2007-11-07 23:34 --------- d-----w C:\Program Files\Common Files\Panda Software 2007-11-07 23:33 --------- d-----w C:\Program Files\QuickTime 2007-11-07 23:33 --------- d-----w C:\Program Files\iTunes 2007-11-07 23:33 --------- d-----w C:\Program Files\iPod 2007-11-07 23:27 --------- d-----w C:\Program Files\LexmarkX84-X85 2007-10-26 03:36 8,454,656 ------w C:\WINDOWS\system32\dllcache\shell32.dll 2007-10-23 14:44 --------- d-----w C:\Program Files\Java 2007-10-10 02:55 --------- d-----w C:\Documents and Settings\Heather\Application Data\ForgottenRiddles 2007-10-03 22:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\BigFishGamesCache 2007-09-19 02:49 3,605,992 ----a-w C:\Program Files\FSViewerSetup32.exe 2007-09-07 12:11 63,024 ----a-w C:\WINDOWS\system32\pavipc.dll 2007-09-07 12:11 292,400 ----a-w C:\WINDOWS\system32\PavSHook.dll 2007-09-07 12:11 161,328 ----a-w C:\WINDOWS\system32\TpUtil.dll 2007-07-25 02:27 9,679,815 ----a-w C:\Program Files\vlc-0.8.6c-win32.exe 2007-07-18 01:44 20,256,064 ----a-w C:\Program Files\QuickTimeInstaller.exe 2007-06-30 23:11 17,896,352 ----a-w C:\Program Files\aaw2007.exe 2007-03-10 01:51 24,187,080 ----a-w C:\Program Files\T07nt.exe 2007-03-06 17:30 37,844,544 ----a-w C:\Program Files\iTunesSetup.exe 2007-02-25 15:35 98,554,909 ----a-w C:\Program Files\OOo_2.1.0_Win32Intel_install_en-US.exe 2007-02-24 22:46 6,006,304 ----a-w C:\Program Files\Firefox Setup 2.0.0.2.exe 2006-12-07 03:04 2,599,088 ----a-w C:\Program Files\Shockwave_Installer_Slim.exe 2006-11-30 15:14 56,558,505 ----a-w C:\Program Files\openofficeorg3.cab 2006-11-30 15:14 3,293,185 ----a-w C:\Program Files\openofficeorg4.cab 2006-11-30 15:08 15,519,065 ----a-w C:\Program Files\openofficeorg2.cab 2006-11-30 15:07 18,169,081 ----a-w C:\Program Files\openofficeorg1.cab 2006-11-30 15:05 5,294,592 ----a-w C:\Program Files\openofficeorg21.msi 2006-11-30 15:05 217 ----a-w C:\Program Files\setup.ini 2006-11-13 16:31 315,392 ----a-w C:\Program Files\setup.exe 2006-01-18 18:00 6,974,864 ----a-w C:\Program Files\serif_ph55preloader.exe 2006-01-05 21:18 774,144 ----a-w C:\Program Files\RngInterstitial.dll 2005-12-17 20:10 36,081,152 ----a-w C:\Program Files\titan6shuk.exe 2002-03-11 09:06 1,822,520 ----a-w C:\Program Files\instmsiw.exe 2002-03-11 08:45 1,708,856 ----a-w C:\Program Files\instmsia.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:24] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-03 12:12] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 19:42] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11] "DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 16:19] "ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 16:50] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 16:50] "DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 01:02] "Lexmark X84-X85 Button Monitor"="C:\PROGRA~1\LEXMAR~1\ACMonitor_X84-X85.exe" [2002-08-01 14:20] "Lexmark X84-X85 Button Manager"="C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X84-X85.exe" [2002-09-04 10:36] "PrinTray"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe" [2002-09-18 22:52] "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2005-05-31 04:33] "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-09-20 09:35] "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-09-20 09:32] "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-09-20 09:36] "Samsung PanelMgr"="C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe" [2005-10-31 06:20] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-09-09 13:03] "APVXDWIN"="C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.exe" [2007-03-30 14:52] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 10:09] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-07-31 17:44] "PPFW"="c:\program files\panda software\panda antivirus + firewall 2007\firewall\PPFW.exe" [2007-04-02 17:52] C:\Documents and Settings\Heather\Start Menu\Programs\Startup\ OpenOffice.org 2.1.lnk - C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe [2006-11-27 16:45:48] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26] Microsoft Office.lnk - C:\Program Files\Word\Office\OSA9.EXE [1999-02-17 15:05:56] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr] avldr.dll 2007-02-15 18:02 50736 C:\WINDOWS\system32\avldr.dll R1 APPFLT;App Filter Plugin;\??\C:\WINDOWS\system32\Drivers\APPFLT.SYS R1 DSAFLT;DSA Filter Plugin;\??\C:\WINDOWS\system32\Drivers\DSAFLT.SYS R1 FNETMON;NetMon Filter Plugin;\??\C:\WINDOWS\system32\Drivers\fnetmon.SYS R1 IDSFLT;Ids Filter Plugin;\??\C:\WINDOWS\system32\Drivers\IDSFLT.SYS R1 NETFLTDI;Panda Net Driver [TDI Layer];\??\C:\WINDOWS\system32\Drivers\NETFLTDI.SYS R1 ShldDrv;Panda File Shield Driver;\??\C:\WINDOWS\system32\DRIVERS\ShlDrv51.sys R1 SMSFLT;SMS Filter Plugin;\??\C:\WINDOWS\system32\Drivers\SMSFLT.SYS R1 WNMFLT;Wifi Monitor Filter Plugin;\??\C:\WINDOWS\system32\Drivers\WNMFLT.SYS R2 cpoint;Panda CPoint Driver;C:\WINDOWS\system32\Drivers\cpoint.sys R2 PavProc;Panda Process Protection Driver;\??\C:\WINDOWS\system32\DRIVERS\PavProc.sys R3 AvFlt;Antivirus Filter Driver;C:\WINDOWS\system32\drivers\av5flt.sys R3 NETIMFLT;PANDA NDIS IM Filter Miniport;C:\WINDOWS\system32\DRIVERS\netimflt.sys R3 PavSRK.sys;PavSRK.sys;\??\C:\WINDOWS\system32\PavSRK.sys R3 PavTPK.sys;PavTPK.sys;\??\C:\WINDOWS\system32\PavTPK.sys *Newly Created Service* - CATCHME . Contents of the 'Scheduled Tasks' folder "2007-08-11 12:19:04 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2005-09-19 21:15:10 C:\WINDOWS\Tasks\ISP signup reminder 1.job" - C:\WINDOWS\system32\OOBE\oobebaln.exe . ************************************************************************** catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-11-25 15:17:43 Windows 5.1.2600 Service Pack 2 NTFS detected NTDLL code modification: ZwEnumerateKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-11-25 15:19:30 . --- E O F --- |
| ||
| Re: What keeps eating Windows Explorer? Thank you for helping me. ^_^ I tried the repair option from my Windows Installation CD but I think it requires more computer knowledge than I have. I got as far as the command prompt but I had no idea where to go from there. |
| ||
| Re: What keeps eating Windows Explorer? Ah, a common misinterpretation of Microsoft's options, Heather - you entered Recovery Console, and you don't want that. At that point in the process instead of typing R press Enter to start Windows Setup [Repair is a mini version of installation] => To setup Windows XP now, press Enter. Next comes the license agreement, you will then be presented with a list of installations to choose from to repair [usually just the one installation...]. Select your installation and type R. If Repair is not shown as an option then exit Setup, DO NOT "continue to install a fresh copy without repairing" or you will lose data and applications. Setup will copy files etc and then reboot your computer. Don't boot again from the CD by pressing any key when the message appears, just wait a moment and your machine will restart. Enable your firewall [ or windows firewall is sufficient at this time] and validate your XP. Say how you get on. |
| ||
| Re: What keeps eating Windows Explorer? I ran the Windows Repair thing like you said (thank you for clearing that up for me) but the problem's still there. I clicked on "Control Panel" so I could remove my husband's account from the computer (since he doesn't use mine anymore) and again everything but the background vanished and came back and Control Panel never opened. |
| ||
| Re: What keeps eating Windows Explorer? Heather, a windows Repair replaces windows files and restores its registry settings, third party software files and reg entries are not affected so I think the problem may lie in that direction.... Because you mention Trillian it may be worth searching for and deleting these two WildTangent files which may have been installed along with Trilllian [bundled "spyware"]: wtcpl.dll and wtcpl.cpl May work, may not. The Repair was worth a try, at least it pointed the search in another direction. Does going Start, run, typing control and pressing Enter work? |
| ||
| Re: What keeps eating Windows Explorer? I just tried "Start, run, control" and it didn't work. The Start bar flashed again, which also means I can't run search and delete anything. If this happened every time I'd've figured out that something was wrong months ago but sometimes it does and sometimes it doesn't. Rebooting doesn't necessarily give me a boot where it works. Yes Repair was worth a try. It's good to know where the problem isn't; especially when you can't find where it is. Thank you. :) |
| ||
| Re: What keeps eating Windows Explorer? I know that you have Panda AV, but it may pay to try one of these. Theory is that it is possible that your resident AV could be affected by any malware, whereas an online scan will not be. First clean: ==Download this temp file cleaner from http://www.atribune.org/ccount/click.php?id=1 --click in the download window to run it, and when ATF Cleaner opens go Select all, and then Empty Selected. Next click Firefox [if you have that browser..] at the top, Select All again, and Empty Selected again. Follow that procedure also if you have Opera. Close ATF. Just in case: ==AVG AntiRootkit from http://free.grisoft.com/doc/5390/lng/us/tpl/v5 One of these two: ==Pandasoftware ActiveScan using IE only from http://www.pandasoftware.com/products/activescan? - just follow through the pages, supply a "valid" email address... To reduce the number of detections run either CCleaner or ATF cleaner first [to remove cookies]. ==Kaspersky Online Scan, from http://www.kaspersky.com/virusscanner -press the Kaspersky Online Scanner button, follow through.... Sorry I cannot help further. |
| All times are GMT -4. The time now is 12:14 pm. |
Forum system based on vBulletin Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
©2003 - 2009 DaniWeb® LLC