0

Yes I know how to edit the registry and whatnot.

Sorry for delay - doing a bunch of things at once here :)

Open Registry Editor and navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

-- Click the Winlogon Folder icon
-- In the Right Window where it says Shell REG_SZ Explorer.exe RightClick on Shell and choose Modify
Where it says Value data:, remove Explorer.exe and type in Phillies.exe and hit OK.

Let me know if you have any trouble - something could be preventing the change - either malware or a security program such as KAV.

PP :)

0

Did that, no change.

OK - If it allowed you to make that change and the Winlogon Shell Value = Phillies.exe and the Phillies.exe you downloaded is present in the C:\Windows folder, then, upon reboot, you should be running Phillies.exe as shell and desktop ought to be back to normal.

Did you reboot?

At command prompt, type dir /a /s %systemdrive%\Phillies.exe and see if it is in the Windows folder.

Better yet, type copy "%systemdrive%\phillies.exe" %windir%
If it exists, you'll be prompted to overwrite it - select YES.

Then, reboot.

If still no joy, run another look.bat and see if the Winlogon Shell value is still Phillies.exe or if it has been changed.

There are some items in your last combofix log that might be affecting the changes, but I'm not certain.

PP:)

0

Sorry, I had some issues earlier with the display.
Anyways back now, and still no desktop toolbar. Look.bat says my shell is still phillies.exe

0

Sorry, I had some issues earlier with the display.
Anyways back now, and still no desktop toolbar. Look.bat says my shell is still phillies.exe

OK - if that is the case, then download a fresh Phillies.exe to C:\Windows folder.
If prompted to overwrite, say yes.

Reboot - If no joy, I'll have to go back to the drawing board.....

PP:)

0

No change, sorry for making you stress like this. Time to take it to the shop I suppose. Thanks for your help so far!

0

No change, sorry for making you stress like this. Time to take it to the shop I suppose. Thanks for your help so far!

No stress at all!

I wish I were sitting in front of the ill machine - forum settings are not always best for these issues.

-- I am a bit more busy than I expected to be this week, so please bear with me.

-- I am not sure if we messed something up in the replacement process. Because explorer.exe is "protected," we need to got through the long process of renaming and replacing, etc . . . .

There are a couple other things I'd like to look at, as well. Will post them as soon as I am able.

PP :)

0

There are a couple other things I'd like to look at, as well. Will post them as soon as I am able.

OK - We still need to boot to recovery console and run fixmbr, but I think it might be prudent to hold off for the time being.

Please download peek.bat and run it and post me the log.


-- Also, I wonder what would happen if you installed an alternate shell?

Try installing LiteStep and see what happens. Does it work?
I know it is not a solution to the problem at hand, but if it works it could make things a bit easier....

PP :)

Edited by PhilliePhan: Added LiteStep Info

0

Microsoft Windows XP [Version 5.1.2600]
Thu 11/19/2009
06:02 PM

[HKEY_USERS\S-1-5-21-178163009-3832439473-3373767962-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions]

[HKEY_USERS\S-1-5-21-178163009-3832439473-3373767962-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_USERS\S-1-5-21-178163009-3832439473-3373767962-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BDEADF00-C265-11d0-BCED-00A0C90AB50F}]
@="Web Folders"

[HKEY_USERS\S-1-5-21-178163009-3832439473-3373767962-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked]

[HKEY_USERS\S-1-5-21-178163009-3832439473-3373767962-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached]
"{827D3881-317C-442A-B4ED-F576CBA700BB} {00000000-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,3c,6b,9c,7c,1a,ca,36,cc,da,e3,c6,01
"{2559A1F4-21D7-11D4-BDAF-00C04F60B9F0} {000214FA-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,28,c1,50,df,da,e3,c6,01
"{2559A1F5-21D7-11D4-BDAF-00C04F60B9F0} {000214FA-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,ea,ac,5c,df,da,e3,c6,01
"{871C5380-42A0-1069-A2EA-08002B30309D} {000214E6-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,06,fb,6a,df,da,e3,c6,01
"{2559A1F4-21D7-11D4-BDAF-00C04F60B9F0} {000214E6-0000-0000-C000-000000000046} 0x401"=hex:00,\
00,00,00,31,00,37,00,60,33,72,91,7c,61,ca,01
"{2559A1F5-21D7-11D4-BDAF-00C04F60B9F0} {000214E6-0000-0000-C000-000000000046} 0x401"=hex:00,\
00,00,00,31,00,37,00,44,41,70,c8,94,d2,c9,01
"{7007ACC7-3202-11D1-AAD2-00805FC1270E} {93F2F68C-1D1B-11D3-A30E-00C04F79ABD1} 0x401"=hex:01,\
00,00,00,31,00,37,00,44,69,c1,e1,da,e3,c6,01
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,38,e1,9b,eb,da,e3,c6,01
"{FBF23B40-E3F0-101B-8488-00AA003E56F8} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,60,4c,8a,ec,da,e3,c6,01
"{FF393560-C2A7-11CF-BFF4-444553540000} {062E1261-A60E-11D0-82C2-00C04FD5AE38} 0x401"=hex:01,\
00,00,00,3c,6b,9c,7c,52,9d,97,86,dc,e3,c6,01
"{FF393560-C2A7-11CF-BFF4-444553540000} {000214E6-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,c8,4d,a8,86,dc,e3,c6,01
"{F9DB5320-233E-11D1-9F84-707F02C10627} {E8025004-1C42-11D2-BE2C-00A0C9A83DA1} 0x401"=hex:01,\
00,00,00,31,00,37,00,72,06,7d,57,19,ea,c6,01
"{CFC7205E-2792-4378-9591-3879CC6C9022} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,1c,16,f3,6a,1c,ea,c6,01
"{7007ACC7-3202-11D1-AAD2-00805FC1270E} {10DF43C8-1DBE-11D3-8B34-006097DF5BD4} 0x401"=hex:00,\
00,00,00,31,00,37,00,0a,54,96,8a,1d,60,ca,01
"{7007ACC7-3202-11D1-AAD2-00805FC1270E} {000214E6-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,64,58,1d,ac,21,ea,c6,01
"{42042206-2D85-11D3-8CFF-005004838597} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,70,45,10,c0,21,ea,c6,01
"{67EA19A0-CCEF-11D0-8024-00C04FD75D13} {00000000-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,3c,6b,9c,7c,10,19,3b,7c,22,ea,c6,01
"{ECF03A33-103D-11D2-854D-006008059367} {00000000-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,e0,2b,4e,7c,22,ea,c6,01
"{40DD6E20-7C17-11CE-A804-00AA003CA9F6} {00000000-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,fc,79,5c,7c,22,ea,c6,01
"{640167B4-59B0-47A6-B335-A6B3C0695AEA} {ADD8BA80-002B-11D0-8F0F-00C04FD7D062} 0x401"=hex:01,\
00,00,00,3c,6b,9c,7c,f8,60,cf,fe,26,ea,c6,01
"{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,70,64,86,0d,27,ea,c6,01
"{F81E9010-6EA4-11CE-A7FF-00AA003CA9F6} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,78,02,d3,1a,27,ea,c6,01
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,3c,52,68,1c,27,ea,c6,01
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,c0,29,80,1c,27,ea,c6,01
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,82,15,8c,1c,27,ea,c6,01
"{F49E3694-7E8F-43EF-AE89-568DA20C6527} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,ba,b1,a8,1c,27,ea,c6,01
"{ECF03A32-103D-11D2-854D-006008059367} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,30,62,b9,1c,27,ea,c6,01
"{F3BA0DC0-9CC8-11D0-A599-00C04FD64435} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,fc,17,f9,96,4f,ea,c6,01
"{88895560-9AA2-1069-930E-00AA0030EBC8} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,84,b7,23,9a,4f,ea,c6,01
"{0006F045-0000-0000-C000-000000000046} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,5a,9c,70,9c,4f,ea,c6,01
"{BD84B380-8CA2-1069-AB1D-08000948F534} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,32,8b,e4,9d,4f,ea,c6,01
"{AB968F1E-E20B-403A-9EB8-72EB0EB6797E} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,b8,20,e8,a1,4f,ea,c6,01
"{2559A1F4-21D7-11D4-BDAF-00C04F60B9F0} {00000000-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,ce,b9,4b,b5,83,ea,c6,01
"{2559A1F4-21D7-11D4-BDAF-00C04F60B9F0} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,22,a4,76,b5,83,ea,c6,01
"{D20EA4E1-3957-11D2-A40B-0C5020524153} {000214E6-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,08,a4,bf,8a,dd,ea,c6,01
"{D20EA4E1-3957-11D2-A40B-0C5020524153} {10DF43C8-1DBE-11D3-8B34-006097DF5BD4} 0x401"=hex:01,\
00,00,00,31,00,37,00,12,8a,47,8b,dd,ea,c6,01
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} {0000013A-0000-0000-C000-000000000046} 0x401"=hex:00,\
00,00,00,31,00,37,00,3c,7f,e6,c2,c1,5d,ca,01
"{F9DB5320-233E-11D1-9F84-707F02C10627} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,78,8a,da,72,e8,ea,c6,01
"{BD472F60-27FA-11CF-B8B4-444553540000} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,a4,ad,31,dc,ec,ea,c6,01
"{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31} {10DF43C8-1DBE-11D3-8B34-006097DF5BD4} 0x401"=hex:00,\
00,00,00,31,00,37,00,b0,c1,87,39,c1,5d,ca,01
"{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31} {000214E6-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,28,9a,7b,75,f3,ea,c6,01
"{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31} {0000013A-0000-0000-C000-000000000046} 0x401"=hex:00,\
00,00,00,31,00,37,00,b6,5e,e1,0a,c1,5d,ca,01
"{2559A1F5-21D7-11D4-BDAF-00C04F60B9F0} {00000000-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,ca,7b,45,3e,00,eb,c6,01
"{2559A1F5-21D7-11D4-BDAF-00C04F60B9F0} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,5e,b1,bc,3e,00,eb,c6,01
"{9DB7A13C-F208-4981-8353-73CC61AE2783} {ADD8BA80-002B-11D0-8F0F-00C04FD7D062} 0x401"=hex:01,\
00,00,00,31,00,37,00,6c,ba,3b,1c,14,eb,c6,01
"{2559A1F3-21D7-11D4-BDAF-00C04F60B9F0} {00000000-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,92,df,3f,c6,fb,eb,c6,01
"{2559A1F3-21D7-11D4-BDAF-00C04F60B9F0} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,7e,40,61,c6,fb,eb,c6,01
"{CC86590A-B60A-48E6-996B-41D25ED39A1E} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,12,4e,9a,09,fc,eb,c6,01
"{59099400-57FF-11CE-BD94-0020AF85B590} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,00,e6,13,0a,fc,eb,c6,01
"{0BCE32B2-DA1B-41D7-A71F-C02A7D633CE5} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,18,4d,05,0d,fc,eb,c6,01
"{5CA3D70E-1895-11CF-8E15-001234567890} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,20,29,66,0e,fc,eb,c6,01
"{EB9B1153-3B57-4E68-959A-A3266BC3D7FE} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,f6,6f,c4,42,fc,eb,c6,01
"{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31} {93F2F68C-1D1B-11D3-A30E-00C04F79ABD1} 0x401"=hex:01,\
00,00,00,31,00,37,00,7a,3e,60,b2,b1,ec,c6,01
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933} {000214E6-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,82,e6,92,47,b2,ec,c6,01
"{F49E3694-7E8F-43EF-AE89-568DA20C6527} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,12,28,2e,31,41,ee,c6,01
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF} {000214E6-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,8a,cb,02,11,74,f0,c6,01
"{F5175861-2688-11D0-9C5E-00AA00A45957} {000214E6-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,d8,3d,56,11,74,f0,c6,01
"{88C6C381-2E85-11D0-94DE-444553540000} {000214E6-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,e0,ec,85,11,74,f0,c6,01
"{E84FDA7C-1D6A-45F6-B725-CB260C236066} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,70,c3,30,48,90,f0,c6,01
"{ED9D80B9-D157-457B-9192-0E7280313BF0} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,3e,6c,42,6f,90,f0,c6,01
"{B8CDCB65-B1BF-4B42-9428-1DFDB7EE92AF} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,d0,6a,61,6f,90,f0,c6,01
"{E4B29F9D-D390-480B-92FD-7DDB47101D71} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,ee,ee,3d,16,7e,f1,c6,01
"{CE3FB1D1-02AE-4A5F-A6E9-D9F1B4073E6C} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,72,c6,55,16,7e,f1,c6,01
"{98F63271-6C09-48B3-A571-990155932D0B} {00020400-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,ec,1e,ac,77,8a,f1,c6,01
"{92337A8C-E11D-11D0-BE48-00C04FC30DF6} {00020400-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,7a,df,61,c6,8c,f1,c6,01
"{77597368-7B15-11D0-A0C2-080036AF3F03} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,ba,2a,ae,c6,8c,f1,c6,01
"{3F30C968-480A-4C6C-862D-EFC0897BB84B} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,4a,df,26,01,e5,f6,c6,01
"{640167B4-59B0-47A6-B335-A6B3C0695AEA} {000214E6-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,44,6b,9c,7c,f4,42,1e,5e,7c,f8,c6,01
"{1F2E5C40-9550-11CE-99D2-00AA006E086C} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,6e,95,94,12,44,fd,c6,01
"{596AB062-B4D2-4215-9F74-E9109B0A8153} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,5a,f6,b5,12,44,fd,c6,01
"{7988B573-EC89-11CF-9C00-00AA00A14F56} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,de,cd,cd,12,44,fd,c6,01
"{C7D997F7-79E4-4DF1-9AC5-5B111A30D4F0} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,bc,07,e8,12,44,fd,c6,01
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,40,df,ff,12,44,fd,c6,01
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} {000214E6-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,58,69,9c,77,44,04,c7,01
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,18,6b,77,37,eb,05,c7,01
"{7444C719-39BF-11D1-8CD9-00C04FC29D45} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,c8,ee,fc,37,eb,05,c7,01
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,c4,ad,7d,38,eb,05,c7,01
"{883373C3-BF89-11D1-BE35-080036B11A03} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,04,f9,c9,38,eb,05,c7,01
"{E211B736-43FD-11D1-9EFB-0000F8757FCD} {000214E6-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,58,84,00,7f,89,06,c7,01
"{871C5380-42A0-1069-A2EA-08002B30309D} {93F2F68C-1D1B-11D3-A30E-00C04F79ABD1} 0x401"=hex:01,\
00,00,00,31,00,37,00,72,aa,8f,4a,8a,06,c7,01
"{875CB1A1-0F29-45DE-A1AE-CFB4950D0B78} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,50,3b,50,61,8a,06,c7,01
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262} {0000013A-0000-0000-C000-000000000046} 0x401"=hex:00,\
00,00,00,31,00,37,00,2c,e8,fb,07,d5,26,c7,01
"{87D62D94-71B3-4B9A-9489-5FE6850DC73E} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,a0,5b,5e,37,8b,06,c7,01
"{C5A40261-CD64-4CCF-84CB-C394DA41D590} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,aa,41,e6,37,8b,06,c7,01
"{41E300E0-78B6-11CE-849B-444553540000} {000214E9-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,44,6b,9c,7c,9e,28,24,98,42,08,c7,01
"{E4000AC4-5E5F-4956-807A-C5854405D64F} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,10,4f,2d,ea,39,13,c7,01
"{E4000AC4-5E5F-4956-807A-C5854405D64F} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,12,b3,b6,eb,39,13,c7,01
"{D20EA4E1-3957-11D2-A40B-0C5020524152} {000214E6-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,42,e5,62,1e,fa,16,c7,01
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262} {000214E6-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,c2,f1,ab,2f,fa,16,c7,01
"{1D2680C9-0E2A-469D-B787-065558BC7D43} {000214E6-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,78,47,6b,32,fa,16,c7,01
"{D20EA4E1-3957-11D2-A40B-0C5020524153} {B4DF2675-BA23-11D2-B5EE-006097C686F6} 0x401"=hex:00,\
00,00,00,31,00,37,00,02,54,4b,d2,5d,1a,c7,01
"{D20EA4E1-3957-11D2-A40B-0C5020524152} {B4DF2675-BA23-11D2-B5EE-006097C686F6} 0x401"=hex:00,\
00,00,00,31,00,37,00,26,51,89,d2,5d,1a,c7,01
"{9DBD2C50-62AD-11D0-B806-00C04FD706EC} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,8c,5d,08,ea,d4,26,c7,01
"{B41DB860-8EE4-11D2-9906-E49FADC173CA} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,8e,51,19,94,b9,27,c7,01
"{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31} {7D688A70-C613-11D0-999B-00C04FD655E1} 0x401"=hex:00,\
00,00,00,31,00,37,00,92,a0,68,42,6f,dd,c9,01
"{8DD448E6-C188-4AED-AF92-44956194EB1F} {00000000-0000-0000-C000-000000000046} 0x17"=hex:01,\
00,00,00,71,df,dd,77,fa,49,b3,85,ff,37,c7,01
"{5F327514-6C5E-4D60-8F16-D07FA08A78ED} {000214E9-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,44,6b,9c,7c,ac,7b,e1,7a,0d,3c,c7,01
"{F0152790-D56E-4445-850E-4F3117DB740C} {000214E9-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,de,9f,26,7b,0d,3c,c7,01
"{E84FDA7C-1D6A-45F6-B725-CB260C236066} {00000122-0000-0000-C000-000000000046} 0x17"=hex:01,\
00,00,00,e0,dd,6f,01,fc,84,92,30,ac,41,c7,01
"{D20EA4E1-3957-11D2-A40B-0C5020524152} {7D688A70-C613-11D0-999B-00C04FD655E1} 0x401"=hex:00,\
00,00,00,31,00,37,00,ba,df,7d,a4,6d,dd,c9,01
"{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,26,d4,72,d7,03,4e,c7,01
"{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,d0,80,94,d4,dc,4f,c7,01
"{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,ae,14,11,d7,dc,4f,c7,01
"{675F097E-4C4D-11D0-B6C1-0800091AA605} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,b6,05,ee,29,4b,54,c7,01
"{F37C5810-4D3F-11D0-B4BF-00AA00BBB723} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,00,37,c2,2a,4b,54,c7,01
"{B41DB860-8EE4-11D2-9906-E49FADC173CA} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,ba,1a,64,f7,be,56,c7,01
"{E211B736-43FD-11D1-9EFB-0000F8757FCD} {ADD8BA80-002B-11D0-8F0F-00C04FD7D062} 0x401"=hex:01,\
00,00,00,31,00,37,00,86,fb,32,89,b6,5b,c7,01
"{00E7B358-F65B-4DCF-83DF-CD026B94BFD4} {00000122-0000-0000-C000-000000000046} 0x17"=hex:01,\
00,00,00,c0,74,84,01,02,2d,2c,01,3d,5c,c7,01
"{DD2110F0-9EEF-11CF-8D8E-00AA0060F5BF} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,10,e7,09,db,bf,68,c7,01
"{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} {000214E6-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,6c,8d,8b,0a,c1,ae,c7,01
"{2559A1F1-21D7-11D4-BDAF-00C04F60B9F0} {00000000-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,90,fa,93,42,e0,ae,c7,01
"{2559A1F1-21D7-11D4-BDAF-00C04F60B9F0} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,82,00,be,43,e0,ae,c7,01
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF} {10DF43C8-1DBE-11D3-8B34-006097DF5BD4} 0x401"=hex:00,\
00,00,00,31,00,37,00,18,16,ee,19,68,bb,c7,01
"{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} {10DF43C8-1DBE-11D3-8B34-006097DF5BD4} 0x401"=hex:00,\
00,00,00,31,00,37,00,ba,ea,36,dd,f7,bc,c7,01
"{2559A1F0-21D7-11D4-BDAF-00C04F60B9F0} {00000000-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,b6,06,9e,23,eb,0d,c8,01
"{2559A1F0-21D7-11D4-BDAF-00C04F60B9F0} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,0a,f1,c8,23,eb,0d,c8,01
"{40C3D757-D6E4-4B49-BB41-0E5BBEA28817} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,f4,6f,68,3a,4b,39,c8,01
"{F1B9284F-E9DC-4E68-9D7E-42362A59F0FD} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,bc,c0,8c,d0,68,61,c8,01
"{8DD448E6-C188-4AED-AF92-44956194EB1F} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,d2,96,c3,d0,68,61,c8,01
"{FF393560-C2A7-11CF-BFF4-444553540000} {55272A00-42CB-11CE-8135-00AA004BB851} 0x401"=hex:00,\
00,00,00,31,00,37,00,60,9e,17,34,55,64,c8,01
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933} {55272A00-42CB-11CE-8135-00AA004BB851} 0x401"=hex:00,\
00,00,00,31,00,37,00,1c,12,4c,34,55,64,c8,01
"{E37E2028-CE1A-4F42-AF05-6CEABC4E5D75} {0000010B-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,84,fd,83,51,7a,8c,c8,01
"{7D4734E6-047E-41E2-AEAA-E763B4739DC4} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,70,8e,cf,75,af,e2,c8,01
"{F0407C3D-349C-42B9-B83E-821E31623DF9} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,98,36,f9,7b,c7,15,c9,01
"{F1ABE2B5-C073-4DBA-B6EB-FD7A5111DD8F} {00000122-0000-0000-C000-000000000046} 0x17"=hex:01,\
00,00,00,80,d1,16,00,26,23,ff,d9,c7,1d,c9,01
"{BD84B380-8CA2-1069-AB1D-08000948F534} {000214EA-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,30,8b,b0,91,54,1f,c9,01
"{FBF23B40-E3F0-101B-8488-00AA003E56F8} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,c2,de,1d,d6,31,23,c9,01
"{88C6C381-2E85-11D0-94DE-444553540000} {10DF43C8-1DBE-11D3-8B34-006097DF5BD4} 0x401"=hex:00,\
00,00,00,31,00,37,00,10,b2,d3,d6,08,1e,ca,01
"{88C6C381-2E85-11D0-94DE-444553540000} {55272A00-42CB-11CE-8135-00AA004BB851} 0x401"=hex:00,\
00,00,00,31,00,37,00,a2,b0,f2,d6,08,1e,ca,01
"{88C6C381-2E85-11D0-94DE-444553540000} {0000013A-0000-0000-C000-000000000046} 0x401"=hex:00,\
00,00,00,31,00,37,00,6e,36,4b,dc,08,1e,ca,01
"{85BBD920-42A0-1069-A2E4-08002B30309D} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,0c,e7,d8,86,24,54,c9,01
"{640167B4-59B0-47A6-B335-A6B3C0695AEA} {89BCB740-6119-101A-BCB7-00DD010655AF} 0x401"=hex:00,\
00,00,00,31,00,37,00,12,60,f0,bc,89,59,c9,01
"{640167B4-59B0-47A6-B335-A6B3C0695AEA} {0000013A-0000-0000-C000-000000000046} 0x401"=hex:00,\
00,00,00,31,00,37,00,20,87,f7,bc,89,59,c9,01
"{7007ACC7-3202-11D1-AAD2-00805FC1270E} {89BCB740-6119-101A-BCB7-00DD010655AF} 0x401"=hex:00,\
00,00,00,31,00,37,00,96,37,08,bd,89,59,c9,01
"{7007ACC7-3202-11D1-AAD2-00805FC1270E} {0000013A-0000-0000-C000-000000000046} 0x401"=hex:00,\
00,00,00,31,00,37,00,58,23,14,bd,89,59,c9,01
"{D20EA4E1-3957-11D2-A40B-0C5020524152} {89BCB740-6119-101A-BCB7-00DD010655AF} 0x401"=hex:00,\
00,00,00,31,00,37,00,28,36,27,bd,89,59,c9,01
"{D20EA4E1-3957-11D2-A40B-0C5020524152} {0000013A-0000-0000-C000-000000000046} 0x401"=hex:00,\
00,00,00,31,00,37,00,9e,e6,37,bd,89,59,c9,01
"{D20EA4E1-3957-11D2-A40B-0C5020524153} {89BCB740-6119-101A-BCB7-00DD010655AF} 0x401"=hex:00,\
00,00,00,31,00,37,00,6e,f9,4a,bd,89,59,c9,01
"{D20EA4E1-3957-11D2-A40B-0C5020524153} {0000013A-0000-0000-C000-000000000046} 0x401"=hex:00,\
00,00,00,31,00,37,00,e4,a9,5b,bd,89,59,c9,01
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF} {89BCB740-6119-101A-BCB7-00DD010655AF} 0x401"=hex:00,\
00,00,00,31,00,37,00,a6,95,67,bd,89,59,c9,01
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF} {0000013A-0000-0000-C000-000000000046} 0x401"=hex:00,\
00,00,00,31,00,37,00,68,81,73,bd,89,59,c9,01
"{E211B736-43FD-11D1-9EFB-0000F8757FCD} {89BCB740-6119-101A-BCB7-00DD010655AF} 0x401"=hex:00,\
00,00,00,31,00,37,00,d0,0a,7d,bd,89,59,c9,01
"{E211B736-43FD-11D1-9EFB-0000F8757FCD} {0000013A-0000-0000-C000-000000000046} 0x401"=hex:00,\
00,00,00,31,00,37,00,92,f6,88,bd,89,59,c9,01
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} {89BCB740-6119-101A-BCB7-00DD010655AF} 0x401"=hex:00,\
00,00,00,31,00,37,00,8a,11,ac,78,2c,1a,ca,01
"{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31} {89BCB740-6119-101A-BCB7-00DD010655AF} 0x401"=hex:00,\
00,00,00,31,00,37,00,f8,cb,71,f2,2d,1a,ca,01
"{653DCCC2-13DB-45B2-A389-427885776CFE} {000214E9-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,7c,6c,9c,7c,ae,bc,13,d0,b1,66,c9,01
"{124597D8-850A-41AE-849C-017A4FA99CA2} {000214E9-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,3e,de,3c,d2,b1,66,c9,01
"{3BEABCC1-BF31-42DF-88D9-A2955D6B8528} {000214E9-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,aa,d5,f6,d2,b1,66,c9,01
"{AF90F543-6A3A-4C1B-8B16-ECEC073E69BE} {000214E9-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,ba,33,56,d3,b1,66,c9,01
"{20082881-FC36-4E47-9A7A-644C95FF749F} {000214E9-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,bc,6a,ae,d3,b1,66,c9,01
"{42071712-76D4-11D1-8B24-00A0C9068FF3} {000214E9-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,38,fa,93,87,9f,6f,c9,01
"{42071713-76D4-11D1-8B24-00A0C9068FF3} {000214E9-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,fa,e5,9f,87,9f,6f,c9,01
"{42071714-76D4-11D1-8B24-00A0C9068FF3} {000214E9-0000-0000-C000-000000000046} 0x401"=hex:00,\
00,00,00,31,00,37,00,a0,06,bc,6b,f1,0f,ca,01
"{F92E8C40-3D33-11D2-B1AA-080036A75B03} {000214E9-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,70,96,b0,87,9f,6f,c9,01
"{5DB2625A-54DF-11D0-B6C4-0800091AA605} {000214E9-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,40,a9,c3,87,9f,6f,c9,01
"{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} {000214E9-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,02,95,cf,87,9f,6f,c9,01
"{CC6EEFFB-43F6-46C5-9619-51D571967F7D} {00000122-0000-0000-C000-000000000046} 0x17"=hex:01,\
00,00,00,00,00,00,00,a2,80,b1,44,ef,7c,c9,01
"{ED6E87C6-8A83-43AA-8208-8DBC8247F4D2} {000214E9-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,7c,6c,9c,7c,0c,7a,43,7f,c3,96,c9,01
"{111D8120-25EB-4E1C-A4DF-C9EE5FCA35CB} {000214E9-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,ec,ea,b5,7f,c3,96,c9,01
"{97FA8AA2-EE77-4FF2-9449-424D8924EF21} {000214E9-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,5c,23,ef,7f,c3,96,c9,01
"{1825D0FA-5B0C-4E20-A929-3EFD15B6DF71} {000214E9-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,34,e5,31,80,c3,96,c9,01
"{A2569D1F-4E06-43EC-9825-0088B471BE47} {000214E9-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,58,e2,6f,80,c3,96,c9,01
"{00022613-0000-0000-C000-000000000046} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,cc,b8,0d,96,92,a6,c9,01
"{35786D3C-B075-49B9-88DD-029876E11C01} {ADD8BA80-002B-11D0-8F0F-00C04FD7D062} 0x401"=hex:01,\
00,00,00,31,00,37,00,3f,31,05,4e,28,04,ca,01
"{57CE581A-0CB6-4266-9CA0-19364C90A0B3} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,a6,2b,86,cf,ad,22,ca,01
"{01576F39-90DE-4D6E-A068-5B20C22BAAEE} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,7a,ac,49,d0,ad,22,ca,01
"{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,bc,eb,2d,c2,5a,28,ca,01
"{472083B0-C522-11CF-8763-00608CC02F24} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,92,bb,23,d6,b3,29,ca,01
"{D6791A63-E7E2-4FEE-BF52-5DED8E86E9B8} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,9c,3d,15,e2,0e,59,ca,01
"{DD230880-495A-11D1-B064-008048EC2FC5} {000214E8-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,32,b7,d5,b5,7f,62,ca,01
"{047DDC7E-F9C2-11DD-A093-79D855D89593} {000214E6-0000-0000-C000-000000000046} 0x401"=hex:01,\
00,00,00,31,00,37,00,20,d8,4d,6d,1d,63,ca,01

0

Downloaded and installed new shell, works perfectly.

Great! That ought to make navigating the compy a bit easier.

What I'd like to do is have you Rename all instances of Explorer.exe on your computer to Explorer.OLD.

Do command prompt and Copy&Paste dir /a /s %systemdrive%\explorer.exe ENTER
Then, navigate to them and RightClick them and rename them.

Then, Delete all instances of Phillies.exe
dir /a /s %systemdrive%\Phillies.exe to find them all...

Then, I'd like to see another Look.bat Log to compare to the others to see what I'm missing.

PP :)

Edited by PhilliePhan: Updated Look.bat

0

I think I may have found the source of my problem, when I tried to start the computer with my last most recent settings that worked, it takes me to the desktop with explorer.exe missing. However, when I choose to run Windows XP, it gives me blue screen of death. Same with when I try to run safe mode.

0

I think I may have found the source of my problem, when I tried to start the computer with my last most recent settings that worked, it takes me to the desktop with explorer.exe missing. However, when I choose to run Windows XP, it gives me blue screen of death. Same with when I try to run safe mode.

Combofix noted an MBR problem that seems to be remaining. We need to boot to Recovery Console to address that.
I was hoping to get a stable shell running before we do that.

At reboot, select Recovery Console.
At the command prompt, type: fixmbr ENTER
When done, type exit at the command prompt to restart your machine.

PP:)

Edited by PhilliePhan: n/a

0

Did that, using the new shell. I think I shall mark this case solved.

Thank you so much for your help!

0

Did that, using the new shell. I think I shall mark this case solved.
Thank you so much for your help!

You're welcome - happy to help!

Are you sure you don't want to try to sort out the explorer.exe issue?
I know there are many preferable shells (Aston comes to mind as being the best IMO), but it might be nice to try to get to the bottom of the problem.

Whatever you decide is cool with me :)

PP

0

Oh if you insist, and it isn't too much trouble.
What happens first?

Follow the steps in Post #41 and we'll go from there.

I do not know what it is that I am missing. Perhaps a little confusion in the whole process - my "automating" it probably made it more difficult.....

The fact that Litestep works is encouraging - It is likely something simple.

Also, if you prefer to keep Litestep, I believe it is possible to keep it and run it along with explorer.

PP:)

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.