explorer.exe problem

**Neal** · 12-11-2007

how is it doing now?

**barney** · 13-11-2007

well its ok when its warmed up but when i cold boot i loose explorer.exe up to half a dozen times

**Neal** · 13-11-2007

this is very perplexing, you may need to re-install IE 7 after uninstalling it and guys over on the otherside can help there but let's try a couple more things first.

New combofix log and...

Go here BitDefender and run an online scan with BitDefender (you will need to use Internet Explorer for this scan). When the ActiveX Control has loaded, click on "Click here to scan" and grab a coffee.

When BitDefender completes the scan, select the "Detected Problems" tab. Click on "Click here to export scan". Save the file as an HTML to your Desktop. Then click on the saved file and allow it to open with your browser. Go to Edit - Select All then copy/paste that log back here. Post back and let us know what it found (post the log).

And post a new HJT log also..

additional info...

IE Fix utility

http://windowsxp.mvps.org/IEFIX.htm

http://support.microsoft.com/gp/pc_ie_intro

**barney** · 14-11-2007

hi neal
i am starting the bit defender scan shortly i looked at the links but these are abou internet explorer my problem is with explorer.exe

**barney** · 14-11-2007

Hi neal
couldnt get the bit defender scanner to work tried for hours no go but
heres the combofix log
ComboFix 07-11-08.1 - agb 2007-11-14 7:34:58.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1577 [GMT 0:00]
Running from: D:\Documents and Settings\agb\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2007-10-14 to 2007-11-14 )))))))))))))))))))))))))))))))
.

2007-11-12 19:23 <DIR> d-------- D:\VundoFix Backups
2007-10-30 17:44 <DIR> d--h----- D:\WINDOWS\PIF
2007-10-20 18:08 <DIR> d-------- D:\WINDOWS\system32\Kaspersky Lab
2007-10-20 18:08 <DIR> d-------- D:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-10-20 09:14 <DIR> d-------- D:\Program Files\Fortego Security
2007-10-17 15:00 <DIR> d-------- D:\Documents and Settings\agb\DoctorWeb
2007-10-16 04:50 <DIR> d-------- D:\Program Files\ewido anti-spyware 4.0
2007-10-16 03:03 <DIR> d-------- D:\Documents and Settings\All Users\Application Data\SecTaskMan

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2007-11-12 06:47 --------- d-----w D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-09 16:31 --------- d-----w D:\Documents and Settings\All Users\Application Data\pdf995
2007-11-03 09:08 --------- d-----w D:\Program Files\TheWorld 2.0
2007-10-26 15:40 --------- d-----w D:\Program Files\Google
2007-10-24 17:58 --------- d-----w D:\Program Files\Java
2007-10-24 14:22 --------- d-----w D:\Program Files\SUPERAntiSpyware
2007-10-23 10:55 --------- d-----w D:\Program Files\BitComet
2007-10-09 17:46 --------- d-----w D:\Program Files\CameraUpdate
2007-10-05 20:01 --------- d-----w D:\Documents and Settings\All Users\Application Data\Grisoft
2007-09-24 04:54 --------- d-----w D:\Program Files\SpywareGuard
2007-09-24 04:53 --------- d-----w D:\Program Files\Common Files\Java
2007-09-23 17:18 --------- d-----w D:\Program Files\ABC Amber PDF Converter
2007-09-23 17:06 --------- d-----w D:\Program Files\activePDF
2007-09-23 16:31 --------- d-----w D:\Program Files\TrialPDF-file
2007-09-23 05:16 --------- d-----w D:\Program Files\Autodesk
2007-09-22 16:46 --------- d-----w D:\Documents and Settings\All Users\Application Data\DassaultSystemes
2007-09-22 16:46 --------- d-----w D:\Documents and Settings\agb\Application Data\EDrawings
2007-09-22 16:46 --------- d-----w D:\Documents and Settings\agb\Application Data\DassaultSystemes
2007-09-22 16:45 --------- d-----w D:\Program Files\Common Files\SolidWorks Shared
2007-09-22 16:45 --------- d-----w D:\Program Files\Common Files\eDrawings2008
2007-09-22 16:45 --------- d-----w D:\Program Files\AutoCAD 2006
2007-09-22 11:29 --------- d-----w D:\Documents and Settings\All Users\Application Data\Autodesk
2007-09-22 11:28 --------- d-----w D:\Program Files\Common Files\Autodesk Shared
2007-09-22 11:28 --------- d-----w D:\Program Files\AnswerWorks 4.0
2007-09-22 11:27 --------- d-----w D:\Documents and Settings\agb\Application Data\Autodesk
2007-09-22 06:27 --------- d-----w D:\Program Files\Common Files\Jasc Software Inc
2007-09-22 06:27 --------- d-----w D:\Program Files\Common Files\InstallShield
2007-09-22 06:27 --------- d-----w D:\Documents and Settings\All Users\Application Data\InstallShield
2007-09-22 06:26 --------- d-----w D:\Program Files\Jasc Software Inc
2007-09-22 06:26 --------- d-----w D:\Documents and Settings\agb\Application Data\Jasc Software Inc
2007-09-22 05:22 --------- d-----w D:\Program Files\DWG TrueView 2008
2007-09-22 04:54 --------- d-----w D:\Documents and Settings\agb\Application Data\Downloaded Installations
2007-09-16 06:36 --------- d-----w D:\Program Files\Easy Price Pro
2007-09-15 04:48 --------- d-----w D:\Program Files\ZonedOut
2007-09-15 04:41 --------- d-----w D:\Program Files\SpywareBlaster
2007-09-06 10:09 801,144 ----a-w D:\WINDOWS\system32\aswBoot.exe
2007-09-06 10:00 95,608 ----a-w D:\WINDOWS\system32\AvastSS.scr
2007-08-25 07:22 51,716 ----a-w D:\WINDOWS\system32\pdf995mon.dll
2007-08-25 07:22 249,856 ----a-w D:\WINDOWS\system32\pdfmona.dll
2007-08-21 06:15 683,520 ----a-w D:\WINDOWS\system32\inetcomm.dll
2007-04-11 10:25 2,278,097 ----a-w D:\Program Files\BullZipPDFPrinter(3.0.0.186).exe
2007-04-08 16:38 4,301,387 ----a-w D:\Documents and Settings\Downloads\Shareaza_2.2.5.0.exe
2005-07-08 11:19 3,179,888 ----a-w D:\Program Files\Registry Mechanic 5.0.0.132.exe
2001-10-21 00:52 1,374,075 ----a-w D:\Program Files\StartUp.CAB
.

((((((((((((((((((((((((((((( snapshot@2007-11-12_ 6.47.32.64 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-14 06:22:47 16,384 ----atw D:\WINDOWS\Temp\Perflib_Perfdata_288.dat
+ 2007-11-14 06:22:02 16,384 ----atw D:\WINDOWS\Temp\Perflib_Perfdata_69c.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"avast!"="D:\PROGRA~1\ALWILS~1\Avast4\ashDisp. exe" [2007-09-06 10:06]
"Run StartupMonitor"="StartupMonitor.exe" [2000-05-20 16:23 D:\WINDOWS\StartupMonitor.exe]
"NvCplDaemon"="D:\WINDOWS\system32\NvCpl.dll" [2006-08-11 13:43]
"QuickTime Task"="D:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"H/PC Connection Agent"="D:\PROGRA~1\MICROS~3\wcescomm.exe" [2006-06-26 15:13]
"ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [2006-02-28 12:00]
"msnmsgr"="D:\Program Files\MSN Messenger\msnmsgr.exe" []
"swg"="D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2007-10-25 05:53]

[HKEY_USERS\.default\software\microsoft\windows\cur rentversion\run]
"Nokia.PCSync"=D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

D:\Documents and Settings\agb\Start Menu\Programs\Startup\
SpywareGuard.lnk - D:\Program Files\SpywareGuard\sgmain.exe [2003-08-29 18:05:35]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= D:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
D:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 D:\Program Files\SUPERAntiSpyware\SASWINLO.dll

R1 mozyFilter;mozyFilter;D:\WINDOWS\system32\DRIVERS\ mozy.sys
R2 WUSB54GSv2SVC;WUSB54GSv2SVC;"D:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe" "WUSB54GSv2.exe"
R3 GT680x;GrandTechICNameNT;D:\WINDOWS\system32\Drive rs\gt680x.sys
S3 BIOSCHK;BIOSCHK;\??\D:\DOCUME~1\agb\LOCALS~1\Temp\ TII2.tmp\disk1\BIOSCHK.SYS
S3 MEMSWEEP2;MEMSWEEP2;\??\D:\WINDOWS\system32\21.tmp
S3 umpusbxp;UPort 1 on Nokia Adapter;D:\WINDOWS\system32\DRIVERS\umpusbxp.sys

.
Contents of the 'Scheduled Tasks' folder
"2007-11-08 11:45:01 D:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- D:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
************************************************** ************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-14 07:37:08
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
Completion time: 2007-11-14 7:37:52
D:\ComboFix-quarantined-files.txt ... 2007-09-10 04:01
D:\ComboFix2.txt ... 2007-11-12 06:48
D:\ComboFix3.txt ... 2007-10-17 15:09
.
--- E O F ---

**Neal** · 14-11-2007

Nothing!

I think it is time for you to start looking in other directions for help with this problem. Apparently not malware related.

Have you considered a local shop where you live. Or the other side of this forum and just tell them you have been here.

**barney** · 15-11-2007

ok neal
thank you for your help you have been a star (it booted up just fine this morning first time in weeks) so i will see what happens , if the problem isstill there i will try another part of this forum.

thanks again and i will certainly make a contribution when my salary goes in

respect !

**Neal** · 15-11-2007

Good luck and safe surfing and thanks for the donation.

explorer.exe problem

Re: explorer.exe problem

Similar Threads

explorer.exe problem

Explorer Problem

Explorer Problem

explorer problem