explorer.exe wont load....

explorer.exe will not load, when I start my computer and log in I just come to a blank desktop with no start menu or anything.

I go to the task manager, and explorer.exe doesn't show up, so I go to new task and try to start it that way and the start menu flashes real fast and then goes away.

I tried system recovery and it didnt do anything, so I went back to try to do it from an older date and I had no restore points listed.

Am I SOL or is there anyway I can fix this?

 

It's quite likely some sort of malware infection and may take quite a lot of effort to repair.

Are you familiar with HiJackThis? If so, run it and post a log file to the Security forum here. If you don't have it you can get it free by following the link on the Security forum or Google for it.

It may also require some Registry editing. I see your at beginner level so this may be more than you want to attempt. If you can enlist some friend with more experience it may save you from having to reload the system to get it fixed.

 

the problem is I cant really do much being I can only go to the task manager, I cant really do anything else.

 

Have you tried Safe Mode?

Also from Task Manager try File > New Task > type regedit.exe press enter. Anything?

 

safe mode is the same thing, regedit comes up but I dont know enough about what im doing to make any changes or read anything in there.

 

Forget regedit for now since you would be entering a minefield without someone at your side with more experience. If you have HiJackThis installed, you could run it from that command line in Task manager. Do you?

 

I do have it installed, let me see if i could run it.

 

Great! You may need to use the browse button there in Task Manager to find the executable for HJT.

 

i guess I dont have it installed, I thought I did.

Anyway to make my internet connection connect so I can download it?

 

DL it to the rig you're running now and floppy or CD it over. (flash drive)

 

ok I got a scan.

here it is:

 

I see some undesirables there but I'm not the expert on this so I'll leave it to those who do that all the time. Perhaps some staff member will move this thread to the Security forum for a speedier response.

 

Dean, you don't seem to be getting much action here so I'll take a shot at it while we're waiting on the experts to appear:

Run HJT again and check the following for fix:

O2 - BHO: CallingID for IE - {FBF2401B-7447-4727-BE5D-C19B2075CA84} - C:\Program Files\CallingID\CallingIDIE.dll (file missing)File Missing
O3 - Toolbar: (no name) - {ED46E61C-C391-49ED-82F8-A3DCAA44671F} - (no file)
O3 - Toolbar: BayAreaRacing toolbar - {14124dd7-b8a3-4e74-8861-35ea8d17508f} - C:\Program Files\BayAreaRacing\tbBayA.dll (file missing)
O3 - Toolbar: CallingID - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - C:\Program Files\CallingID\CallingIDIE.dll (file missing)
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXEAlcxMonitor
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeCtfmon.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll


Then get and run the CWshredder from here. Follow the directions from that site for using the tool.

Then post back another HJT log for review.

 

Hi guys,
I'll see if I can grab a Moderator to speed up the forum transfer. I see your both still online and I'm real curious how this is going to turn out. Hang in there.

 

I'm curious too and with the following, this situation doesn't surprise me at all.

O4 - HKCU\..\Run: [warez] "C:\Program Files\Warez P2P Client\warez.exe" -h

 

CWshredder didnt pick up anything.. heres an update with those things u pointed out fixed...

 

I had that installed on my computer ALONG time ago (over a year), I could have sworn I had it deleted I never even used it.

Is it a bad program?

 

I see the line O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe returned. It's probably not a gremlin since it's running from the system32 folder but we'll leave that to the experts.

The rest looks good so that's as far as I can take you with my limited insight into this area.

Have you tried using the browse button of Task manager and drilling down to explorer.exe in the windows directory and running it from there?

 

O4 - HKCU\..\Run: [warez] "C:\Program Files\Warez P2P Client\warez.exe" -h

Let's just say it is sometimes used for illegal piracy of copyrighted software and that act puts you in jeopardy since aside from the legal issues, there is a good possibility that many of the shares are poisoned with malwares. Some people get their pleasures from that sort of thing so it's best to leave it alone unless you personally know the person that you are getting the file from.

The fact that it was running isn't causing your problem nor will it cause any problem. I would disable it if I didn't use it in every session. That applies to any other program that is starting and not needed. The decision is yours as to those items.

 

OK, I've moved this to the security forum. Can't hurt to let those guys look at and they'll be more apt to see it there.