Windows explorer not responding at startup

[ico]

1) Download HijackThis: HijackThis - Trend Micro USA
2) Run it and save the log.
3) Get your log checked at: HijackThis Logfileauswertung
4) It will show you some alarming entries. Delete them using HijackThis.
5) Reboot.

 

[utkarsh007]

hey ico i am unable to understand what that was. Ny ways my log is as folllows:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 03:56:18, on 08-07-2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\Zune\ZuneLauncher.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Windows\System32\MSNavgnt.exe
C:\Program Files\Microsoft Security Client\msseces.exe
D:\Intel AppUp\IntelAppStore\bin\serviceManager.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
E:\nokia\Nokia PC Suite 7\PCSuite.exe
E:\Internet Download Manager\IDMan.exe
C:\Program Files\uTorrent\uTorrent.exe
F:\Office 2010 pro plus\Office14\MSOSYNC.EXE
F:\Office 2010 pro plus\Office14\GROOVEMN.EXE
C:\Users\Alienware\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Windows\Explorer.EXE
C:\Users\Alienware\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alienware\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Alienware\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alienware\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alienware\Documents\Downloads\Programs\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url=*www.yahoo.com]Yahoo! Singapore[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url=*go.microsoft.com/fwlink/?LinkId=54896]Bing[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url=*go.microsoft.com/fwlink/?LinkId=54896]Bing[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url=*go.microsoft.com/fwlink/?LinkId=56626&homepage=*www.yahoo.com]Your Home Page Has Been Changed[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\Internet Download Manager\IDMIECC.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - F:\Bit comet\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\OFFICE~2\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - F:\OFFICE~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - F:\visual studio\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Zune Launcher] "d:\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [WinSys2] C:\Windows\system32\startup.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [MSNavgnt] C:\Windows\system32\MSNavgnt.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "D:\Intel AppUp\IntelAppStore\bin\serviceManager.lnk"
O4 - HKLM\..\Run: [InstaLAN] "C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [BCSSync] "F:\Office 2010 pro plus\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKCU\..\Run: [{9FE93394-5C39-0B04-E0AC-63AC153B6BD5}] C:\Users\Alienware\AppData\Roaming\internet\yahoo.exe
O4 - HKCU\..\Run: [PC Suite Tray] "E:\nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [IDMan] E:\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Alienware\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [OfficeSyncProcess] "F:\Office 2010 pro plus\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [MyApp] C:\Users\Alienware\Documents\Downloads\Programs\conhost.exe
O4 - HKCU\..\Run: [GrooveMonitor] F:\Office 2010 pro plus\Office14\GROOVEMN.EXE
O4 - HKCU\..\Run: [Google Update] "C:\Users\Alienware\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O8 - Extra context menu item: &D&ownload &with BitComet - res://F:\Bit comet\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://F:\Bit comet\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all links with IDM - E:\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - E:\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - E:\Internet Download Manager\IEExt.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\Office 2010 pro plus\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\Office 2010 pro plus\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - F:\Office 2010 pro plus\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - F:\Office 2010 pro plus\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://F:\Bit comet\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: [url=*moneycentral.msn.com]Money: Personal finance & investing news & advice - MSN Money[/url]
O16 - DPF: {C9BEF1E9-21F6-486F-80A2-32D61DE86E5E} - [url]*www.directxtras.com/speaksforitself/download/ms_sapi.cab[/url]
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - [url]*platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab[/url]
O16 - DPF: {E4DFABBD-F5F6-11D3-8421-0080C6F79C42} (SpeechControl Class) - [url]*www.directxtras.com/speaksforitself/download/speechplugin.cab[/url]
O17 - HKLM\System\CCS\Services\Tcpip\..\{75BF1AB6-2C8E-46D2-A296-8FA49BEC7446}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{75BF1AB6-2C8E-46D2-A296-8FA49BEC7446}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{75BF1AB6-2C8E-46D2-A296-8FA49BEC7446}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
O23 - Service: Anyplace Control Security - Unknown owner - C:\ProgramData\Anyplace Control 4\svcadmin.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - [url=*www.BitComet.com]BitComet - A free C++ BitTorrent/HTTP/FTP Download Client[/url] - F:\Bit comet\BitComet\tools\BitCometService.exe
O23 - Service: Device Error Recovery Service (dgdersvc) - Devguru Co., Ltd. - C:\Windows\system32\dgdersvc.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: frameworkPostgreSQL - PostgreSQL Global Development Group - F:/METASP~1/POSTGR~1/bin/pg_ctl.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: SAMSUNG KiesAllShare Service (KiesAllShare) - Unknown owner - C:\Program Files\Samsung\Kies\WiselinkPro\WiselinkPro.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 12886 bytes

1) Download HijackThis: HijackThis - Trend Micro USA
2) Run it and save the log.
3) Get your log checked at: HijackThis Logfileauswertung
4) It will show you some alarming entries. Delete them using HijackThis.
5) Reboot.

plz use the log analyser coz i was unable to conclude wat to do

 

[ico]

Remove these entries using HijackThis (after analyzing):

C:\Windows\System32\MSNavgnt.exe
D:\Intel AppUp\IntelAppStore\bin\serviceManager.exe
F:\Office 2010 pro plus\Office14\MSOSYNC.EXE
F:\Office 2010 pro plus\Office14\GROOVEMN.EXE
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - F:\visual studio\Common7\IDE\PrivateAssemblies\Microsoft.Vis ualStudio.QualityTools.RecorderBarBHO100.dll
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [MSNavgnt] C:\Windows\system32\MSNavgnt.exe
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "D:\Intel AppUp\IntelAppStore\bin\serviceManager.lnk"
O4 - HKLM\..\Run: [BCSSync] "F:\Office 2010 pro plus\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "F:\Office 2010 pro plus\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [GrooveMonitor] F:\Office 2010 pro plus\Office14\GROOVEMN.EXE
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - F:\Office 2010 pro plus\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - F:\Office 2010 pro plus\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://F:\Bit comet\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O15 - Trusted Zone: Money: Personal finance & investing news & advice - MSN Money
O16 - DPF: {C9BEF1E9-21F6-486F-80A2-32D61DE86E5E} - *www.directxtras.com/speaksfor...ad/ms_sapi.cab
O16 - DPF: {E4DFABBD-F5F6-11D3-8421-0080C6F79C42} (SpeechControl Class) - *www.directxtras.com/speaksfor...eechplugin.cab
O23 - Service: Anyplace Control Security - Unknown owner - C:\ProgramData\Anyplace Control 4\svcadmin.exe

On a second note, your computer appears to be very very bloated. You'll be better off reinstalling Windows or switch to something better - Linux Mint/Ubuntu.

 

[utkarsh007]

wat do u mean????

i will try repair install this week. Actually my pc is overloaded with many software's wich i cant remove.

 

[ico]

wat do u mean????

Open HijackThis. Click on Analalyze. Select the above entries and click on Fix Checked.

Have a look at this reference image:

Spoiler

*www.bleepstatic.com/tutorials/hijackthis/hijackthis-scan.jpg

If you didn't understand what I said now, I won't be able to help you further.

 

[utkarsh007]

did what u said but still i am facin the black screen with cursor issue

P.S. i remembr that i installed metaspoilt framework. mayb he is the culprit. m uninstallin it. lts c

 

[mithun_mrg]

Then probably u have two options left go to control panel Backup&Restore Backup ur PC & reinstall the OS or keep running it as it is

 

[utkarsh007]

Hey er1 i uninstalled windows 7 service pack 1 and now erythin is workin fine. But y is this happenin. guys plz help....

 

[mithun_mrg]

Disable windows automatic update i guess this happened due to come corrupted/incomplete update install

 

[tkin]

With so much issues better not use it, reinstall win 7.

 

[rawgeek]

Refer to following blog post from Microsoft for black screen and white cursor
Windows Vista Boots to a Black Screen with only the Mouse Cursor - Ask the Core Team - Site Home - TechNet Blogs


Also please check if u can boot in safe mode and still have the issue.If you can boot in safe mode then please go to run->msinfo32->save it and upload it here.

 

[Scientia Wiz]

Reinstall your OS ! I will be good for you leaving all these other problems !

 

[utkarsh007]

hmm i will do reinstallation after 2 days. lts c if problem is sorted out

Refer to following blog post from Microsoft for black screen and white cursor
Windows Vista Boots to a Black Screen with only the Mouse Cursor - Ask the Core Team - Site Home - TechNet Blogs


Also please check if u can boot in safe mode and still have the issue.If you can boot in safe mode then please go to run->msinfo32->save it and upload it here.

i will try this and if not works, will reinstall windows.