TechSpot

Explorer.exe Problems

By Emin
Mar 11, 2008
  1. Uh, Firstly I'd say Hello. I've just registered on the forums seeing that most of the people come here for help. I'm experiencing some problems with my Explorer.exe [Not Internet Explorer]

    Firstly,
    Whenever I start my computer, Explorer.exe freezes [Always] and I need to terminate it and reopen it. [CTRL + ALT + DELETE => Processes]
    Any solution so it dosen't freeze? I'm having this problem from like 1 or 2 years, But I was fine just closing and reopening. But a new problem occoured yesterday. Whenever I open any folder, It says "Windows Explorer has encountered a problem and needs to close." When I click Don't send, Explorer terminates and reopens. Any solution to this one? So I can open my folders. I'm currently accessing my folders through Run [CTRL + R] Or New Task ( Run ) [CTRL + ALT + DELETE]

    One more problem but not related to Explorer.exe, Whenever I format and reinstall windows it stops at data.cab or something similar, I know that it's orignal location to be installed is C:\Windows\Driver Cache\i386 and it dosen't install that file even after retrying alot. I guess I'll buy a new CD.
    This problem is not a must to be solved as I there is no solution for it I think.

    Well, Any help is appreciated.
    Thanks,
    Emin.
     
  2. CCT

    CCT TS Evangelist Posts: 2,653   +6

  3. Emin

    Emin TS Rookie Topic Starter

    I said Explorer.exe problem, Not Internet Explorer God..
     
  4. CCT

    CCT TS Evangelist Posts: 2,653   +6

  5. Click start, run, type "msconfig" and hit enter. Click the startup tab, take a careful note of what is and is not checked, now uncheck everything and reboot. Did it still crash?

    (If it still crashes, reverse what you did above.)
     
  6. Emin

    Emin TS Rookie Topic Starter

    Well, Thanks CCT.
    That post was really helpful. When this problem occoured it got fixed the next day automatically the next day, Forgot to tell that, And again next day it happened again. So I think it may occur again. I did some of the operations which I thought were necessary. I downloaded Zone Alarm PRO. Just the problem now is whenever I'm starting my computer, it's opening a bit slow. Any solution to that? The programs I Installed were:

    1. Zone Alarm PRO with Firewall
    2. Lavasoft Ad-Aware's Latest Version
    3. Hijackthis and renamed it to Crusty
    4. Clever Cleaner [I had it, Just needed the latest version]

    Everything seems to be working just fine right now.
    Thanks alot for your help!

    And caravel, When the problem existed I tried that several times. Anyways, Thanks to you too. :p

    1 last thing, Here's my Hijackthis Log, Please check if something wrong or not:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 2:20:24 PM, on 3/15/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\army.exe
    C:\WINDOWS\system32\QRPG.EXE
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\Crusty.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: FGCatchUrl - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
    O2 - BHO: BrowsingAdvisor - {F1E96EDC-E0C8-BE98-1F15-C29DBED83B53} - C:\Program Files\BrowsingAdvisor\BrowsingAdvisor-2.dll
    O3 - Toolbar: Webshots Toolbar - {C17590D2-ECB4-4b15-8820-F58798DCC118} - C:\Program Files\Webshots\WSToolbar4IE.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [Microsoft] army.exe
    O4 - HKLM\..\Run: [Winsock2 driver] QRPG.EXE
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - HKLM\..\RunServices: [Microsoft] army.exe
    O4 - HKCU\..\RunOnce: [Winsock2 driver] QRPG.EXE
    O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
    O8 - Extra context menu item: &Webshots Photo Search - res://C:\Program Files\Webshots\WSToolbar4IE.dll/MENUSEARCH.HTM
    O8 - Extra context menu item: Download &Flash Movies - C:\Program Files\Flash2X\Flash Hunter\save.htm
    O8 - Extra context menu item: eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
    O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.browsergate.com/redirect.php (file missing)
    O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.browsergate.com/redirect.php (file missing)
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
    O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Flash2X Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - C:\Program Files\Flash2X\Flash Hunter\save.htm (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: &Launch Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - C:\Program Files\Flash2X\Flash Hunter\save.htm (file missing) (HKCU)
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-IN/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{66F9C29D-3EC4-4F42-9D7E-607651DCCC83}: NameServer = 218.248.240.46 218.248.255.146
    O20 - AppInit_DLLs: C:\WINDOWS\system32\prai.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 6119 bytes

    And uh, What's QRPG.exe and Army.exe? Any clues? Thanks in advance.

    --Emin
     
  7. CCT

    CCT TS Evangelist Posts: 2,653   +6

    Army.exe once was a screensaver (circa 2001) but there is a baddie around using that name.

    The other shows nada in Google.

    You, like many others, have added all kinds of (to me) useless crap on your comp and some of it has been bad for it.

    I think you should run through the complete steps from the link I gave for prelim removals.

    Once done, repost with ALL the required logs.
     
  8. kritius

    kritius TS Guru Posts: 2,084

    You could upload the file to Virus Total.

    Go there and browse to C:\WINDOWS\system32\QRPG.EXE and upload it.

    It will run it through a series of scanners to see if there is anything up with it.

    EDIT|||||||||||||||||||||||||||||||||||||||||||

    Just had a proper check through the log, there are some infections in there. Also do you recognise the O17 entries as your own IP?
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...