Explorer, IE and Control Panel Not Functioning

By five12dude
Mar 25, 2008
  1. Make: Toshiba
    Model: Satellite R10
    OS: Windows XP SP2
    CPU: 1.8GHz Intel Pentium M
    RAM: 1.0GB

    Attempting to open My Computer, Explorer, I-Explorer or Control Panel causes a surge in CPU usage and then nothing.

    Ran CCleaner and HiJack but still nothing is working normally.

    Logfile from HiJack is attached.

    Thanks guys.
  2. kritius

    kritius TS Guru Posts: 2,084

    When you say that you ran HijackThis did you fix anything already?

    I don't see an anitivirus program installed.

    Today's internet is simply suicide without an up to date antivirus.
    Not much point in you and I cleaning up the system if you refuse to protect yourself.
    However -- if you don't understand or cannot install an antivirus -- please let me know.

    Please download ONE of the following antivirus programs and install it.
    Once installed, Update it, run full system scan with it and allow it to fix up what it wants.
    Reboot if it fixed anything.

    You should get a firewall as well, either, these firewalls are all free,

    I need you to follow all the steps HERE and then post back with the three requested logs as attachments
    • AVG antispyware
    • ComboFix
    • Hijackthis (step 15)

    Dont forget to make sure that AVG is set to quarantine the results, that HJT is the last step and to let us know the results of the antirootkit scan.

    This thread is for the use of five12dude only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  3. five12dude

    five12dude Banned Topic Starter


    I had Symantec loaded on the system but removed it after running a scan and it reported all clear. I intend to reload it but I was slowly eliminating programs and resource hogs to see if I could isolate the issue.

    I'll see how much I can get through on the list and repost.

  4. kritius

    kritius TS Guru Posts: 2,084

    I would advise against Norton, its a resource hog and hasnt got a great detection rate.

    Read up on the ones that I mentioned earlier and pick one of them instead.

    It is your choice though.
  5. 512dude

    512dude TS Rookie


    did not load Norton but AVG instead. Everything ran with little issue except the following:

    1) CCleaner runs but hangs up trying to clear the IE Temporary files. If I look in the Temp directory under the user "local settings" folder I find 3 files that I cannot manually delete.


    If I run in Safe Mode I can bring up an Explorer Window and an Internet Browser but if I boot in Normal Windows mode I cannot.

    2) AdAware did find a Trojan and Quaratined it.

    Logs attached.

  6. five12dude

    five12dude Banned Topic Starter

    My apologies for posting as a different user but I had forgotten that I was already registered on this site. Opps my bad! Please feel free to nix the five12dude account if you wish and I'll keep the former.

  7. five12dude

    five12dude Banned Topic Starter

    Is that it for support from this Forum????
  8. kritius

    kritius TS Guru Posts: 2,084

    oh clam down, it hasnt been that long, and how can we know for certain that its not just sometime playing a joke.

    I have a backlog of logs, yours is in there please be patient.
  9. five12dude

    five12dude Banned Topic Starter

    Just inquiring and thanks for the update, it helps to know if anyone is following the thread or if I am in an endless queue.

    The Trojan that was discovered by AdAware is:

    Item Id: 300015600 Value: Root HKLM Path: system\currentcontrolset\services\psexesvc

    The registry entry doesn't exist anymore when I go to find it via regedit but the problem persists that I cannot start Control Panel or Explorer.

    Calmly waiting ;P
  10. kritius

    kritius TS Guru Posts: 2,084

    Fix entries using HiJackThis
    • Launch HiJackThis
    • Click the Do a system scan only button
    • Put a check next to the entrieslisted below
      O23 - Service: PsExec (PSEXESVC) - Unknown owner - C:\WINDOWS\PSEXESVC.EXE (file missing)
    • IMPORTANT: Do NOT click fix until you exit all browser sessions including the one you are reading in right now
    • Click the Fix checked button and close HiJackThis
    • Reboot HijackThis if necessary

    Delete Files and Folders
    • Right Click on the start button and chose explore
    • Show all hidden files and folders, see how HERE
    • Navigate to the following files and folders and delete them(if still present)
    C:\WINDOWS\PSEXESVC.EXE<---------This File

    • Empty the recycle bin.

    Update your Java Runtime Environment
    • First try going to Start -> Control Panel -> double click Java
    • Select the Update TAb at the top
    • Click the Check for Updates button at the bottom
    • If it finds the newer version (Java 6 Update 5) Follow the on screen instructions
    • After it installs the newest version Go back to Control Panel -> Add/remove programs
    • Uninstall any older versions of Java

    If for some reason you couldn't update through the above instructions.
    • Click the following link
      Java Runtime Environment 6 Update 5
    • The 4th option down is the one you want (click Download)
    • Check the box to agree to terms of service
    • Check the box for your operating system and click 'Download selected'at the bottom
    • After the install Go to Start-> Control Panel-> add/remove programs (Programs and features), and uninstall any old versions
    • Navigate to C:\programfiles\Java -> delete any subfolders except the jre1.6.0_05 folder

    Try that for now.
  11. five12dude

    five12dude Banned Topic Starter

    I believe AdAware took care of the PSEXESVC service and related files as I don't find them when running my HiJackThis scan. I have attached my latest log file.

    Still no success with launching Control Panel, IE or Explorer window. The CPU goes to 100% and no response until I kill the Explorer process.
  12. kritius

    kritius TS Guru Posts: 2,084

    Do this for now, i have to sleep, ill see if I can think of anything tomorrow.
  13. five12dude

    five12dude Banned Topic Starter

    I tried the recommended Java update both ways (in Safe Mode) and I get a Windows Installer error

    "The System Admin has set policies to prevent this installation."
  14. kritius

    kritius TS Guru Posts: 2,084

    Download to your Desktop this self-extracting ZIP archive FixPolicies.exe
    • Double-click FixPolicies.exe
    • Click the Install button on the bottom toolbar of the box that will open.
    • The program will create a new Folder called FixPolicies
    • Double-click to Open the new Folder, and then double-click the file named Fix_Policies.cmd
    • A black box will briefly appear and then close. This will enable your Control Panel, Task Manager and stop any Administrative warning

    This probably wont wotk but we should at least exhaust all possibilities
  15. five12dude

    five12dude Banned Topic Starter

    As you guessed...did not work.

  16. kritius

    kritius TS Guru Posts: 2,084

    Ill have to have a think about this one. Sit tight and ill get back to you.
  17. jobeard

    jobeard TS Ambassador Posts: 9,153   +598

    Java may be backlevel quiet a bit, but the infection is no Java itself --
    attend to the real issue.

    Yes, GPO settings can disable installs at the wish of the administrator.
  18. five12dude

    five12dude Banned Topic Starter

    I ran the MicroTrend web based antivirus scan called HouseCall in SafeMode and found 94 trojans/malware issues. (I can't run it when logged in as the user since IE will not come up)

    I cleaned the issues using HouseCall and rebooted.

    Ran SFC /scannow to check on the integrity of the OS files. It didn't report anything explicitly but I have not used it before so I am unsure if it actually makes a report or not.

  19. five12dude

    five12dude Banned Topic Starter

    Problem solved...

    I created a new user account and deleted the old account and now have IE, Control Panel and My Computer responding and working.

Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...