Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

w2k - system shortcuts defunct ++


  • Please log in to reply

#1
elektrosport

elektrosport

    New Member

  • Member
  • Pip
  • 4 posts
Hi,

I just registered as I have quite an annoying installation of windows 2000 running with whic I need some qualified help. I've been reading this forum for malware problems prior to the system "collapse", this is the continuation of my struggle.

It all started a month or so ago when I suddenly at startup has these dialogs popping up saying that something couldn't run due to missing LINUX components (or something to that extent)..
I wanted to start a search for malware but realised that my norman was deactivated, so I started checking for other antivirus programs. The result was internet explorer shutting down or unable to find the webpages. When trying to install antivirus programs, downloaded from my laptop and transferred, the installation process would close.

I succeeded installing bullguard which found and removed some viruses (haven't written any down, unfortunately). I got Norman to run again, it found and cleaned more. I then installed Adaware which found yet some problems. Finally I installed Spybot - search & destroy which also found problems.
In addition I manually removed entries in regedit for files I knew were malware and/or not recognized or removed by any of the programs.

All seemed fine and dandy in the end and the PC was running much as it used to.

Having used the PC for a couple of days when suddenly at startup, explorer refused to run, the desktop wallpaper was loading but no explorer. I was able to do "new task" in task mananger but no able to fix the system or restore it to past glory..

I decided for a repair install which got me going again, well almost.

When logging in, explorer loaded as it should, however several things were wrong. At first glance all my desktop shortcuts were returned to the default icon. double clicking had no effect, quick launch shortcuts/toolbar also gone.

My start menu displayed similar behaviour. All program file folders displayed with their name and the default icon, the program folders display ghosted as "empty".
My control panel doesn't work, I see the correct folder shortcut icon, but it never opens. I am able to run almost all the *.cpl files from run/cmd though.

Recycle bin doesn't work, the shortcut doesn't point to the bin. Right clicking gives me the options of either open or explore, neither works.

I find this very puzzling so I start searching for recently created files, what the search dialog is providing me is a bit overwhelming. Some 2000 files (TWO THOUSAND!), randomly named eight letter .exe files scattered all over my PC, not just my C: drive, all drives, even the ones only containing data.

All .exe files are 54kb, filname examples: kfpsgfvp.exe, mjmyarlg.exe, ejcfbakv.exe etc.

When I try deleting some of the files (from the search dialog) explorer crashes.

When trying to save files from the internet, right click "save target as.." nothing happens.


So this is where I'm at, I just installed SP4 and IE6, problems still not fixed. A total reinstall may be the way to go, but I'd rather avoid that. All suspicious .exe files have now been deleted.

So how's this one for ya, I really hope you can help?



Cheers,
Karsten

Edited by elektrosport, 21 September 2006 - 06:15 AM.

  • 0

Advertisements


#2
wannabe1

wannabe1

    Tech Staff

  • Technician
  • 16,645 posts
Hi elektrosport...

Check these registry keys:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

What is the Data Value for Shell? It should be Explorer.exe

HKEY_CLASSES_ROOT\.exe

The values in the right pane for this key should be as follows:

(Default) = exefile

Content Type = application/x-msdownload

Is this what you find?

wannabe1
  • 0

#3
elektrosport

elektrosport

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Yes, that's what I find.

At one point I was suspecting that something was wrong with shdocvw.dll, as it seems other users have had explorer related problems with this file, if not working properly, but it may be way off?

I installed SP4 but the shdocvw.dll wasn't updated I believe, as the installed DLL is timestamped earlier than the corresponding DLL in the SP4 package.

I've been searching high and low on the internet for solutions on all of my (known) problems. Individually I find suggestions, DEL ShellIconsCache, Desktop.INIs - restart, Installed "TweakUI", etc. Nothing worked.

I believe (but then again, I do believe a lot) the problem may be a regbase issue, maybe the regbase is pointing somewhere odd, like a different USER or whatever.. I really have no clue.. but my limited tech-knowledge bet is USER and/or REGBASE related.


cheers,
Karsten
  • 0

#4
elektrosport

elektrosport

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
A couple of other observations:

File Dialogs
Rightclick on desktop select new->text document and a file is created. Trying to "save as.." from notepad and the following error comes up:

"Failed to Initialize File Dialogs. Please Change the Filename and try Again."


Recycle Bin
Since the Recycle Bin shortcut on my desktop does not work I browsed to C:\RECYCLER\..\ to see if anything nasty was located here.
I found four items (three folders and one DLL) called Dc1, Dc2, Dc3 and Dc4.dll. The weirdest thing though, Dc1 is my control panel, Dc2 my printers and Dc3 History, dc4.DLL doesn't give up it's past function/identity.

I never deleted these items, I suspect they could have been wiped by anti virus but then normally they wouldn't appear in the RECYCLER?
Also I checked my existing anti virus logs and couldn't find any sign of removal. I am not able to recover the items from explorer, maybe RECOVER in DOS would help me, or is this for other uses?


Cheers,
Karsten
  • 0

#5
wannabe1

wannabe1

    Tech Staff

  • Technician
  • 16,645 posts
Do a search (all files and folders...including hidden and system files) for regedit.com

Is this file on your machine?
  • 0

#6
elektrosport

elektrosport

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
nope, no such file..


cheers,
Karsten
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP