Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Explorer unusable and not possible to delete files

Started by NeCrite , May 24 2005 03:24 AM

  • Please log in to reply

#1
NeCrite
Posted 24 May 2005 - 03:24 AM

NeCrite

    New Member

  • Member
  • Pip
  • 8 posts
Below you can find the log that HiJackThis made. I almost couldnt run the program at all.

What i do is the following:
I try to run explorer.exe or go there by double clicking the 'my computer'
No I get an error or no response at all
When I want to try to navigate with the explorer the maplist on the left only shows desktop and no further options.
The only thing I can use to navigate throught it is by filling the right address in the addressbar.
When I want to delete sum useless files in the system32, files that are made by unexpected shutdown, it says access denied or cannot read from source file or disk.

it is a PDC controller and Im a lil scared to reboot it, cause i think it might not get back into his Windows environment.

Any tips anyone?


Logfile of HijackThis v1.98.2
Scan saved at 11:11:20, on 24-5-2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 SP4 (5.00.2920.0000)

Running processes:
C:\Documents and Settings\Administrator\WINDOWS\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\System32\termsrv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\msdtc.exe
C:\Program Files\CA\Common\Alert\ALERT.EXE
C:\PROGRA~1\Adaptec\STORAG~1\service.exe
C:\PROGRA~1\Adaptec\STORAG~1\ASMProServer.exe
C:\WINNT\system32\Dfssvc.exe
C:\WINNT\System32\tcpsvcs.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\HP Web Jetadmin\hpwebjetd.exe
C:\Program Files\CA\eTrust\InoculateIT\InoNmSrv.exe
C:\Program Files\CA\eTrust\InoculateIT\InoRpc.exe
C:\Program Files\CA\eTrust\InoculateIT\InoRT.exe
C:\Program Files\CA\eTrust\InoculateIT\InoTask.exe
C:\WINNT\System32\ismserv.exe
D:\SYSVOL\sysvol\BTH-CAD\scripts\kxrpc.exe
C:\WINNT\System32\llssrv.exe
C:\WINNT\LogWatNT.exe
C:\WINNT\system32\MGE\RunSC.exe
C:\Program Files\HP Web Jetadmin\hpwebjetd.exe
C:\WINNT\system32\ntfrs.exe
C:\WINNT\system32\MGE\PCtl.exe
c:\winnt\rkillsrv.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\System32\locator.exe
C:\WINNT\System32\rsvp.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\MGE\BIL.EXE
C:\WINNT\system32\lserver.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\wins.exe
C:\Program Files\RealVNC\WinVNC\WinVNC.exe
C:\WINNT\system32\MGE\CILUSB.EXE
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\dns.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\Explorer.EXE
C:\Program Files\CA\eTrust\InoculateIT\realmon.exe
C:\WINNT\system32\Atiptaxx.exe
D:\INSTALL\___software\___Tools\spytools\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.7.1:3128
F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Realtime Monitor] "C:\Program Files\CA\eTrust\InoculateIT\realmon.exe"
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\RealVNC\WinVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [HP SchedIndexer] C:\Program Files\Hewlett-Packard\LaserJet 33xx\hppschedindexer.exe
O4 - HKLM\..\Run: [HP AutoIndexer] C:\Program Files\Hewlett-Packard\LaserJet 33xx\hppautoindexer.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Documents and Settings\Administrator\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Documents and Settings\Administrator\WINDOWS\web\related.htm (file missing)
O10 - Broken Internet access because of LSP provider 'c:\documents and settings\administrator\windows\system32\rnr20.dll' missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = BTH-CAD
O17 - HKLM\System\CCS\Services\Tcpip\..\{493E8B0F-8755-4DE2-8035-ADBFA728933C}: NameServer = 192.168.7.151
O17 - HKLM\System\CCS\Services\Tcpip\..\{B1D7266D-D1F8-4951-A0BE-78136F492194}: NameServer = 192.168.7.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{F07ED017-621B-4993-9C58-2DD9679211DC}: NameServer = 192.168.7.151,192.168.7.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = BTH-CAD
O17 - HKLM\System\CS1\Services\Tcpip\..\{493E8B0F-8755-4DE2-8035-ADBFA728933C}: NameServer = 192.168.7.151
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = BTH-CAD
O17 - HKLM\System\CS2\Services\Tcpip\..\{493E8B0F-8755-4DE2-8035-ADBFA728933C}: NameServer = 192.168.7.151
  • 0

Advertisements

#2
Guest_matthuffy_*
Posted 24 May 2005 - 05:56 AM

Guest_matthuffy_*
  • Guest
Why do you want to mess with your explorer.exe anyhow? tring to do some silly tweeking like changing your Start button?? is it worth it if you do not know what you are doing???????

anyhow! if you are going to mess with this, make a backup of explorer.exe and rename it e.g. explorer1.exe. So if you mess up you can still get back to your windows screen by using task manager RUN and Regedit and then you can revert to your saved explorer1.exe.

you may also need to ajust your protection to change your explorer.exe
this can be done in your FILELIST.XML found here: PUT THIS IN "RUN"
%systemroot%\system32\Restore
you must have SHOW HIDDEN FILES on in your tools menu and also select show "Hide protected operating system files"

there is much much more to this, but if you are concerned at this part, i would suggest you just leave it alone and use your computer for normal things :tazz: However, if you want all the info ask me ;)
  • 0

#3
NeCrite
Posted 25 May 2005 - 12:03 AM

NeCrite

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Matthuffy I don't think u understand me at all.

I do not mess with explorer itself. I just want to use it to navigate thru my drives and directories.
Delete sum files on a drive, but not the explorer. DOH

Guess u read it again a lil better...

- It is an error i get when using explorer in the system32 dir.
- If i doubleclick on my computer it doesn't open it
- If i use the icon of explorer it doesn't open it
- If i use the icon of my documents it doesn't open it
- When i try to delete a file in the system32 which by example is called 'R' i get an access denied error can't read from location

So u see im not tryin to mess with it, but i have to last with this till next weekend(new server) and i dunno if he is gonna make it, it still makes backup fortunately

So help with be great

Thanks
  • 0
Back to Windows XP, 2000, 2003, NT · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Retired Forums
  3. Windows XP, 2000, 2003, NT

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP