Explorer Won't Stop Running (Help)

For the past couple of days I have been having some problems with internet explorer and I can't figure out what is wrong with it. I sunday I cleaned out my system in safe mode for spy ware, adware, etc. (followed the sticky for virus's and spyware). I ran spyware blaster and it found two problems (wild tangent and DSO exploit). I chose fix the problem. Ever since my computer has not been running right.

I will use Explorer and when I go to close it my system freezes. I hit control alt delete and the system tray says explorer not responding. So I have to continue to hit control-alt-delete and then my screen turns white and have to reactivate my active desktop. Sometimes I just have to turn the computer down and reboot.

Does anyone know what causes this and how I may fix it?

Thanks

 

Thread moved here from software to complete any necessary cleanup.

 

I also want to add that I downloaded a registry cleaner after posting the first message to see if any problems were detected. I did not delete to much, however, because I don't know what needs to be deleted if anything.

 

As you stated you competed the basic spyware removal tutorial go ahead and proceed with the below instructions.

- Download HijackThis 1.99.1

- Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

- Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file.

- Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

- Run HijackThis and save your log file.

- Post your log as an ATTACHMENTto your next message. (Do NOT copy/paste the log into your post).[/color]

 

AbbySue,

Ran Hijack This and attached the log.

 

I am no expert in analyzing logs but I do see some things that are of concern such as several sites in the trusted zone...not a good thing. There are a few other things I see that are questionable, for example: services running from a directory other than system32 but as you are using WinME and I am more familiar with XP I'm not sure on them.

One of the regulars who help out with this will be along to check your log and advise you the best way to proceed.

I myself will be interested to see if the list of things I came up with as questionable are indeed questionable.

Good Luck!

 

Please print out these instructions so that you can operate with ALL Browser Windows CLOSED.
Please make sure System Restore is OFF and the Viewing of Hidden Files is Enabled as per the tutorial.

Please look in Add or Remove Programs for the following and Uninstall them if found:

WildTangent

Now scan with HijackThis and Check the Boxes for the following:

R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://db105.com:81/cgi-bin/index.cgi?c=0
O15 - Trusted Zone: *.db105.com (HKLM)
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - Trusted Zone: *.skoobidoo.com (HKLM)
O16 - DPF: {94837F90-A2CA-4A8A-9DA0-B5438EC563EA} - http://install.wildtangent.com/cda/islandrally/ActiveLauncher/ActiveLauncherSetup.cab
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} (WTHoster Class) - http://install.wildtangent.com/bgn/partners/ea/freekstyle/install.cab

Again, make sure All Browser Windows are Closed when you Click FIX.

Now we need to Reset Web Settings:
1) If you have an Internet Explorer icon on your Desktop, goto step 2. If not, skip to step 3.
2) Now right click on your desktop Internet Explorer icon and select Properties. Then click the Programs tab and then click "Reset Web Settings". Now go back to the General tab and set your home page address to what you want or something useful like www.majorgeeks.com. Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK. Then skip step 3.
3) If you do not have an Internet Explorer icon on your Desktop, click Start, Control Panel (for some systems it may be Start, Settings, Control Panel), Internet Options, Programs tab and then click "Reset Web Settings". Now go back to the General tab and set your home page address to what you want or something useful like www.majorgeeks.com. Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK.

Scan with HijackThis and attach that log.
Let me know how your computer is running now and if you had trouble with the above instructions.

Good luck

 

Thanks OldThug. Followed your instructions and attached new log.

 

How is it running. Are you still having same problem? Is this supposed to be your home page http://www.cox.net.

 

It's still the same. After using IE I have to end the program using control alt delete, however, the past two times I had to rebott my computer. I also wrote down the other programs running when I hit control-alt-delete, which are:

Explorer
Hidserv
Systray
Lxdboxcp
Ashmaisv
Ashwebsv

I have no ide what they are or if they are suppose to be running.

 

Also, I don't have this problem with netscape nad my homepage should be msn.com (cox.net is my internet provider).

 

Those are all OK. Have you tried updating Win ME at microsoft website?

 

Thats another problem I am having. I can't get any updates from Microsoft. Everytime I download something its no valid or corrupt. That is when it downloads. Usually, I search for critical updates and nothing happens. It stays at 0% the entire time.

 

Please print out these instructions so that you can operate with ALL Browser Windows CLOSED.
Please make sure System Restore is OFF and the Viewing of Hidden Files is Enabled as per the tutorial.

Now scan with HijackThis and Check the Boxes for the following:

Do you recognize either of these. If not fix them
O15 - ProtocolDefaults: 'http' protocol is in Trusted Zone, should be Internet Zone
O16 - DPF: {0334C9D4-543B-3B44-CA01-613727C82DDC} - http://67.18.129.75/1/rdgUS1351.exe

Again, make sure All Browser Windows are Closed when you Click FIX.

Scan with HijackThis and attach that log.
Let me know how your computer is running now and if you had trouble with the above instructions.

Good luck

 

OldThug,

The instructions were great. I did that and posted the log. I will see how it is running now.

 

Its still the same. I just had to reboot again after my comp froze.

 

Defense

I have exhausted what I can do. I will see if Chaslang can help you. Be pattient - he is very busy.

 

Thank you very much for all your help!

 

Your Welcome
Wish I could have got it fixed.

Have you tried to undo the registry changes the above made.

You could try undoing some of the other programs changes also, one at a time. You might be able to see where the problem is.

 

Now when using internet explorer and word I get little dimmed pictures. I don't know how to accurately describe them but they look like faded desk top icons that contain ~ before the name. The ones from IE begin ~WRL followed by 4 numbers and ...

 

What have you done since your last post? Anything?

 

Nothing at all.

 

Hopefully Chas will get a chance to help you tonight. Good luck.

 

I only have this problem with IE. Once its closed or never opened I do not have any problems at all. I am not quite sure what you mean by hang. In safe mode I can run everything. After running the registry cleaner I did not delete anything because I had not idea what to delete so I just left it alone.

 

When I close down IE the whole computer freezes. I have to keep hitting control-alt-delete to get explorer to close and then my screen will turn white and I will have to click reactive my desktop. Usually though I have to reboot when I shut IE down.

I entered sfc /scannow in "run" but it did not work. I guess that is not what you meant by command prompt.

 

I just tried IEFix. I did not work but I was able to download updates from microsoft.

 

No I have not rebooted yet. I will do that now.

 

That did not work. WHen my comp rebooted and I open IE my comp froze. Then I got a bluse screen stating an era has occured press any key to continue. The error was

File name: AFVXD(01) + 0000291F Error OE: 0028 : C165716F

 

Thanks C!

I am going to give this a shot this weekend. THe end of the week is hectic for me so if I mess something and need to reformat my hard drive (like I usually have to do every 6 months) then I will have the time to do it. I will post with an update this weekend.

Thanks Again.

 

Whats up C?

I followed the mircrosoft instructions you posted on Thursday. Unfortunately that did not work. I don't know what else to do. I am thinking about deleting my entire hard drive and installing everything again. I do however have viruses saved in system restore that I can not delete. Is there anyway I ccan get rid of these?

 

Even with system restore disabled I am unable to remove the spyware, virus', and adware on my system. I keep receiving messages that they are unable to be removed.