Saved Bookmarks
| 1. |
Solve : Explorer.exe corrupted. Need Serious Help!? |
|
Answer» I am about ready to go hang myself. I've had this PC for 4 years now and I'm not going to let it screw up worse than its condition is now. Other than a Repair install and or re-installing i think you are blaming Windows incorrectly... Thanks. EDIT: BTW; Everytime I try to go to My computer of Any drives it says they are like, IDK not there. I think something about it can't find local disk C. or any other drives. I got some super trojan or something here. DxDon't mean to bump, but I still need help here... My Explorer.exe is still corrupted, what should I do? Reinstall Windows Xp? Should I copy all my files to drive G:\ or when I reinstall the OS everything is still gonna be there? I really need some info/help here... What happened when you followed patio's advice and posted your logs in the malware forum?Quote from: Allan on February 25, 2010, 10:39:26 AM What happened when you followed patio's advice and posted your logs in the malware forum? I didn't post any logs yet... It's my Explorer.exe that's corrupted it seems, because when I try to open a folder or anything, it says its invalid. and my Quicklaunch bar is broke and so is the space for Windows Media Player bar. P.S: I'm not on my home computer right now, so I can't do the malware scanner thing. :/Quote from: patio on February 24, 2010, 07:51:25 PM Other than a Repair install and or re-installing i think you are blaming Windows incorrectly...I told you already that I'm not on my home computer at the moment. And i know of that post already. EDIT: Is there any advice you guys can give me while I'm on another computer so when I go back home I can try this on my home computer? Advice? Help? Should I reinstall? And will reinstalling the operating system delete my files and registry keys?You need to follow patio's link and follow the instructions.A re-install will wipe all data and apps you have installed since Day one... If you need an alternative then clik the link provided above...Quote from: patio on February 25, 2010, 04:03:14 PM A re-install will wipe all data and apps you have installed since Day one... Thanks for the info. BTW Solved my problem. My STUPID COMODO Firewall was the cause. It seemed to be messing with the system and denying Physical memory acccess from the Explorer. I also had a portion/cut/remake of the "blaster" worm. *blast* named file found in my system32 directory. I had to delete it via the other Hard Drive, Drive G:\. :/ No wonders here. Comodo is very strict of Behaviors done in the system. This makes no sense... Why would Comodo block Explorer ? ? Something's FISHY in Venice...I think he is still infected and in denial..... He will be back... Quote from: deargodpleasehelp on February 24, 2010, 07:40:06 PM
Why would anyone want to do that ? It seems to me to be deliberate sabotage, and could cause all sorts of problems. I have just Googled "terminate Explorer.exe" and the first result was http://forums.techarena.in/tips-tweaks/1074795.htm Second paragraph includes "Exiting the Explorer process cleanly allows user to shutdown Explorer without risking unpredictable erroneous consequences that normally may happen if user forcefully kill the Explorer.exe process using Task Manager or Process Explorer, or using taskkill command." Incidentally, re the request to post a temporary explorer.exe, WHY, I have 4 copies on my machine - 3 are current, plus an older one held in C:\WINDOWS\$hf_mig$\KB938828\SP2QFE I would expect the O/Ps 4 year old P.C. to have the same redundant duplication. Alan Quote from: ALAN_BR on February 28, 2010, 10:12:47 AM Why would anyone want to do that ?Sometimes one can restart explorer in this fashion rather then really reboot to cause options that would require a reboot otherwise to come into effect. Also, if somebody is trying to debug certain add-ons you would need to terminate explorer before compiling a new one, but I highly doubt this is the case here. Quote Incidentally, re the request to post a temporary explorer.exe This is actually a common request. when an error dialog of this nature appears many people assume the file itself is corrupted. However, in this case the cause of the issue was a trojan/virus, which probably did something such as insert appINIT_DLLs into the registry. Note that when a "executable" crashes, it merely indicates what process crashed, not in what file the crash occured. a badly programmed DLL- (and bad programming practice is common and even encouraged in the underground community) will crash the process within which it runs if anything goes wrong. Generally an appINIT_DLL needs to take into account any number of threading models that a COM Server application such as Explorer may use; in this case it appears that one of the assumptions the program makes (probably DUE to the OS being different) causes the DLL to crash, and since DLL files are loaded In process with the executable and run in the same address space, the entire Program crashes. In fact, one might also assume that the "details" described by the fault dialog would indicate the "real" culprit as the cause, but this is usually not the case. For example, if a DLL tries to use an invalid pointer, which usually takes the route of passing an invalid memory address to an Windows function, that DLL function will crash, because, being a low-level Function it requires the fastest speed and can't spare time to VALIDATE it's arguments. Most of these sorts of crashes are pinpointed to ntdll.dll, which contains the Windows Native API that higher-level functions such as those in the more famous kernel32.dll, gdi32.dll, user32.dll, advapi32.dll, etc call into to perform their jobs. (in fact, some functions in these "higher level" dlls are merely exported symbols that forward directly to a routine in ntdll, the reason being that the function was moved to ntdll for some reason, but they left the symbol in it's old location for compatibility purposes. Such Forwarding is done by LoadLibrary, and the jump address is relocated to the address of the new function. This way there is no performance impact of an extra function call, which would be the case if the "compatibility routine" instead called into the new routine in ntdll.dll. |
|