Erm, I have a problem...

For the last couple of days, I've been unable to use IE, My Computer, My Documents, Control Panel, etc.
Third-party programs like Winamp and Netscape work fine.

What happens is that I'll open IE, the window will open, then close instantly. I can see the process running in the Task Manager, but I can't use it.
When I try to open My Computer or My Documents, it "re-loads" the desktop & taskbar.

I really have no clue what's causing this. The only thing I can think of is that it's somehow connected to Service Pack 2, which I downloaded last week or so. All the added security and whatnot.

I did a Spyware search & destroy, but it didn't fix the problem... I do have a couple of extra toolbars installed, but they haven't given me any problems so far.

Thanks!

Reinstall Windows. That would be the best start and would give the best chance at fixing everything. You don't need to format or anything, just a reinstall would suffice. If that doesn't work, post your computer specs along with programs that you've installed recently. One or two weeks should be good. That includes drivers and updates. After that I'll see what I can do.

Probably a virus. And is this XP we're talking about? If so, maybe you should try using your last Restore Point just before the Service Pack 2 Download. I have SP2 with no problems, so it's probably something your computer caught that it didn't like.

Before I reinstalled everything, I'd run a good, up to date virus program. As a matter of fact, that's the first thing I would do.

Just some suggestions.

Erm, I have a problem...

For the last couple of days, I've been unable to use IE, My Computer, My Documents, Control Panel, etc.
Third-party programs like Winamp and Netscape work fine.

What happens is that I'll open IE, the window will open, then close instantly. I can see the process running in the Task Manager, but I can't use it.
When I try to open My Computer or My Documents, it "re-loads" the desktop & taskbar.

I really have no clue what's causing this. The only thing I can think of is that it's somehow connected to Service Pack 2, which I downloaded last week or so. All the added security and whatnot.

I did a Spyware search & destroy, but it didn't fix the problem... I do have a couple of extra toolbars installed, but they haven't given me any problems so far.

Thanks!


Steps (don't worry, I tried the following myself and it is safe!).
-Download Hijack This from Cnet. (http://www.download.com/HijackThis/3000-8022-10307556.html?tag=lst-0-5)
-Extract/unzip to your desktop, and you will see an icon like this. (http://home.hawaii.rr.com/wizardgrey/images/Temp/step1.jpg) Yup that is a bad choice for an icon (not very friendly looking)
-Double click on it to start it up.
-You will see another screen like this. (http://home.hawaii.rr.com/wizardgrey/images/Temp/step2.jpg) Only click the "scan" button for now.
-Program will run and will look slightly different. (http://home.hawaii.rr.com/wizardgrey/images/Temp/step3.jpg) Now the "scan" button turns into "save log" click that button. Do not click anything else for now!
-Close that program by hitting the red x box and check your "My Documents" folder. There will be a text file named "hijackthis".
-Copy and Paste the info into this post or PM me. But before doing so, Please glance through the info. I highlighted somethings in red. They might contain personal information that you might/do NOT want to share with me, like your user name, computer name, or websites that for some reason are logged into the report:

Example:

Logfile of HijackThis v1.98.1
Scan saved at 10:39:07 PM, on 8/2/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\tbctray.exe
C:\Program Files\ATI Multimedia\main\ATISched.EXE
C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
C:\Program Files\WallpaperToy\Wallpapertoy.Exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Documents and Settings\Wizard Grey\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.avault.com/
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://tv.yahoo.com/"); (C:\Documents and Settings\Wizard Grey\Application Data\Mozilla\Profiles\default\8tx27qqu.slt\prefs.j s)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csea rchplugins%5CSBWeb_02.src"); (C:\Documents and Settings\Wizard Grey\Application Data\Mozilla\Profiles\default\8tx27qqu.slt\prefs.j s)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX5400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2G 1.EXE /P19 "EPSON Stylus CX5400" /O6 "USB001" /M "Stylus CX5400"
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [TraySantaCruz] C:\WINDOWS\System32\tbctray.exe
O4 - HKCU\..\Run: [ATI Scheduler] C:\Program Files\ATI Multimedia\main\ATISched.EXE
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
O4 - Startup: Wallpaper Changer.lnk = C:\Program Files\WallpaperToy\Wallpapertoy.Exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\tv\EXPLBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/c...DC_1_0_0_44.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...meInstaller.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/081b612816e174...ip/RdxIE601.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - gamespyid.com/alaunch.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - ccon.futuremark.com/global/msc34.cab

I will post a reply with suggestions to tackle your problem when you make a follow up post.

Later.

Info sent!

I've gotta hit the sack now, though, but I'll check up on this in the morning.

Thanks!

I really doubt it's a virus/trojan or anything,. I really think when he installed SP2 it corrupted a few files that windows needed to run. The reason I think this is because he said only windows programs weren't working, while 3rd party programs run fine.

Anyway, Sampo should be able to help if it is a virus/trojan. If it's not I would still go with the reinstall of Windows and redownload SP2.

I really doubt it's a virus/trojan or anything,. I really think when he installed SP2 it corrupted a few files that windows needed to run. The reason I think this is because he said only windows programs weren't working, while 3rd party programs run fine.

Anyway, Sampo should be able to help if it is a virus/trojan. If it's not I would still go with the reinstall of Windows and redownload SP2.Good point. So the Restore Point thing wouldn't work in this instance?

Good point. So the Restore Point thing wouldn't work in this instance?
I would think not, but who knows. I don't see any harm in trying it, so why not.

YYAAAAAAAYY whoot, Hatter got his WinXp repaired!

Mog thanks for making that post, so I asked Hatter if he could access "My Computer" and "Internet Explorer" (just to see if it loads) via "Safe Mode". They worked thus it must have been caused by a strange Trojan/spyware/whatever that infested his system.

Here is a snip of the stuff I found in his log (gah, I hope Hatter doesn't mind me posting the below).



O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINDOWS\2_0_1browserhelper2.dll

O4 - HKLM\..\Run: [sfvwdkorh] C:\WINDOWS\System32\eifptti.exe
O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\Downloaded Program Files\bridge.dll",Load


Also...



F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Windo ws\System32\wsaupdater.exe,


The above appeared to have cause some problems with "My Documents" appearing at startup (he had this problem before experiencing the WinXP problems he described in this thread).

Anyhoot after running Hijack This and clearing up some of the above, Hatter says his computer is alright. :)

Later.