Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

explorer.exe does not load during startup


  • Please log in to reply
3 replies to this topic

#1 TM_Paul

TM_Paul

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NABU
  • Local time:04:16 PM

Posted 20 October 2011 - 11:52 PM

Newbie need help here....

My computer was just hit with malware identified by my Trend Micro as BKDR_CYCBOTSM3. It was successufully detected and quarantined. However, my computer was still acting funny so I decided to tinker around and see if there are some undetected strands of malware on my PC. I use autoruns to check and see if there were any unusual running proccesses. I was able to identify a few but one really stand out - lsdelete.exe; I compared it with my other Windows XP machines autorun procces and it was not there so I decided to delete it. After rebooting my computer, explorer.exe won't load at start-up anymore. I tried forcing it to load by using run. However all I'am getting is an error saying - "windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access this item".

I tried using a different account and got the same problem. I tried logging in safe mode w/ network and explorer.exe loaded just fine. So I decided to check the registry for ...HKLM/Software/Microsoft/WindowsNT/CurrentVerion/WinLogon and it shows the correct entries (I compared it with my working windows and they're identical). As another test, I rebooted the computer to normal mode and used procexp to see if there are any foreign process running that would stop explorer.exe from loading but found none. I even went far as to replacing the explorer.exe with a one that I knew was working but still the same problem.

I then decided to check the event logs and found a error during startup. It was saying that 4 drivers failed to initialize during startup - lbd,fip,tmtdi and intelppm. I googled them and found out that lbd is lavasoft ad-adware and tmtdi is my trend micro. what i found very intresting was the "fip". it tackles about crypto services which I dont understand at all. I running out of options and I don't have a running Windows CD right now (don't ask what happend) thats why I can't do recovery. If you guys has any other fix...please..please...help me.

Thanks in advance :lol:


"I'll be your silent gaurdian. A watchful protector. A dark knight..."


BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:16 AM

Posted 21 October 2011 - 12:16 AM

Hi TM_Paul -
lsdelete.exe is a Lavasoft file. Lsdelete.exe is related to Lavasoft Boot Cleaner.

You must have had Lavasoft programs installed on that computer at some time, delete it if you want to -
Also if you are not sure, please do not play in the registry -

Regards -
EDIT - For the explorer.exe problem, try this -
Open My Computer.
Go to Tools>>Folder Options>>View.
Under "Hidden Files and Folders", uncheck "Launch folder windows in a seperate process".
Reboot and see if this takes care of your problem.

Edited by noknojon, 21 October 2011 - 12:24 AM.


#3 TM_Paul

TM_Paul
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NABU
  • Local time:04:16 PM

Posted 21 October 2011 - 10:58 AM

Thanks noknojon. I will keep that for future reference.

I was able to fix my problem by running registry mechanic.


"I'll be your silent gaurdian. A watchful protector. A dark knight..."


#4 hamluis

hamluis

    Moderator


  • Moderator
  • 55,734 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:04:16 PM

Posted 21 October 2011 - 02:47 PM

An FYI item re registry cleaners...

Bleeping Computer DOES NOT recommend the use of registry cleaners/optimizers for several reasons:
  • Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

    The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.
  • Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.
  • Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.
  • Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.
  • The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".

Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.
Louis




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users