Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

explorer.exe is 16 bit


  • Please log in to reply
2 replies to this topic

#1 jbhelfrich

jbhelfrich

  • Members
  • 2 posts
  • OFFLINE
  •  

Posted 11 November 2015 - 09:15 PM

Running Windows 7, 64 bit.

 

So last night I bluescreened with a memory access error, and then couldn't boot--the mbr was corrupted, as far as I can tell.  Found a windows repair disk, and jumped through its hoops.  Initially it was saying that it couldn't even find a windows install, but eventually I got it to acknowledge that there was a windows system.  It alternated between saying it couldn't fix my problem and saying that it couldn't find anything to fix.  Finally found a message at the bottom of one of the reports saying that one of the AVG files was corrupted--the anti-rootkit service driver.  

 

Followed instructions found on the AVG forums to rename their drivers to .old, and I could boot.  But then I'm told that the copy of explorer.exe on the system is 16 bit, and it can't run on a 64 bit system.

 

I'm assuming I got a virus/rootkit in my system, (maybe an old one, since it's apparently using 16 bit programs) but is there a way to recover my existing install and run All The Checkers, (say, by copying explorer.exe from a known-good source) or am I at a nuke it from orbit/reinstall point?



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:42 AM

Posted 12 November 2015 - 04:41 PM

Hi... The first thing to try is complete removal of AVG.

The correct way to remove AVG is through its program folder via Start > All Programs or by using Add/Remove Programs or Programs and Features in Vista/Windows 7.

An alternative way is to download and run the latest AVG installation file. When the AVG Installer windows appears choose the option to Remove and click Continue to allow the AVG 2011 uninstaller to run. Restart the computer when done.

Anti-virus software components insert themselves into the operating systems core and create files/folders/registry entries in various locations. It is not uncommon for some anti-virus programs to not completely uninstall itself using the usual method of Add/Remove Programs or Programs and Features. In many cases anti-virus vendors provide clean-up utilities on their web sites to remove remnants left behind after unintalling or for a failed uninstall.

If normal removal methods do not work, download and use AVG's uninstall/cleanup utility.

AVG Remover eliminates all the parts of your AVG installation from your computer, including registry items, installation files, user files, etc. AVG Remover is the last option to be used in case the AVG uninstall / repair installation process has failed repeatedly.

AVG Remover
AVG Remover downloads for 32-bit, 64-bit systems~~THX quitman7 for write up.

Next check system files.

Tweaking.com - Windows Repair All-In-One (Portable)

- Download Windows Repair All-In-One (Portable Version) from here.

- Extract tweaking.com_windows_repair_aio.zip to your Desktop.

- Disable all your antivirus and antimalware software - see how to do that here.
- Right click on QfBzvq1.png and select Run as Administrator (XP users just double click) to start Windows Repair All-In-One.
(Windows Vista/7/8 users: Accept UAC warning if it is enabled.)

- A window will appear. Click Step 2.
2f8o60N.png

- Click the Open Pre-Scan button, then click Start Scan. Wait for Windows Repair to finish scanning.

- Depending on which error Windows Repair found, click Repair Reparse Point or Repair Environment Variable accordingly. When the button changes to "Done!", click the close button to return to Windows Repair.

- Go to Step 3, then click Check in the See If Check Disk Is Needed.

- If Windows Repair stated that errors are found, click Open Check Disk At Next Boot. Choose (/R) Fixes errors on the disk also locate bad sectors and recovers readable information, then click Add To Next Boot. Reboot the computer to let Windows check the disk.
Ymy7crZ.png

- Go to Step 4, then click Do It.
zDtdN75.png

- Go to Step 5. Under System Restore click Create.
f7lEe1N.png

- Go to Repairs and click Open Repairs. Leave all checkmarks as they are, then click Start Repairs.
PGv2vtD.png

- By default Windows Repair All-In-One will create a "Logs" folder in its folder on the Desktop. Please post the contents of the log in your next reply.

Restart machine.. Re install AVG

Edited by boopme, 12 November 2015 - 04:42 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 jbhelfrich

jbhelfrich
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  

Posted 12 November 2015 - 10:12 PM

Fair warning: snark ahead.  Part of this snark is because of my stress in fighting with computers for one issue or another for the past month.  Part.

 

So I guess you missed the part in the subject line where explorer.exe is not working.  I have no desktop, no control panels, no task bar.  My ability to run anything is restricted to launching the task manager and clicking on New Task in the applications window.  This was enough to get me a command prompt to copy files off the C drive and launch browsers to bookmark sites from my open sessions.  But a lot of your other instructions weren't doable.  (A windows box without explorer running is still surprisingly functional, though.  Not pretty, but functional.)

 

I downloaded the AVG installer and ran it, and it said it couldn't do anything because I have a newer version of the product than what I downloaded.  Now if I'd downloaded the 2011 version of the installer like your post says that would make a lot of sense.  (You might want to update the file you're cut and pasting from.)  AVG did update a couple days before all of this started, so I suppose that it is just barely possible that I have newer files than are being distributed through their website.  I got the AVG remover file, ran it, and it rebooted the first of what it said could be several times....and it did nothing else, presumably because whatever triggers the next step after reboot assumes explorer.exe is running.  I looked in the running processes and AVG was still there, so I killed it manually, for whatever that was worth.

 

Downloaded Tweaking, and the prescan said there were some problems with some Windows update files, but nothing critical.  Ran malwarebytes, and it found two installers with adware in them, but no viruses.  Had run sfc before and it said (in brief) that a lot of non-critical files were screwed up.  Help files and the like.  I started the repairs, and it's still running, but it hit step 4 or so and I started getting a dialogue that regedit.exe is also a 16 bit program.

 

From other reading I've done and other symptoms, my operating theory at this point is that since the bluescreen dump got confused about where it was supposed to be writing and overwrote drive sectors, apparently without updating the file table.  It's a miracle I'm able to boot at all, really.  Since I was able to recover my files from the drive (assuming that they're still actually my files inside and not a memory dump) I'm probably just going to go to a fresh install unless someone has a helpful idea.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users