I am unable to access event viewer. everytime the "windows explorer has stopped working" and "restarting" sequence cycles, my desktop icons, taskbar and any open windows-operating folders or apps disappear. I am able to keep firefox open so I DLed whocrashed and it said no crash dumps. also did system restore a few days ago to the day before the problem started and SFC seems to check out normal (it just runs itself and takes about a 1/2 second.) I'm beginning to think it's a memory problem as I am getting a memory error on shutdown. The only reason I suspected a virus is because I have been DLing a lot and accessing media online. Thanks for any additional help. Is this a known problem?
Hey Monk, Thanks for the follow up and support. I'm trying to do all this whist doing a million and 1 other things, so the trial and error to indentify may have to wait until the weekend. I will try all of these things to see if i can route out the problem, but I smell a reinstall on the horizon.. Thanks again, Marc
After running Malwarebytes for the second time, it came up with 2 registry entries that were no good. Here's the log: Malwarebytes' Anti-Malware 1.36 Database version: 2062 Windows 6.0.6000 5/1/2009 12:20:14 AM mbam-log-2009-05-01 (00-20-14).txt Scan type: Quick Scan Objects scanned: 72641 Time elapsed: 13 minute(s), 27 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 2 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{343ce214-9998-4b21-a151-ffe970167297} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e596df5f-4239-4d40-8367-ebadf0165917} (Rogue.Installer) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Upon shutdown, Windows installed some updates....to no avail. I am still having the Explorer problem. I am getting a memory error when I restart that says: "The instruction at 0x05981b3e was referenced at 0x05cad390. The memory could not be stored" Johnny 5 NEED INPUT!
"SFC should run (from cmd line) for several minutes - not 1/2 second - as it checks all of the OS protected files." When I run SFC from the command prompt, it flashes a black command screen for a second, but does not seem to scan for several minutes... Is this indicative of the problem I am having?
I apologize. I was running the SFC incorrectly. I was able to run it completely and it said that Windows Resource Protection found corrupt files but was unable to fix some of them
My laptop was out of commission all last week due to a Windows Explorer (Vista 32) Error Loop which occurred every 10 seconds after startup. I had another laptop at my disposal to do research and found many threads on many websites that attributed this problem to many different causes. I did a lot of things to try to route out the problem and in the end I used the Malwarebytes anti-malware program which removed 2 "Rouge Installer" registry entries. After I removed these, the problem still persisted. In preparation to reinstall, I moved my personal files to one folder on the desktop, scanned the folder many times with various programs and transferred them to my external (all in safe mode). After moving 70GB I restarted and the error loop did not occur. Could it have been a file on my desktop causing the problem? If so, how can I check? And should I now be worried about my external HD? Since my computer is working properly now I am happy to leave it as is, but there is something fishy about the whole sequence of events especially since I spent a week trying to figure it out and was sure I needed to reinstall Windows. I just want to make sure that my system is ok (it appears to be) and that my external is ok. Marc
Backup First off, I've never had an occasion where SFC was unable to repair/replace damaged/corrupt files. I suppose one could consider the issue to be malware or a corrupt OS that was beyond repair. Secondly, one could assume that the "infected keys" was the source of the issue and, although initially quarantined/deleted, damage to protected files was already accomplished - corrected by the reinstall. (Did you, in fact, do a reinstall or a clean install?) Regardless, the OS seems to be OK now. I think it unlikely that there would be any infection/corruption of personal files because, in my experience, malware - USUALLY - is installed in the OS root, Docs and Settings, or the OS directory (while being contained in DLed archives/files). I employ a rigid backup protocol which, in your case would work like this - IF - you are concerned that your personal files might be infected: 1. Create an image backup of your now stable OS partition (which you should routinely accomplish, regardless); store that backup on a different partition or, better yet, a second HDD; 2. Secondly, I - NEVER - placer personal docs/files on my OS partition. Why? If the partition becomes corrupted, your docs/files may become corrupted or inaccessible as well; 3. Create a second PRIMARY partition on your OS drive and store docs/file there. On my computers I have, at least, two internal HDDs. Each HDD has two primary partitions. The primary drive contains an OS partition on which I ONLY place the OS and applications; the second primary partition contains image files and backups of the secondary HDD and other "stuff." The secondary HDD also contains two primary partitions, one of which contains docs, MP3s, JPEGs, etc; the other contains backups and image files of the primary HDD and other "stuff." By so doing, if I run into a problem such as you experienced, I simply and quickly restore my OS image backup and am good to go. If you choose to move your personal files back to the OS HDD, I would do so in blocks and see if the OS is affected. If so, you can narrow down the source by identifying which block of files caused the issue and narrow it down further. Moral of the story: ALWAYS EMPLOY AN IMAGE/BACKUP PROTOCOL THAT WILL ALLOW IMMEDIATE, COMPLETE, AND EASY RESTORATION OF YOUR OS. Monk