[HiRO]

hey guys im new here...hopefully i can get some answers here.....you see i got hit by a virus so i decided to reformat my PC......now after ive used the comp for over a day or so when i reboot my comp an error that says explorer.dll not found......i end up reformating my comp almost once every 2 days.... i want to know the cause of the problem???? is it a hardware problem or is my copy of OS malfunctioning.......reply asap thank u.....

[evilfantasy]

Actually it sound like it is still malware related.

explorer.dll is not a valid file.

I am going to move this to the Virus, spyware & security forum so you can run this scan and post the results in this thread. There are a lot of instructions but it only takes a minute to do.

Please read carefully.
Download HijackThis to your desktop.
Double-click on the file you just downloaded.
Click on the "Install" button to install.
It will by default install to the directory - C:\Program Files\Trend Micro\HijackThis
Please do not change the default install location.
Upon install, HijackThis should open for you.
Now close HijackThis to rename it to analyze.

Important
Rename the Hijackthis.exe file to analyze.exe
This is important because some forms of malware can hide from HijackThis.
Right click the HijackThis.exe file in C:\Program Files\Trend Micro\HijackThis
Choose Rename.
Type in analyze and press the enter key.
Right click the analyze.exe file and send to desktop to create a shortcut.

Next click on the "Do a system scan and save a log file" button.
HijackThis will scan and then a log will open in notepad.
In the top left of the notepad window click "File" > "Save As" name it hijackthis and then save it to the Desktop.
Please save the log as a text (.txt) file.
In your post, add the log as an Attachment.

* Don't have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
** Don't use the Analyse This button. It's findings are dangerous if misinterpreted.

Guide For Attaching Logs To A Post

[HiRO]

here's the log file......

[evilfantasy]

Open HijackThis and select "Do a system scan only"
Place a check mark next to this entry
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
Close all windows except for HijackThis and click "Fix checked"

Please run Combofix
1. Download Combofix by sUBs. Place it on your Desktop. combofix.exe
2. Double click combofix.exe & follow the prompts. Enter 1 and press enter at the prompt.
3. When finished, it shall produce a log for you. Attach that log in your next reply.
Combofix will create a backup to anything removed in C:\qoovox

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

[HiRO]

heres the combofix log file

[evilfantasy]

I am not seeing any malware in the scans.

Lets do this.

Enable Viewing Of Hidden System Files & Folders

Windows XP
1. Right Click Start.
2. Select Explore.
3. Select the Tools menu and click Folder Options.
4. Select the View Tab.
5. Under the Hidden files and folders heading select Show hidden files and folders.
6. Uncheck the Hide extensions for known file types option.
7. Uncheck the Hide protected operating system files (recommended) option.
8. Click Apply.
9. Click OK.

Then go to http://www.virustotal.com/ and click "Browse"

Locate the following:

c:\windows\system32\explorer.dll

Double click it to enter it in the Upload A File window and then click "Send File"

This will run the file through 32 different antivirus scanners and tell the results.

I am very confident we will simply delete the file and be done with it but would like to see if any malware is attached to the explorer.dll so we will know if more thorough scans will be needed.

Simply tell me results of the virus total scan.

[HiRO]

i cant find the file....it isnt there......1 question......how come the same file keeps getting lost even when i reformat??? i thought when we reformat....its suppose to renew everything??? dun old viruses get deleted or sumthing??

[evilfantasy]

A format "should" get rid of everything. But sometimes it takes wiping the disk more thoroughly.

The explorer.dll did not show up in the HijackThis scan either which makes it more puzzling.

The next step would be to run a more thorough scan.

Download and Install and run CCleaner. (Crap Cleaner)
Be sure to un-check the Install Yahoo! Toolbar button during installation to avoid the unnecessary installation of the Yahoo! Toolbar.

CCleaner will help reduce the time of the next online scan. Which, if there is any malware, this will find and remove it.

Please read carefully
Run the BitDefender Online Scanner.

[FONT=Arial][SIZE=2]Agree to the license and then select Scan. DO NOT CHANGE THE OPTIONS TO SHOW ALL FILES SCANNED. That will make your logs huge and we don't need to see clean files.
[/SIZE][/FONT]
Once Bitdefender completes the scan:
Click-on the Detected Problems tab.
Then select Click here to export the scan report.

When the window comes up to save the report, change the Save as type: box to:
Text (Tab Delimited) (*.txt) and then in the File name box enter change to bdscan then click Save.

This will save a file named bdscan.txt. I would suggest saving it to the Desktop so you can easily find it. (take notice of where you save it so you can find it later).
This bdcan.txt file will actually contain HTML code that we can easily view later while reviewing your log. All we have to do is rename the file to bdscan.html.

If you do not follow these step, you will have an incorrect log or worse a log summary which is useless to us.

Post the bdscan.txt file as an Attachment.
[SIZE=1]Thanks To Chaslang For The Bitdefender Guide!
[/SIZE]

[HiRO]

heres the bdscan

[ashubetta]

HiRO : Are you sure you are formatting and reinstalling Windows properly? A proper format should wipe out EVERYTHING from your hard disk including any type of virus. Moreover you have got Avast!, which is an excellent anti-virus and should rid out any virus that is present on your computer. If you are doing your job perfectly, I would say it's something to do with your hardware.

[HiRO]

could it be my hard disk???

[ashubetta]

I certainly think so. If your hard disk is still under guarantee period, get it checked from your dealer.

[HiRO]

aite i will check that up to then...

[evilfantasy]

Do you use keygens?

Is your copy of windows paid for?

[HiRO]

nop its not paid for...yes i use keygens for other programs like power dvd ultre and winamp...but never for my OS.........