Windows Explorer has stopped working, Windows

May 26, 2011 at 16:23:29
Specs: Windows Vista
Windows Explorer has stopped working, Windows Explorer is restarting


System related errors

Application path : 0
System softwere setings : 138
ActiveX, OLE, COM, section: 456
Invalid file associations : 81
System drivers : 2
Startup section : 0
Shared DLLs : 156
Fonts Section : 0
Help Section : 0
Shared folder : 0
User Related errors

Invalid shortcuts : 71
User software setings : 261
File extensions : 86
Sound app events : 0
THird party related errors
Uninstall section : 3

Scan Results
Scan date: 2011-05-26 17:25:15.041000
Total problems found: 1263
System related errors
Errors affecting all users on this computer.
Scan subsection: Application paths
Entries found: 0
Entries:
Scan subsection: System software settings
Entries found: 138


TrojanDropper:Win32/Dunik!rts
Encyclopedia entry
Updated: Apr 17, 2011 | Published: Oct 27, 2009

Aliases
Not available
Alert Level High
Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.95.4260.0
Released: Jan 19, 2011 Detection initially created:
Definition: 1.59.358.0
Released: May 27, 2009
Summary
TrojanDropper:Win32/Dunik!rts is a name used for trojan detections that have been added to our signatures after advanced automated analysis.
Symptoms
There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptom(s).
Technical Information (Analysis)
TrojanDropper:Win32/Dunik!rts is a name used for trojan detections that have been added to our signatures after advanced automated analysis.
The generic nature of this detection means that the malicious behaviors exhibited by files detected as TrojanDropper:Win32/Dunik!rts are highly variable and may vary from once instance of this detection to the next.
No further information is currently available on this threat. However, should we receive a significant number of reports, then a specific detection will be added to our signatures and a detailed analysis will be added to the encyclopedia.
Prevention
Take the following steps to help prevent infection on your computer:
• Enable a firewall on your computer.
• Get the latest computer updates for all your installed software.
• Use up-to-date antivirus software.
• Limit user privileges on the computer.
• Use caution when opening attachments and accepting file transfers.
• Use caution when clicking on links to web pages.
• Avoid downloading pirated software.
• Protect yourself against social engineering attacks.
• Use strong passwords.

HackTool:Win32/Keygen
Encyclopedia entry
Updated: Apr 17, 2011 | Published: Jul 16, 2009
Aliases
Troj/Keygen (Sophos)
• Crack (VirusBuster)
• not-a-virus:Keygen (Kaspersky)
• CRCK_KEYGEN (Trend Micro
Alert Level
Moderate
Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.105.498.0
Released: May 25, 2011 Detection initially created:
Definition: 1.45.287.0
Released: Oct 07, 2008
Summary
HackTool:Win32/Keygen is the detection for a tool that generates keys for illegally-obtained versions of various software products.
Symptoms
There are no obvious symptoms that indicate the presence of HackTool:Win32/Keygen on an affected machine.
Alert notifications or detections of this malware from installed antivirus or security software may be the only other symptom(s).
Technical Information (Analysis)
HackTool:Win32/Keygen is the detection for a tool that generates keys for illegally-obtained versions of various software products.
Prevention
Take the following steps to help prevent infection on your computer:
• Enable a firewall on your computer.
• Get the latest computer updates for all your installed software.
• Use up-to-date antivirus software.
• Limit user privileges on the computer.
• Use caution when opening attachments and accepting file transfers.
• Use caution when clicking on links to web pages.
• Avoid downloading pirated software.
• Protect yourself against social engineering attacks.
• Use strong passwords.

Adware:Win32/Hotbar
Encyclopedia entry
Updated: May 06, 2011 | Published: Jun 21, 2006
Aliases
Not available
Alert Level
Moderate
Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.105.278.0
Released: May 23, 2011 Detection initially created:
Definition: 1.45.287.0
Released: Oct 07, 2008
Summary
Adware:Win32/Hotbar displays a dynamic toolbar and targeted pop-up ads based on its monitoring of web-browsing activity. Adware:Win32/Hotbar installs a browser toolbar that works in Internet Explorer 6, 7, 8 and Firefox 3.6 and 4.0. The tool is a multi-component adware program designed to monitor user’s online browsing behavior to deliver targeted advertising. It also installs other adware components related to Win32/ClickPotato and Win32/ShopperReports. Hotbar also installs graphical skins for Internet Explorer, Outlook, and Outlook Express. It may collect user-related information and may silently download and run updates or other code from its servers.
Symptoms
System Changes
The following system changes may indicate the presence of Adware:Win32/Hotbar:
• The presence of the following files:

HBLiteSA.exe
HBLiteSAAX.dll
HBLiteSAHook.dll
HBLiteUninstaller.exe
npclntax_HBLiteSA.dll
• The presence of the following registry subkeys:

HKCU\Software\HbTools
HKLM\SOFTWARE\HbTools
HKCR\AppID\{0507FDDE-F3B7-49F5-9E8F-C557E991F39B}
HKCR\CLSID\{0AB71193-EC19-4D70-85C2-E46E2FF02755}
HKCR\CLSID\{1E0004EC-5DF0-48C7-A8F0-FBB0488A3D94}
HKCR\CLSID\{31A59636-0FA3-4A56-954D-DB7AD02840D8}
HKCR\CLSID\{3FA917B9-DF69-477F-9E4F-B60D929DE79F}
HKCR\CLSID\{40D8240A-E3A0-4D59-AC55-0443120188D1}
HKCR\CLSID\{420C35C9-E4F2-49F9-BF67-2BE1ECF86989}
HKCR\CLSID\{66B90ADB-0BE3-40AE-8680-84A6F0577CA0}
HKCR\CLSID\{74CC49F7-EB32-4A08-B204-948962A6E3DB}
HKCR\CLSID\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E}
HKCR\CLSID\{8C875948-9C60-4381-9248-0DF180542D53}
HKCR\CLSID\{A14C0D8D-E753-4E73-9E2B-4070791D8940}
HKCR\CLSID\{C2BAA4C9-AE1E-4605-AE2F-A1C49A30D881}
HKCR\CLSID\{ED8525EA-2BFC-4440-BD8A-20EFB9D5E541}
HKCR\CLSID\{FA16BCE1-5E36-472A-8466-E0CDD5CE00E6}
Technical Information (Analysis)
Adware:Win32/Hotbar displays a dynamic toolbar and targeted pop-up ads based on its monitoring of web-browsing activity. Adware:Win32/Hotbar installs a browser toolbar that works in Internet Explorer 6, 7, 8 and Firefox 3.6 and 4.0. The tool is a multi-component adware program designed to monitor user’s online browsing behavior to deliver targeted advertising. It also installs other adware components related to Win32/ClickPotato and Win32/ShopperReports.
Hotbar also installs graphical skins for Internet Explorer, Outlook, and Outlook Express. It may collect user-related information and may silently download and run updates or other code from its servers.
Adware:Win32/Hotbar drops numerous files during an installation, and may install itself to paths that include the following:
• C:\Documents and Settings\<user name>\Application Data\hbtools
• C:\Documents and Settings\<user name>\Application Data\hotbar
• C:\Program Files\hbtools
• C:\Program Files\hotbar
Adware:Win32/Hotbar may be present as the following:
• HBLiteSA.exe
• HBLiteSAAX.dll
• HBLiteSAHook.dll
• HBLiteUninstaller.exe
• npclntax_HBLiteSA.dll
Adware:Win32/Hotbar installation adds numerous keys to the registry, including the following:
• HKCU\Software\HbTools
• HKLM\SOFTWARE\HbTools
• HKCR\AppID\{0507FDDE-F3B7-49F5-9E8F-C557E991F39B}
• HKCR\CLSID\{0AB71193-EC19-4D70-85C2-E46E2FF02755}
• HKCR\CLSID\{1E0004EC-5DF0-48C7-A8F0-FBB0488A3D94}
• HKCR\CLSID\{31A59636-0FA3-4A56-954D-DB7AD02840D8}
• HKCR\CLSID\{3FA917B9-DF69-477F-9E4F-B60D929DE79F}
• HKCR\CLSID\{40D8240A-E3A0-4D59-AC55-0443120188D1}
• HKCR\CLSID\{420C35C9-E4F2-49F9-BF67-2BE1ECF86989}
• HKCR\CLSID\{66B90ADB-0BE3-40AE-8680-84A6F0577CA0}
• HKCR\CLSID\{74CC49F7-EB32-4A08-B204-948962A6E3DB}
• HKCR\CLSID\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E}
• HKCR\CLSID\{8C875948-9C60-4381-9248-0DF180542D53}
• HKCR\CLSID\{A14C0D8D-E753-4E73-9E2B-4070791D8940}
• HKCR\CLSID\{C2BAA4C9-AE1E-4605-AE2F-A1C49A30D881}
• HKCR\CLSID\{ED8525EA-2BFC-4440-BD8A-20EFB9D5E541}
• HKCR\CLSID\{FA16BCE1-5E36-472A-8466-E0CDD5CE00E6}

Adware:Win32/Hotbar may attempt to connect to any of the following affiliate websites:
• clickpotato.com
• clickpotato.tv
• appbundler.net
• hotbar.com
• freelandmedia.com
• seekmo.com
• secure-softwaremanager.com
• freefilesoft.net
• pinballpublishernetwork.com
• shopperreports.com
• pinballcorp.com
• licenseacquisition.org
• zangocash.com
• zango.com
• partner.zangocash.com
• zangocash.com
• zroitracker.com
• smartshopper.com
• resultsmaster.com
• fastutilities.com
• zangogames.com
• 180solutions.com
• securewebsiteaccess.com
• metricsdirect.com
• 180searchassistant.com
• sharefreeware.net
• zangocash.biz
• platrium.biz
• platrium.com
We have observed Adware:Win32/Hotbar being bundled with the following software:
• Audacity
• 7zip
• Frets on Fire
• ARES 2010 Version
• OpenOffice
• eMule
• Easy Video
• Lime Wire
For each website that a user visits, Hotbar may collect information such as originating and current URLs (web-usage paths), user-entered search terms and demographic data, Hotbar button clicks, link clicks, and client-computer IP address, and Hotbar cookie ID. Hotbar may also collect personally identifiable information, such as data obtained during user registration processes at third-party websites.
Analysis by Methusela Cebrian Ferrer & Durga Kumar
Prevention
Follow these general security tips to better protect your system:
• Enable a firewall on your computer.
• Get the latest computer updates.
• Limit user privileges on the computer.
• Run an up-to-date scanning and removal tool.
• Use caution with attachments and file transfers.
• Use caution when clicking on links to webpages.
• Avoid downloading pirated software.
• Protect yourself against social engineering attacks.
• Use strong passwords.



See More: Windows Explorer has stopped working, Windows

Report •


#1
May 27, 2011 at 21:27:35

Report •

#2
May 28, 2011 at 10:10:00
Presumably "Windows Explorer has stopped working, Windows Explorer is restarting" is the error message you are getting.

Tap F8 while booting, select Safe Mode and let us know whether the same thing happens. Don't worry about the look of things in Safe Mode - that's normal.

Please do not post then vanish - let us know the outcome


Report •

Related Solutions


Ask Question