help me please URGENT!!! BIG PROBLEM NEED HELP A.S.A.P.

May 21st, 2008, 1:56 am

hi I really had a bad problem first of all when I turnned of my dad's laptop(windows vista) a folder appears (C:\Users\francis\Documents) then has a black background at the folder's back... the START MENU,taskbar and all the desktop icons did not appear,,in short its all black then I tried doing this ( ctrl + alt + delete ,so the task manager appears then I clicked NEW TASK and type explorer)after that the START MENU,taskbar and all the desktop icons appeared... so my question is WHY EVERYTIME I TURN MY DAD"S LAPTOP ON the documents folder automatically opens (C:\Users\francis\Documents)and has black backround and the START MENU,taskbar and all the desktop icons did not appear... DOES IT MEAN I HAVE TO OPEN THE TASK MANAGER AND RUN the "EXPLORER" SO THAT I CAN ACCESS THE LAPTOP PROPERLY??? please help me... please

[righteous_trespasser]

May 21st, 2008, 2:01 am

Well ken it seems like you have a little problem there ... have you checked for virusses/spyware etc yet? Do you have an anti virus. What I'd suggest is for you to follow the instructions posted here.

Also, firstly, check in "Start>All Programs>Startup" ... is there a shortcut to "My Documents" in there? that might be why it shows up ...

And one topic is enough bro, no need to post more than one topic ... everyone can see the one that is already here. And also no need to SHOUT THE WHOLE TIME.

May 21st, 2008, 2:06 am

First of all, when you have a problem, don't double post and DON'T USE ALL CAPS. People are here to help you, so it's enough you post once.

Regarding your problem, it may be a virus. I think the shell entry in your registry (which is usually explorer.exe) has been replaced with something else. Could you post a list of processes that are running on your computer?

May 21st, 2008, 2:10 am

there no "My Documents" in the startup and yes it has anti Virus (AVG)sorry for the shouting but how can I make this work properly (PROPERY= working fine all icons and startup programs work)anyways in SYSTEM CONFIGURATION which one should I use (NORMAL STARTUP,DIAGNOSTIC STARTUP,OR SELECTIVE STARTUP)

[righteous_trespasser]

May 21st, 2008, 2:13 am

LOUD NOISES!!!!

Okay, is AVG up to date with all its definitions? have you scanned the system yet?

And which "system configuration" are you talking about here?

May 21st, 2008, 2:15 am

sorry,,,now the pc is working fine only during the startup the folder appears and its all black i will try to scan if there is any virus and if there is it will be healed and it should work fine,am i right???

casablanca wrote:

First of all, when you have a problem, don't double post and DON'T USE ALL CAPS. People are here to help you, so it's enough you post once.

Regarding your problem, it may be a virus. I think the shell entry in your registry (which is usually explorer.exe) has been replaced with something else. Could you post a list of processes that are running on your computer?

May 21st, 2008, 2:17 am

Go to Task Manager and select New Task. Type "cmd" to open Command Prompt. Over there, type "tasklist" and post the output here. The list of processes might help in identifying if you have any viruses on your system.

May 21st, 2008, 2:18 am

the startup system configuration and I think the AVG is up to date

righteous_trespasser wrote:

LOUD NOISES!!!!

Okay, is AVG up to date with all its definitions? have you scanned the system yet?

And which "system configuration" are you talking about here?

[righteous_trespasser]

May 21st, 2008, 2:18 am

you won't know until you've scanned it ... so? ... what are you waiting for? press that "scan now" button ...

May 21st, 2008, 2:22 am

how can i post it here it cannot be copied

casablanca wrote:

Go to Task Manager and select New Task. Type "cmd" to open Command Prompt. Over there, type "tasklist" and post the output here. The list of processes might help in identifying if you have any viruses on your system.

[righteous_trespasser]

May 21st, 2008, 2:24 am

so use your imagination ... "ALT+PrtScr" ... upload that to imageshack and give us a link ...

May 21st, 2008, 2:27 am

Right-click the title bar of the window, select Edit > Mark, select the text and press Enter to copy it.

Once you do that, also type this command and paste the output:

Code: [ Download ] [ Select ]

reg query "hklm\software\microsoft\windows nt\currentversion\winlogon"

May 21st, 2008, 2:27 am

Microsoft Windows [Version 6.0.6000]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.

C:\Windows\system32>tasklist

Image Name PID Session Name Session# Mem Usage
========================= ======== ================ =========== ============
System Idle Process 0 Services 0 28 K
System 4 Services 0 416 K
smss.exe 388 Services 0 536 K
csrss.exe 452 Services 0 4,300 K
wininit.exe 500 Services 0 2,860 K
csrss.exe 512 Console 1 7,648 K
services.exe 544 Services 0 4,192 K
lsass.exe 560 Services 0 6,376 K
lsm.exe 568 Services 0 2,948 K
winlogon.exe 720 Console 1 4,060 K
svchost.exe 740 Services 0 5,448 K
svchost.exe 800 Services 0 6,624 K
svchost.exe 844 Services 0 14,072 K
svchost.exe 896 Services 0 9,092 K
svchost.exe 924 Services 0 50,300 K
svchost.exe 964 Services 0 17,028 K
audiodg.exe 1028 Services 0 9,684 K
SLsvc.exe 1060 Services 0 3,460 K
svchost.exe 1104 Services 0 7,760 K
svchost.exe 1232 Services 0 9,564 K
spoolsv.exe 1404 Services 0 6,092 K
svchost.exe 1428 Services 0 7,612 K
taskeng.exe 1800 Console 1 8,876 K
dwm.exe 1832 Console 1 57,504 K
explorer.exe 1308 Console 1 47,116 K
AppleMobileDeviceService. 1852 Services 0 2,536 K
avgamsvr.exe 1984 Services 0 548 K
avgupsvc.exe 1712 Services 0 884 K
avgrssvc.exe 1760 Services 0 2,884 K
avgemc.exe 1332 Services 0 1,824 K
avgrssvc.exe 1568 Services 0 16,392 K
svchost.exe 700 Services 0 3,188 K
CLCapSvc.exe 1628 Services 0 5,752 K
svchost.exe 2036 Services 0 5,588 K
LSSrvc.exe 1080 Services 0 2,488 K
svchost.exe 916 Services 0 2,280 K
svchost.exe 1112 Services 0 3,136 K
svchost.exe 1068 Services 0 3,036 K
svchost.exe 1040 Services 0 4,200 K
svchost.exe 1580 Services 0 1,680 K
SearchIndexer.exe 1608 Services 0 20,940 K
XAudio.exe 1012 Services 0 1,868 K
hpqwmiex.exe 1016 Services 0 3,788 K
CLSched.exe 2364 Services 0 3,992 K
taskeng.exe 2748 Services 0 4,100 K
MSASCui.exe 2940 Console 1 9,872 K
SynTPEnh.exe 2948 Console 1 4,136 K
QPService.exe 3048 Console 1 8,208 K
QLBCTRL.exe 3072 Console 1 4,564 K
WiFiMsg.exe 3148 Console 1 3,548 K
HPWAMain.exe 3184 Console 1 4,104 K
rundll32.exe 3192 Console 1 3,216 K
jusched.exe 3200 Console 1 2,652 K
avgcc.exe 3236 Console 1 976 K
WmiPrvSE.exe 3256 Services 0 3,840 K
hpwuSchd2.exe 3296 Console 1 2,504 K
winampa.exe 3336 Console 1 3,612 K
iTunesHelper.exe 3352 Console 1 5,808 K
realsched.exe 3380 Console 1 196 K
sidebar.exe 3388 Console 1 28,580 K
ehtray.exe 3400 Console 1 956 K
mRouterConfig.exe 3408 Console 1 4,632 K
YahooMessenger.exe 3556 Console 1 21,812 K
ehmsas.exe 3600 Console 1 3,140 K
btdna.exe 3612 Console 1 5,952 K
VeohClient.exe 3636 Console 1 14,748 K
BTTray.exe 3668 Console 1 7,008 K
hpqtra08.exe 3812 Console 1 8,172 K
HPQTOA~1.EXE 2744 Console 1 4,064 K
mRouterRuntime.exe 3172 Console 1 5,360 K
hpqste08.exe 3440 Console 1 5,056 K
BTStackServer.exe 2100 Console 1 7,448 K
iPodService.exe 3960 Services 0 3,724 K
HPHC_Service.exe 4460 Services 0 9,164 K
svchost.exe 1792 Services 0 3,556 K
ieuser.exe 5764 Console 1 9,916 K
iexplore.exe 6036 Console 1 101,488 K
winampTbServer.exe 3308 Console 1 6,972 K
hpswp_clipbook.exe 5780 Console 1 4,168 K
msconfig.exe 5860 Console 1 8,784 K
avgwb.dat 2392 Console 1 65,848 K
SearchProtocolHost.exe 3736 Services 0 6,512 K
SearchFilterHost.exe 1204 Services 0 4,432 K
taskmgr.exe 4352 Console 1 11,928 K
cmd.exe 5476 Console 1 2,280 K
tasklist.exe 4116 Console 1 4,552 K
WmiPrvSE.exe 4608 Services 0 5,444 K

C:\Windows\system32>

May 21st, 2008, 2:28 am

these are the results

May 21st, 2008, 2:30 am

these are the results


Microsoft Windows [Version 6.0.6000]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.

C:\Windows\system32>tasklist

Image Name PID Session Name Session# Mem Usage
========================= ======== ================ =========== ============
System Idle Process 0 Services 0 28 K
System 4 Services 0 416 K
smss.exe 388 Services 0 536 K
csrss.exe 452 Services 0 4,300 K
wininit.exe 500 Services 0 2,860 K
csrss.exe 512 Console 1 8,904 K
services.exe 544 Services 0 4,180 K
lsass.exe 560 Services 0 6,448 K
lsm.exe 568 Services 0 2,968 K
winlogon.exe 720 Console 1 4,060 K
svchost.exe 740 Services 0 5,428 K
svchost.exe 800 Services 0 6,640 K
svchost.exe 844 Services 0 12,452 K
svchost.exe 896 Services 0 9,184 K
svchost.exe 924 Services 0 56,320 K
svchost.exe 964 Services 0 17,636 K
audiodg.exe 1028 Services 0 9,728 K
SLsvc.exe 1060 Services 0 3,504 K
svchost.exe 1104 Services 0 8,040 K
svchost.exe 1232 Services 0 9,684 K
spoolsv.exe 1404 Services 0 6,424 K
svchost.exe 1428 Services 0 7,576 K
taskeng.exe 1800 Console 1 8,896 K
dwm.exe 1832 Console 1 57,080 K
explorer.exe 1308 Console 1 42,800 K
AppleMobileDeviceService. 1852 Services 0 2,536 K
avgamsvr.exe 1984 Services 0 544 K
avgupsvc.exe 1712 Services 0 884 K
avgrssvc.exe 1760 Services 0 2,884 K
avgemc.exe 1332 Services 0 1,824 K
avgrssvc.exe 1568 Services 0 16,428 K
svchost.exe 700 Services 0 3,216 K
CLCapSvc.exe 1628 Services 0 5,752 K
svchost.exe 2036 Services 0 5,576 K
LSSrvc.exe 1080 Services 0 2,488 K
svchost.exe 916 Services 0 2,280 K
svchost.exe 1112 Services 0 3,160 K
svchost.exe 1068 Services 0 3,036 K
svchost.exe 1040 Services 0 4,200 K
svchost.exe 1580 Services 0 1,756 K
SearchIndexer.exe 1608 Services 0 20,768 K
XAudio.exe 1012 Services 0 1,868 K
hpqwmiex.exe 1016 Services 0 3,788 K
CLSched.exe 2364 Services 0 3,992 K
taskeng.exe 2748 Services 0 4,100 K
MSASCui.exe 2940 Console 1 9,932 K
SynTPEnh.exe 2948 Console 1 4,136 K
QPService.exe 3048 Console 1 8,196 K
QLBCTRL.exe 3072 Console 1 4,568 K
WiFiMsg.exe 3148 Console 1 3,548 K
HPWAMain.exe 3184 Console 1 4,108 K
rundll32.exe 3192 Console 1 3,220 K
jusched.exe 3200 Console 1 2,656 K
avgcc.exe 3236 Console 1 1,116 K
WmiPrvSE.exe 3256 Services 0 3,840 K
hpwuSchd2.exe 3296 Console 1 2,604 K
winampa.exe 3336 Console 1 3,612 K
iTunesHelper.exe 3352 Console 1 5,808 K
realsched.exe 3380 Console 1 192 K
sidebar.exe 3388 Console 1 27,828 K
ehtray.exe 3400 Console 1 956 K
mRouterConfig.exe 3408 Console 1 4,632 K
YahooMessenger.exe 3556 Console 1 33,696 K
ehmsas.exe 3600 Console 1 3,144 K
btdna.exe 3612 Console 1 5,968 K
VeohClient.exe 3636 Console 1 14,500 K
BTTray.exe 3668 Console 1 7,016 K
hpqtra08.exe 3812 Console 1 8,284 K
HPQTOA~1.EXE 2744 Console 1 4,068 K
mRouterRuntime.exe 3172 Console 1 5,360 K
hpqste08.exe 3440 Console 1 5,056 K
BTStackServer.exe 2100 Console 1 7,448 K
iPodService.exe 3960 Services 0 3,724 K
HPHC_Service.exe 4460 Services 0 9,180 K
svchost.exe 1792 Services 0 3,556 K
ieuser.exe 5764 Console 1 9,988 K
iexplore.exe 6036 Console 1 103,240 K
winampTbServer.exe 3308 Console 1 7,036 K
hpswp_clipbook.exe 5780 Console 1 4,168 K
avgwb.dat 2392 Console 1 68,288 K
SearchProtocolHost.exe 2428 Services 0 8,224 K
SearchFilterHost.exe 4900 Services 0 4,464 K
taskmgr.exe 4772 Console 1 10,228 K
cmd.exe 5832 Console 1 1,952 K
tasklist.exe 5632 Console 1 4,504 K
WmiPrvSE.exe 3088 Services 0 5,412 K

C:\Windows\system32>reg query "hklm\software\microsoft\windows nt\currentver
\winlogon"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
ReportBootOk REG_SZ 1
Shell REG_SZ Explorer.exe C:\WINDOWS\Config\csrss.exe
Userinit REG_SZ C:\Windows\system32\userinit.exe,
VmApplet REG_SZ rundll32 shell32,Control_RunDLL "sysdm.cpl"
AutoRestartShell REG_DWORD 0x1
LegalNoticeCaption REG_SZ
LegalNoticeText REG_SZ
PowerdownAfterShutdown REG_SZ 0
ShutdownWithoutLogon REG_SZ 0
cachedlogonscount REG_SZ 10
forceunlocklogon REG_DWORD 0x0
passwordexpirywarning REG_DWORD 0xe
Background REG_SZ 0 0 0
DebugServerCommand REG_SZ no
WinStationsDisabled REG_SZ 0
DisableCAD REG_DWORD 0x1
scremoveoption REG_SZ 0
ShutdownFlags REG_DWORD 0x80000027
AutoLogonCount REG_DWORD 0x1

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\GPE
sions
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\Not
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\Aut
onChecked

C:\Windows\system32>