Hi, I'm having a hell of a time trying to figure this one out. The My Documents folder opens EVERYTIME I re-boot my computer at the same time as all the other start-up programs. I've searched the registry and .INI files (I'm pretty much a hack, though), and finally used msconfig to do a selective start-up. I found the problem, EXPLORER.EXE was opening the folder, so I set that up not to run at boot. Problem solved, though I couldn't do much with the computer! I found a thread on the internet and followed the advice about a corrupted registry entry, but unfortunately I didn't have the same string in that key, so now I'm at my wit's end.
Any and all help fixing this problem would be DEEPLY appreciated, thank you.
Full Version: My Documents folder opening at boot
Try booting into Safe Mode. Tap the f8 key a few times during boot-up to get there. See if you can undo what you have done so far, and we can go from there.
zap
zap
Hi bloodyhell2, welcome to SAF
This problem can be caused by the DlDer Trojan. I strongly recommend you to run updated versions of Spybot S&D and AdAware SE and clean all that may appear. Also, perform a housecall online virus check on your system.
Spybot - http://www.safer-networking.org/en/mirrors/index.html
AdAware - http://www.download.com/3000-2144-10045910.html
Housecall - http://housecall.trendmicro.com/
After that, post a HijackThis log here. Please take a look at this pinned topic if you are unsure on how to do that:
http://www.suggestafix.com/index.php?act=S...ST&f=15&t=16053
Chris
This problem can be caused by the DlDer Trojan. I strongly recommend you to run updated versions of Spybot S&D and AdAware SE and clean all that may appear. Also, perform a housecall online virus check on your system.
Spybot - http://www.safer-networking.org/en/mirrors/index.html
AdAware - http://www.download.com/3000-2144-10045910.html
Housecall - http://housecall.trendmicro.com/
After that, post a HijackThis log here. Please take a look at this pinned topic if you are unsure on how to do that:
http://www.suggestafix.com/index.php?act=S...ST&f=15&t=16053
Chris
Hi, and thank you Zap & Ironbender for responding so quickly.
To clarify Zap, (I was being a little self-deprecating, and a little to vague too), I have narrowed it down to something that EXPLORER.EXE is doing, but am unable to figure out what that thing is. When I shut down Explorer.exe, things became quirky ie)most things worked, just VERY differently, and some things, not at all!
As for the info I found on the internet, here is the link:
http://www.techspot.com/vb/all/windows/t-2...-winxp-sp2.html
Inccidently, I am running a dual boot machine (WinMe primary, and XP Pro secondary 5th partition), which is neither here nor there, except that running Safe Mode for me is essentially the same as running msconfig in selective start-up mode on the WinMe O/S.
Ironbender, this problem has persisted for a few months now, and I have used Spybot, Ad-Aware, HJT, CWShredder, Avast anti-virus, as well as multiple others, all to no avail.
Here is my HJT log, but first I would like to say:
1) Apologies for not being as descriptive as I could be in describing my problems and work to fix them
2) Thanks to all the fine people who offer their help & time for nothing other than a wink, a nod, and a smile, and hopefully a Thank You at some point.
3) BIG Faux Pas, #2 should have been #1, oops ....
4) Thank you in advance, for all your hard work, it is truly appreciated.
Here's my log:
Logfile of HijackThis v1.99.1
Scan saved at 8:47:44 PM, on 16/10/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
C:\PROGRAM FILES\LEAD TECHNOLOGIES, INC\LEADTOOLS EPRINT IV\BIN\EPRINT4.EXE
C:\PROGRAM FILES\LEAD TECHNOLOGIES, INC\LEADTOOLS EPRINT IV\BIN\LPSVS04N.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\SYMPATICO\ACCESS MANAGER\APP\ENTERNET.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\REGEDIT.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\DESKTOP\HIJACK THIS\HJT APP\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.ca/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\SYGATE\SPF\SMC.EXE -startgui
O4 - HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
O4 - HKLM\..\Run: [ePrint 4.0 Service] C:\PROGRA~1\LEADTE~1\LEADTO~1\BIN\EPRINT4.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [EXPLORER.EXE] C:\WINDOWS\EXPLORER.EXE
O4 - HKLM\..\Run: [tcactive] C:\PROGRAM FILES\THE CLEANER\tca.exe
O4 - HKLM\..\Run: [tcmonitor] C:\PROGRAM FILES\THE CLEANER\tcm.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakLogon
O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4\ashserv.exe
O4 - HKLM\..\RunServices: [SmcService] C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE
O4 - Startup: SystemSuite.lnk.disabled
O4 - Startup: Quicken Startup.lnk.disabled
O4 - Startup: Quicken Scheduled Updates.lnk.disabled
O4 - Startup: BHODemon 2.0.lnk.disabled
O4 - Startup: 12Ghosts Popup-Killer.lnk.disabled
O4 - Startup: SpywareGuard Control Panel.lnk.disabled
O4 - Startup: Screen Saver Control.lnk.disabled
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download using FlashGet - C:\PROGRAM FILES\FLASHGET\jc_link.htm
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRAM FILES\FLASHGET\jc_all.htm
O8 - Extra context menu item: Download by Net Transport - C:\PROGRAM FILES\XI\NETTRANSPORT 2\NTAddLink.html
O8 - Extra context menu item: Download all by Net Transport - C:\PROGRAM FILES\XI\NETTRANSPORT 2\NTAddList.html
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\PROGRAM FILES\ATI MULTIMEDIA\TV\EXPLBAR.DLL (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200305...meInstaller.exe
O16 - DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1) -
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnview95.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPD...DC_1_0_0_44.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrc...kr.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntr...ro.cab32846.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
To clarify Zap, (I was being a little self-deprecating, and a little to vague too), I have narrowed it down to something that EXPLORER.EXE is doing, but am unable to figure out what that thing is. When I shut down Explorer.exe, things became quirky ie)most things worked, just VERY differently, and some things, not at all!
As for the info I found on the internet, here is the link:
http://www.techspot.com/vb/all/windows/t-2...-winxp-sp2.html
Inccidently, I am running a dual boot machine (WinMe primary, and XP Pro secondary 5th partition), which is neither here nor there, except that running Safe Mode for me is essentially the same as running msconfig in selective start-up mode on the WinMe O/S.
Ironbender, this problem has persisted for a few months now, and I have used Spybot, Ad-Aware, HJT, CWShredder, Avast anti-virus, as well as multiple others, all to no avail.
Here is my HJT log, but first I would like to say:
1) Apologies for not being as descriptive as I could be in describing my problems and work to fix them
2) Thanks to all the fine people who offer their help & time for nothing other than a wink, a nod, and a smile, and hopefully a Thank You at some point.
3) BIG Faux Pas, #2 should have been #1, oops ....
4) Thank you in advance, for all your hard work, it is truly appreciated.
Here's my log:
Logfile of HijackThis v1.99.1
Scan saved at 8:47:44 PM, on 16/10/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
C:\PROGRAM FILES\LEAD TECHNOLOGIES, INC\LEADTOOLS EPRINT IV\BIN\EPRINT4.EXE
C:\PROGRAM FILES\LEAD TECHNOLOGIES, INC\LEADTOOLS EPRINT IV\BIN\LPSVS04N.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\SYMPATICO\ACCESS MANAGER\APP\ENTERNET.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\REGEDIT.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\DESKTOP\HIJACK THIS\HJT APP\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.ca/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\SYGATE\SPF\SMC.EXE -startgui
O4 - HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
O4 - HKLM\..\Run: [ePrint 4.0 Service] C:\PROGRA~1\LEADTE~1\LEADTO~1\BIN\EPRINT4.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [EXPLORER.EXE] C:\WINDOWS\EXPLORER.EXE
O4 - HKLM\..\Run: [tcactive] C:\PROGRAM FILES\THE CLEANER\tca.exe
O4 - HKLM\..\Run: [tcmonitor] C:\PROGRAM FILES\THE CLEANER\tcm.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakLogon
O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4\ashserv.exe
O4 - HKLM\..\RunServices: [SmcService] C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE
O4 - Startup: SystemSuite.lnk.disabled
O4 - Startup: Quicken Startup.lnk.disabled
O4 - Startup: Quicken Scheduled Updates.lnk.disabled
O4 - Startup: BHODemon 2.0.lnk.disabled
O4 - Startup: 12Ghosts Popup-Killer.lnk.disabled
O4 - Startup: SpywareGuard Control Panel.lnk.disabled
O4 - Startup: Screen Saver Control.lnk.disabled
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download using FlashGet - C:\PROGRAM FILES\FLASHGET\jc_link.htm
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRAM FILES\FLASHGET\jc_all.htm
O8 - Extra context menu item: Download by Net Transport - C:\PROGRAM FILES\XI\NETTRANSPORT 2\NTAddLink.html
O8 - Extra context menu item: Download all by Net Transport - C:\PROGRAM FILES\XI\NETTRANSPORT 2\NTAddList.html
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\PROGRAM FILES\ATI MULTIMEDIA\TV\EXPLBAR.DLL (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200305...meInstaller.exe
O16 - DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1) -
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnview95.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPD...DC_1_0_0_44.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrc...kr.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntr...ro.cab32846.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
Hi bh2...Explorer is going to load no matter what you do. It cannot be "disabled" as it is the user interface.
Sometimes IE or Explorer gets in to the startup group, as it has in your case:
O4 - HKLM\..\Run: [EXPLORER.EXE] C:\WINDOWS\EXPLORER.EXE
You should be able to disable that startup in Msconfig, then click on Apply and OK, then reboot.
I don't see any malware in that log.
Sometimes IE or Explorer gets in to the startup group, as it has in your case:
O4 - HKLM\..\Run: [EXPLORER.EXE] C:\WINDOWS\EXPLORER.EXE
You should be able to disable that startup in Msconfig, then click on Apply and OK, then reboot.
I don't see any malware in that log.
Hi zap...the bogus Explorer.exe would load from C:\Windows\Explorer if it were Dlder. HijackThis would show it.
I have been able to dis-able explorer.exe, using either msconfig or Spybot's tools function, most functions worked, but certain functions such as opening files and saving files were rendered useless until manually starting explorer.exe, and at that time My Documents folder would open upon running the program. Just a quick question, I have a file called EXEplorer.exe in my windows folder, don't know if that means anything.
Once again, thanks for all your help.
Once again, thanks for all your help.
Explorer.exe does not need to be in the startup group. It is hardwired into Windows. You can only lose functionality if you open the task manager and End Task on Explorer.exe. Your taskbar and desktop icons will disappear. Can you right-click on it and select Properties, then post the file version and size.
EXEplorer.exe is definitely not a legitimate file. Can you zip it and email it to me please. Just click on the Email button at the bottom-left of my post.
EXEplorer.exe is definitely not a legitimate file. Can you zip it and email it to me please. Just click on the Email button at the bottom-left of my post.
EXEplorer.exe is part of Resource Hacker™ - Version 3.4.0* http://www.snapfiles.com/get/resourcehacker.html, used here in Brazil to hack the Windows shell. 
Sorry, checked it... it's not part of ResourceHacker. Some uses it to modify EXEplorer.exe 
Hi and thanks all. HKEd, I sent you the file as per your request, though I'm sure Ironbender's info probably makes the file somewhat redundant. And, I also set msconfig to once again disregard explorer.exe on start-up, which created more headaches last time I tried ... BUT THIS TIME it didn't cause any problems, at least that are evident yet. GO FIGURE!?@#
Thanks for all your help guys, it is REALLY APPRECIATED!!!
Thanks for all your help guys, it is REALLY APPRECIATED!!!
You had me worried there, Chris. I have ResHack as well, with no sign of that file.
Plenty of Google hits for EXEplorer.exe, but mostly misspellings.
Plenty of Google hits for EXEplorer.exe, but mostly misspellings.
I got the file, bh2. It's nothing. Looks like someone tried to create an EXE by renaming a a text file or something. 
| QUOTE |
| I also set msconfig to once again disregard explorer.exe on start-up, which created more headaches last time I tried ... BUT THIS TIME it didn't cause any problems |
As I mentioned before, Explorer.exe is hardwired into Windows. Having it in the startup group will only cause problems like folders opening when Windows loads.
Are you saying the problem has gone now?
Yes, My Documents no longer opens on re-boot, and so far there seem to be no other ramifications to having taken that item out of the start up menu.
Again, Thank You.
Again, Thank You.
You're welcome. Glad you got it fixed. 
Maybe you weren't clicking on Apply after unchecking the startup previously? As I mentioned, it's not supposed to be there in the first place.
Maybe you weren't clicking on Apply after unchecking the startup previously? As I mentioned, it's not supposed to be there in the first place.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.