[RouterUser]

Out of nowhere I got a windows message stating that windows explorer was being stopped/closed because some sort of file was trying to cause problems in the folder itself. It stated that if it wasn't stopped it could spread to other folders and cause damage.

WHY would it simply tell me this and NOT do anything to whatever file was causing it??? And a scan with microsoft security essentials always comes back clean.

So what in the world do I do to find what caused it and eliminate it? There has been a lot of weird stuff going on.

[LincolnSpector]

RouterUser, on 13 January 2011 - 03:28 AM, said:

Out of nowhere I got a windows message stating that windows explorer was being stopped/closed because some sort of file was trying to cause problems in the folder itself. It stated that if it wasn't stopped it could spread to other folders and cause damage.

WHY would it simply tell me this and NOT do anything to whatever file was causing it??? And a scan with microsoft security essentials always comes back clean.

So what in the world do I do to find what caused it and eliminate it? There has been a lot of weird stuff going on.

The first thing you should do is get a second opinion. Scan the drive with SuperAntispyware or Malwarebytes Anti-Malware. See what they find.

Also, please give us some more information. What version of Windows? What folder? What were you trying to do when you got the message? What exactly did the message say?

Lincoln

[cyberknight]

Try transferring the contents of the folder to some external storage. Then delete the folder from your hard drive & see if this sets things right. For a corrupted file this may work. But if it is a virus or malware it may have spread to other locations. In that case u need to scan your system with anti-virus or anti-malware apps other than MSE, as it is'nt detecting anything.

[RouterUser]

I can't remember what exactly it called it. I think it was something with a three eltter abbreviation. It said that it happens when a file is maliciously trying to execute and cause problems in a folder. It was a multimedia folder if I'm not mistaken. But as far as I remember I wasn't even doing anything in it other than it just happened to be open. I guess I'll try another software to scan later. As fara s I know, hoeever, it hasn't exactly caused any problem other than sometimes folders act weird such as not refreshing. I sure hope it's not a virus because I hate dealing with pains like that, especially if it's going to be hard to find it.

[RouterUser]

malwarebytes found 0 infected files also. Could it be possible something is executing and seems like a normal file? I know nothing about how antivirus software works, but all I know is some weird things had happened then I got that message so obviously something is up.

[techie4fun]

RouterUser, on 13 January 2011 - 02:43 PM, said:

malwarebytes found 0 infected files also.

sounds like you might have something in there, and this
Doesn't mean you're not infected.

Quote

Could it be possible something is executing and seems like a normal file? I know nothing about how antivirus software works, but all I know is some weird things had happened then I got that message so obviously something is up.

Are you running any antivirus software? What is your operating system?

[RouterUser]

I think microsoft security essentials is set up as the antivirus and in many cases I've seen it warn me of bad things on sites. I'm using windows XP with SP3. I'm just puzzled as to why windows would even give me a warning about this without telling how to fix it. if it detects soemthing acting maliciously why in the world would it not tell me what was doing it and then delete it???

[Car54]

Try Lincolns idea of SuperAntiSpyware free edition, download it, install it, update it, and then run it in safe mode. It can at times pick up on what others may miss. I know it's another software install, but it may be worth a try. http://www.superantispyware.com/

[RouterUser]

Wow. My faith in antivirus software has gone to about zero. I used microsoft security essentials, malwarebytes, superantispyware, and spybot. out of all that it found 470 tracking cookies and that's it.

Well after that I went back to a suspicious file I noticed a few days ago. After I finally figured out how to delete it a NEW file replaced it. A file that was somehow hidden until I got rid of the other. I searched online and noticed that the file type was a trojan!

So bottom line is after I securely got rid of that file also now the functions in my folders work again. So all those antivirus programs missed the trojan that I found myself. I even scanned again after the new file was there and it never considered it a threat.

I read that the trojan can spread to other areas as you "accidentally" execute it also. So now I'm hoping it didn't somehow get somewhere else. Obviously it will be undetected if it's somewhere else since these programs don't even find it.

[RouterUser]

Wow. Cookies sure pile up quickly. Sicne that other post I suddenly have more than 100 new cookies. And some are for sites I didn't visit such as facebook and youtube! Apparently yahoo or weatherbug are tossing out tons of cookies without me even going anywhere.

[techie4fun]

RouterUser, on 13 January 2011 - 09:43 PM, said:

Wow. My faith in antivirus software has gone to about zero. I used microsoft security essentials, malwarebytes, superantispyware, and spybot. out of all that it found 470 tracking cookies and that's it.

Well after that I went back to a suspicious file I noticed a few days ago. After I finally figured out how to delete it a NEW file replaced it. A file that was somehow hidden until I got rid of the other. I searched online and noticed that the file type was a trojan!

So bottom line is after I securely got rid of that file also now the functions in my folders work again. So all those antivirus programs missed the trojan that I found myself. I even scanned again after the new file was there and it never considered it a threat.

I read that the trojan can spread to other areas as you "accidentally" execute it also. So now I'm hoping it didn't somehow get somewhere else. Obviously it will be undetected if it's somewhere else since these programs don't even find it.

Hi,

Do you know how to boot WIndows into Safe Mode? If this trojan is as bad as we think it is, there's a good chance you'll be able to detect it with Malware Bytes and Microsoft Security Essentials products when you run another scan.

[LincolnSpector]

Router--

See The Cleanest Malware Scan for more scanning advise.

Also, next time the error message happens, please take a screenshot of it and post it on this discussion. To take a screenshot, press the PrtScn button on your keyboard, then open Paint of any other graphics program, and paste in the image.

I want to see what this error message actually says and how it looks.

Lincoln

[SpiritWind]

Hi RouterUser :

Based on your description, it appears you had a
"rootkit" ( which requires the use of a speciality
"rootkit detector" ) that most likely was working
in tandem with a trojan !?

However, I have been recommending for several years
AGAINST the use of the adware "Weatherbug" program;
you may want to view the info at http://www.searchlor.../weatherbug.htm
For a weather-oriented program, I have been using
the adware-free "Weather Pulse" program .

[RouterUser]

I haven't ever intentionally booted in safe mode. I could figure it out I'm sure, but no off hand I don't know how.

As far as I know there's no other problem, but obviously there could be something going on elsewhere that hasn't become obvious yet. I'm just hoping with all the programs not detecting it and me having gotten rid of it maybe it wasn't a big deal.

I noticed in malwarebytes it has something checked which says ignore files over 4MB. This file was more than 4 MB I believe.

I've heard for years bad things about weatherbug, but I thought the weatherbug people claimed they stopped the adware. Obviously not though. I always assumed that adware is more of an annoyance than a threat though. Maybe I underestimate it.

[techie4fun]

I will assume your problem has been resolved. If you have any more problems, or questions, this forum is always awake, usually.

Quote

I've heard for years bad things about weatherbug, but I thought the weatherbug people claimed they stopped the adware.

I don't believe these types of things any more. It used to be that you could install Foxxit Reader without being worried about what would be included in the installation without your knowledge. Go back 4 months now and you'll see that they are now asking for your permission DURING the license agreement if you'd like to to accept the Yahoo Toolbar. Some people wouldn't have a problem with it, but if you're familiar with the license agreement and are UNAWARE Of any changes, you're a sitting duck if your app has malware waiting to be loaded...

[LiveBrianD]

RouterUser, on 14 January 2011 - 02:52 PM, said:

I haven't ever intentionally booted in safe mode. I could figure it out I'm sure, but no off hand I don't know how.

As far as I know there's no other problem, but obviously there could be something going on elsewhere that hasn't become obvious yet. I'm just hoping with all the programs not detecting it and me having gotten rid of it maybe it wasn't a big deal.

I noticed in malwarebytes it has something checked which says ignore files over 4MB. This file was more than 4 MB I believe.

I've heard for years bad things about weatherbug, but I thought the weatherbug people claimed they stopped the adware. Obviously not though. I always assumed that adware is more of an annoyance than a threat though. Maybe I underestimate it.

To boot into safe mode, right after the manufacturer's logo appears, start repeatedly pressing F8, then select Safe Mode (or Safe Mode with Networking) from the list of options.

[RouterUser]

Why would it possibly pick up something in safe mode if it didn't when not in safe mode? I figured safe mode was a way of doing it without something bad happening during it, but that if you already did it not in safe mode that there wasn't a point anymore. I guess I misunderstood the point though. Also I wonder why the software states that it's recommended to ignore files over 4 MB.

[techie4fun]

RouterUser, on 14 January 2011 - 05:06 PM, said:

Why would it possibly pick up something in safe mode if it didn't when not in safe mode? I figured safe mode was a way of doing it without something bad happening during it, but that if you already did it not in safe mode that there wasn't a point anymore. I guess I misunderstood the point though. Also I wonder why the software states that it's recommended to ignore files over 4 MB.

Safe Mode, in short, is a way of booting up your computer in order to run diagnostics, error checks, etc. If for some reason you can't get Windows to start up (bad video driver), Safe Mode usually works. When you boot into this mode, only what is required to run the operating system (only selected services), are running. A lot of times, as I mentioned in my previous posts, viruses can be found an eliminated quicker than when scanning when Windows is running under normal circumstances.


Spiritwind is the man to remove viruses on these forums. If he says you've got a rootkit, YOU DO.

[techie4fun]

Quote

Also I wonder why the software states that it's recommended to ignore files over 4 MB.

I don't have an answer to this.

[SpiritWind]

Hi RouterUser :

Regarding the "Ignore Files over/larger than 4 MB"
Setting : I could NOT find this "setting" in any
of the 3 categories in Malwarebytes Anti-Malware,
which I have their latest 1.50.1.1100 Version ;
do you have this specific version ?
However, a "Ignore Files larger than 4 MB" is part
of the default settings of "SUPERAntiSpyware"; is
this the program you meant ? I did not search the
SUPERAntiSpyware forums at
http://forums.superantispyware.com to see IF this
question is asked and/or answered ; perhaps you
could look there !?