Nintendo Switch review: Hands-on with the intuitive modular console and its disappointing games…
Yesterday, Avast detected Win32:Dialler-520[Trj] and Win32:Trojan-gen. It could neither remove them or quarantint them. However it did state that the files would not execute. Scans with Avast, Ad-aware, a-squared, Ewido, Spybot S&D etc. are all clean (although a-squared flagged up 369 Incredimail files!...which after some thought, I uninstalled and set OE as my default email client). However, I am getting randomly named temp files formed constantly, such as:- C:\WINDOWS\TEMP\win347.tmp 0 bytes and C:\WINDOWS\TEMP\win807.tmp 0 bytes. Tbh, I have posted a HJT log elsewhere.
However, I then decided to have a good clean out of my PC. I uninstalled loads of progs that I don't use any more, ran Registry Mechanic and defragged, then found that Windows Explorer (not IE) was playing up. For example, I cannot now use the Move File function and on exiting the attempt, Explorer hangs for a while. I ran sfc /scannow which replaced dozens of essential system files but the Explorer problem persists. Any ideas please? Can Explorer be repaired?
Thanks. I'd have thought so too, but it hasn't worked in this case. I'll run it again, nothing lost. Cheers. db.
Judging by the very large amount of dll's that XP is installing from my System Disc, I suspect that either scannow was not successful first time round or that malware still on my PC is possibly effecting the undesirable changes.
I've re-run sfc /scannow but first I copied (per VoG™) the folder I386 (contains 'clean' copies of Protected Files) from my XP SP2 disc to my root directory (C:\) and using Regedit, changed the SourcePath from D:\ to C:\. click here This is HIGHLY recommended for anyone using sfc /scannow, in that you are not repeaetedly asked to insert your XP disc every time a 'clean' copy of a Protected File is required. All seemed to go well.
Having then tried to test Explorer by Moving a file and having failed again, I checked out Task Manager. On each occasion I attempt a Move, an instance of hpgs2wnf.exe launches. This process relates to the Hewlett Packard Share To The Web facility and is now apparently defunct and is not necessary on your PC. On each occasion Move stalled, simply ending the hpgs2wnf.exe process permitted Explorer to complete it's task.
So, how to remove or disable the offending process. Advice on one site states removal in Add/Remove Programs...but it's not there. Further advice suggests disabling the process in msconfig...and guess what...it doesn't show up there either!
The offending exe file is found in the Hewlett Packard Folder in Program Files and since it doesn't seem to be necessary to my system, I will (after a little more careful checking) delete the exe file there.
Some other research has suggested that hpgs2wnf.exe slows down Explorer, so for those of you who have installed Hewlett Packard software, it may well be worth considering dumping this blighter!
I wanted to stop hpgs2wnf.exe from launching when using Explorer to Move files. But HP's Share-To-Web facility didn't appear to be running in the background nor did it appear in Add/Remove progs. Concluding that an incomplete uninstal had been effected at an earlier date, I chose a 'safe' option of renaming the exe file and associated dll file. On my next attempt to Move a file in Explorer, MSIexec.exe was launched and on choosing to end that process, hpgs2wnf.exe was no more. So far so good.
Just the problem of the random TEMP files to attend to now. One update, occasionally one of the random [0 kb] temp files displays itself as an exe file [6 kb] and attempts to communicate with Firefox (as flagged up by ZoneAlarm). It seems that a nasty might still be lurking.
Spyware Doctor picked up one or two nasties. Their removal has also stopped the production of the large amount of randomly named .tmp files during browsing. So, for the moment, seems like a good result.
This thread is now locked and can not be replied to.