WLMStatus Forums

Heya,

I have some problem (had):

a virus was constantly restarting explorer.exe on my windows XP professional. Not a single anti-virus (why is it anti? it has never detected a virus, only tracking cookies) found the problem, so I re-installed my whole computer.

The virus kept restarting explorer.exe in all user accounts (where-ever I logged in) and ate CPU..

I'm affraid the chance is rly large that my external HDD's are infected too, so I want to know what to do to remove it. I googled about it, but nothing rly worked. There were a lot of sites describing exact the same problem as I had (no windows restore points, they didnt work anymore; only using taskmanager to start programs; etc; etc; ) but none of them had the solution I needed..

They said stuff like delete these files out of the Windows folder, but none of them were actually on my HDD, so I gave up and re-installed win XP..

Does anyone out there know a solution?

Regards,
Bram

Probably have a root kit.

Have you tried to start in safe mode?

I know you said you tried with anti-viruses but Avast has a boot time scan with root kit protection.

You can post a Trend Micro's Hijack This log.

Don't fix anything. It detects all running programs and processes. It doesn't distinguish between good or bad.

I already tried safe mode. But as I said, HAD the virus, currently, it's gone (I didnt try to connect my ext. HDD's yet, I'll try them at school).

Also tried Hijack This and the online Trend Micro antivirus. Nothing found.

I dont have the log anymore, i think.

Anyways,
who the f*ck would like to send such virusses? Ok, popups showing every x minutes, but this? :S

bram Wrote:I already tried safe mode. But as I said, HAD the virus, currently, it's gone (I didnt try to connect my ext. HDD's yet, I'll try them at school).

Also tried Hijack This and the online Trend Micro antivirus. Nothing found.

I dont have the log anymore, i think.

Anyways,
who the f*ck would like to send such virusses? Ok, popups showing every x minutes, but this? :S

People want to cause havoc. Usually they have a hard time fitting in socially and because computers are so necessary these days, taking out computers is a way of revenge.

right. But why would they want to fck up my computer? :/ So hack the Pentagon or so, but leave me out

bram Wrote:right. But why would they want to fck up my computer? :/ So hack the Pentagon or so, but leave me out

Why would a sniper shoot random people? to cause havoc, to get a thrill and so on.
Why wouldn't he take out public enemy number 1?

To look like an outsider? To not focus the attention on that 1 person? To make that 1 person feel even more scared?

People who are capable of writing malicious code do it often just to annoy friends, but as the virus is programmed to improve the way it kills an pc, the owners lose control.
Brings me to the second point, anyone remember that 'msblaster.win32' virus?
The makers never intended to make a virus, they just wrote something wrong in their soundblaster driver for windows, what made it go crazy.
anyway, we're getting a bit offtopic here.
--

Even if your external hdd was contaminated with the virus, it should not reactivate until you execute certain files (Such as infected .exe's).
In the mean time, try installing a good virusscanner, and scan your external hdd's with it, just connecting the external hdds shouldn't infect your computer.

If you need any more information, just ask.

cheers,
ced.