search
Innovative Web Design and Application Development
PawPrint.net

PawPrint.net News

searchmain menuTechnobloggleExplorer.exe won´t start after Virus
November 26th, 2010
November 26th, 2010

Explorer.exe wonīt start after Virus

Cleaning another computrer virus for a colleuge - another virus, another unique symptom.

After getting hit by a virus through a malicious web site (one of those fake anti-virus types) this little netbook wouldnīt boot completely into Windows 7. Everything started except explorer.exe Here is how we fixed it...

First to find the problem we tried to boot the machine into safe mode. Regardless of attempting either a normal boot or any of the special start-up options explorer still didnīt start. Even attempting to start it manually through task manager (accessed via ctrl+alt+delete) didnīt work. It was clear explorer.exe had become corrupted and needed to be restored

To do that we started Task manager, enabled processes for all users (placing task manager into elevated mode) and then started an elevated cmd prompt from the run command (there is an option to start with administrator rights if the task manager is already elevated) From there we entered the following:

sfc /scannow


Which starts the Windows System File Checker. Thankfully this detected issues with several system files and restored them. After a reboot we got back to explorer - but it was immediately clear the virus was still at work and active popping up fake virus alerts with any program that attempted to start.

Now that we had a somewhat functional desktop we could install software again - so we started our standard removal barrage - first the reboot back into safe mode - disabling most of the virus, and networking so it couldnīt get out again. TFC (Temp File Cleaner) dumped about 350MB of temp files (we always start there) then it was on to anti-malwarebytes and a super antispyware scan - everything finding various corrupt files. We even completed a Microsoft Malicious Software Removal scan (just for good measure) Finally we manually checked through the registry for any startup entries that looked unusual and removed those as well as start menu items.

Once all scans started coming up clean (about 4 reboots into safe-mode later) it seemed safe to attempt going back into a normal startup. That was successful, so we proceeded to install spybot and immunize the system as well as updated anything that was out of date (flash, virus definitions etc...)

This system had been running Sophos anti-virus, the first time I had come across it. Looking up some ratings online it seems it is rated about the same as AVG, which, in the past has proven to be ineffective as an anti-virus solution. Managed to locate a great resource for getting test results on anti-virus products though: Anti-virus comparatives
Tags: computers trojan virus recovery
Share this:
No Comments
i
You must login or register to post comments Login/Signup
RSS feed Feed Description
Subscribe to the complete PawPrint.net News RSS news feedAll News RSS feed Complete RSS feed
Subscribe to the PawPrint.net News RSS news feed for this category onlyTechnobloggle RSS feed for: Technobloggle
A Rich Site Summary (RSS) feed is an xml data file that provides a summary of the information contained here. It is not designed to be viewed in your browser, but instead by rss reader software. If you do not know what this means - you can safely ignore it, as it is provided for advanced users with rss reader software only.
Copyright © 1992-2024 PawPrint.net
XDe Modular CMS: PawPrint.net