Welcome Guest [Log In] [Register]
Welcome to Altezza Club Of NZ/Australia. We hope you enjoy your visit.


You're currently viewing our forum as a guest. This means you are limited to certain areas of the board and there are some features you can't use. If you join our community, you'll be able to access member-only sections, and use many member-only features such as customizing your profile, sending personal messages, and voting in polls. Registration is simple, fast, and completely free.

http://s4.zetaboards.com/lexusaltezzaclub/topic/1148393/1/#new



Username:   Password:
Add Reply
Tech Help?
Topic Started: Oct 3 2010, 11:36 PM (375 Views)
14YER
Member Avatar
Pursuing Perfection
[ *  * ]
Ok, I know this isn't an IT forum, but there seems to be quite a few IT savvy people here. I've searched google and tried multiple things but nothings worked so far, so hopefully someone can help me out. :D

The problem: it seems that the explorer.exe file located in the windows folder was infected by a trojan, so I ran an avg scan and removed it, however avg removed the explorer.exe completely so the task bar and desktop icons didn't load.

Anyway, I managed to fix this problem by getting a copy of explorer.exe from c:\WINDOWS\sys....\i368 can't remember the exact path, but this brought me straight back to where I started.

Is there a way of getting rid of the trojan without actually deleting the explorer.exe file?

I'm running windows xp home edition.

Any help appreciated, thanks
Offline Profile Quote Post Goto Top
 
00100100
00100100 = $$ in ASCII
[ *  * ]
Silly question ...

Avg should have told you the trojan name when it removed explorer.exe, did you seach that trojan and how to remove it. There are usually instruction on how to remove most of trojans in the antivirus program database that you use.
Offline Profile Quote Post Goto Top
 
siideways
Member Avatar
Stock
[ *  * ]
Do another virus scan & find out the name of the virus?
Offline Profile Quote Post Goto Top
 
Saito
Member Avatar
Stock as a Rock
[ *  *  *  *  *  * ]
00100100,Oct 4 2010
01:16 AM
Silly question ...

Avg should have told you the trojan name when it removed explorer.exe, did you seach that trojan and how to remove it. There are usually instruction on how to remove most of trojans in the antivirus program database that you use.

This is the best way to approach the issue and solve it.

Some anti virus applications are not user friendly when it comes to infected machines.
They at times clean infected files and also delete files that cannot be cured. This causes issues for alot of people that are not that computer savvy.

I believe AVG is only removing the infected file because it cannot clean it.

So you are going to need to find out what kind of virus it is first before you can really do anything.
After, i'm sure doing a quick search on the internet will point you to the correct removal tool for the specific virus. Symantec always has removal tools for most viruses out there.


Good luck mate..Kill that sucker! B)
AUSTRALIAN MEMBERS:
Looking for specific Australian timber made lures. If you have any or know someone that does have any, and are willing to sell or trade them...contact me please
Offline Profile Quote Post Goto Top
 
14YER
Member Avatar
Pursuing Perfection
[ *  * ]
Thanks for the reply guys, I did a search and the name is:
"Trojan Horse Patched_c.Jed"

I googled it and the results are pretty recent, not much information on a fix, apparently its a pretty new virus :huh: ?
Offline Profile Quote Post Goto Top
 
00100100
00100100 = $$ in ASCII
[ *  * ]
14YER,Oct 3 2010
10:07 PM
Thanks for the reply guys, I did a search and the name is:
"Trojan Horse Patched_c.Jed"

I googled it and the results are pretty recent, not much information on a fix, apparently its a pretty new virus  :huh: ?



It is pretty new yeah :wacko:

DOnt forget also that other antuvirus programs might call the trojan a different name. I googled a norton equivalent name but didnt find much resutls either. Although I dont like using Norton but they usually got a good database on how to deal with most trojans/viruses.

May be wait for a couple of days until more info is available.

Otherwise for now you can do a windows repair ... might help!

Or, creat a new windows User (not admin) account and try explorer in there. See if the virus symptomes appear again. I solved allot of problems doing that. Its much easier then fixing an existing account or reinstalling windows.

Good luck
Offline Profile Quote Post Goto Top
 
14YER
Member Avatar
Pursuing Perfection
[ *  * ]
I've tried a load of things including a system restore to an earlier point but that didn't fix anything. I'd re-install windows but the laptop came without a cd.


I think all I can do is wait until someone finds a way to fix this :unsure:

Offline Profile Quote Post Goto Top
 
siideways
Member Avatar
Stock
[ *  * ]
14YER,Oct 4 2010
10:07 AM
Thanks for the reply guys, I did a search and the name is:
"Trojan Horse Patched_c.Jed"

I googled it and the results are pretty recent, not much information on a fix, apparently its a pretty new virus  :huh: ?


Remove it with http://www.surfright.nl/en/ ..
Offline Profile Quote Post Goto Top
 
Saito
Member Avatar
Stock as a Rock
[ *  *  *  *  *  * ]
Wen through a few forums about his virus...yeah its a new one that hijacks the explorer.exe.

But came through this post from a user on a tech supp forum...hope it helps..

http://www.techsupportforum.com/security-c...plorer-exe.html
AUSTRALIAN MEMBERS:
Looking for specific Australian timber made lures. If you have any or know someone that does have any, and are willing to sell or trade them...contact me please
Offline Profile Quote Post Goto Top
 
14YER
Member Avatar
Pursuing Perfection
[ *  * ]
siideways,Oct 4 2010
07:25 PM
Remove it with http://www.surfright.nl/en/ ..

Hitman completely removes the infected explorer.exe file leaving a blank desktop. Leaving me back at square one after I replace the explorer file... :wacko:



Thanks saito, I've been following a few boards but no luck yet....
Offline Profile Quote Post Goto Top
 
Saito
Member Avatar
Stock as a Rock
[ *  *  *  *  *  * ]
Re-image!!!! lol

Hope you find a fix...but during that time finding it, you could of already copied/backed up your data and re-imaged the Pc already...lol
AUSTRALIAN MEMBERS:
Looking for specific Australian timber made lures. If you have any or know someone that does have any, and are willing to sell or trade them...contact me please
Offline Profile Quote Post Goto Top
 
yoodles!
Stock
[ *  * ]
just remove explorer.exe and replace it with one from another PC

when you go to replace it taskmanager / kill explorer.exe
open notepad, go to save option, thsi will allow you to take the new explorer.exe from another computer and copy paste it into the windows folder and your done (with out needing to open explorer to copy paste the file)

we had the same issue with AVG but it jsut removed explorer on a Clients PC, and thats how the tech fixed it
is200 1999 | legana + altezza body kit | 1jz-gte Twin Turbo | R154 | HKS Hypermax II's | 3" mandrel bent dump back | 180 RWKWs stock boost | Lobethal, South Australia
Offline Profile Quote Post Goto Top
 
14YER
Member Avatar
Pursuing Perfection
[ *  * ]
I've fixed it yesterday :D

Replacing explorer.exe alone didn't work for me, the trojan had infected several system files and kept re-infecting the new explorer.exe file, AVG didn't pick these other files I had to download Kapersky Virus Remover which found them and deleted them all.

Found the fix here: http://www.bleepingcomputer.com/forums/topic351001-60.html
Offline Profile Quote Post Goto Top
 
1 user reading this topic (1 Guest and 0 Anonymous)
ZetaBoards - Free Forum Hosting
Enjoy forums? Start your own community for free.
Learn More · Register Now
« Previous Topic · The Off Ramp · Next Topic »
Add Reply