Yes, it would take 30 seconds IF:

1) a person knows to go and look at the Kaspersky forums first and read the fix.
2) a person has a 2nd computer with which to do so.

Please remember, that the result of what happens when people delete explorer.exe is that they are no longer able to use their computer. This post really makes light of the problem by seemingly suggesting that users have an instant psychic connection to the fix that you have posted after watching their computer die.

Yes it is all very easy (happy face) when you already know what you were supposed to do before the problem occurs.

Sadly I was not. (Still reinstalling and fixing everything since last night after trying and failing to do a system repair).

I would imagine there are many users out there right now, who do not have a second computer, who are looking at a desktop with no UI on it and wondering what the heck they are gonna do next.

Thanks. Sadly the same result as with Lucien's file.

This is like saying that the corner restaurant did nothing to harm me when they served me Salmonella laced chicken. Yes... it was my fault for eating it, I should learn to take responsibility and learn from my experiences?!?! I can't foresee what deleting an "infected" file would do, any more than I can forsee that my chicken has Salmonella in it. Hindsight is 20/20.

Blaming users for this one is just... are we on the same planet?

I was just hit by the false positive myself. I managed to restore 2 of the files by the but the last one it cannot restore. I keep getting error message "explorer.exe\Explorer.EXE Path does not exist. Please verify the correct path was given." I'm now afraid to reboot it because it may not come back up.

can anyone please tell me what else I can do to save myself from a shot in the foot. I've already did what kaspesky said on http://support.kaspersky.com/viruses/computers?qid=208279581 but this last one has me really nervous. So far my desktop and start button and everything is working as I'm on this pc typing this but it may not come back up afterwards.

hello
no it's fine. read here: http://forum.kaspersky.com/index.php?s=&am...st&p=504627

Hi there,

First time post from a non-technical person, so please bear with me.

I had the same problem as everyone described above with the Worm Win 32 Huhk c virus and my iexplorer. I deleted it a couple of times.

I found on the internet on a second computer that this was something to do with Kaspersky so I repaired and then eventually uninstalled and reinstalled it. I've now updated it using the downloads from the second computer via USB onto the computer with the problem. Obviously this removed the option to back-up/restore the file from Kaspersky system.

I can go into windows etc normally, however once I select my windows profile it takes a good 5 mins to boot up, which is not normal. In addition I cannot get onto the internet at all as it seems stuck on the "acquiring network address/access" for the little internet symbol on the bottom right of the screen.

So now I'm currently stuck with a very slow and non-internety computer. Suggestions would be great. For example, do I need to reinstall iexplorer via my windows CD as mentioned earlier, if I can get on to windows normally its just super slow? And what do I do to get my internet functioning again?

Thanks in advance for the help.

if the desktop works (you have a start menu, icons et.), then it's not because of explorer.exe. your issues come from somewhere else. we had drivers updates yesterdays, and a couple of days ago, so that might also have to do with it. how about with kaspersky uninstalled, does the pc still hang/do you stil lhave the network address issue?

Yes with it uninstalled its still acting up the same. But I didnt have any of these problems until the worm appeared and I deleted, restarted, deleted restarted.

insert your xp cd into the drive. open start>run and type in sfc /scannow. wait for the scan to complete and reboot the system

Ok I will try that when home from work this evening. Is it likely then that this problem has somehow screwed up my internet connection?

deleting that file but restoring shouldn't have caused it. are you normally on a dynamic or static ip?

Sorry but no idea what the difference is, or which one I have.

ok, how do you connect to the internet? a router, wireless etc.?

via a router, not wirelessly.

First I’ve been fortunate enough not to have these probs although my ‘puter stays on from when I get up til I go to bed usually… I’m curious why I wasn’t affected… (although very happy that I wasn’t and my best wishes for a speedy recovery for those that were )…

1) We found out the other day that users in North America are directed to different Kas web pages… are the updates different for us too? could that be why I wasn't afected?

a couple of questions that i realize are prolly self evident but just wanna make sure for clarification:

2) I assume that KIS’s “backup” tab has no connection with Windows’ System Restore? (I have System Restore turned off)

3) I also assume that when ppl are referring to Restoring, they are referrin’ to Kas’s backup and not a user backup?

as always, thanks in advance for your time and help...

EDIT: since i have nothing in KIS's Backup or Quarantine so i can't chk to see if a restore can be done from there, of course i assume it can...

1. no, updates are the same and the server network ensures it (updates are mirrored on all servers), but you probably missed the bad update
2. kis's backup is independent of the windows one, and restore means to restore it from Kis's backup.

thanks for verifying Lucian, have a good day

I'm not saying this should have happened, or it hasn't caused problems, but simply (insert angry smiley here) will not help the situation will it?

Heck, I don't get paid, but I posted a fix here as soon as I realised there was a problem (no, I did not have one ready made, took a bit of thinking), and stayed up until 2AM trying to help sort this out....in the end it is only a few clicks, and everything is restored in the majority of cases.

Yes, it was a bad mistake, but at least it is quickly recoverable for most with the correct instruction. I am sure KL will not let this happen again, as I said, it happens to the best of them, including Symantec and Avira, who have had their share of mistaken windows component deletion too.....

mods don't get paid? geez as much time as ya'll spend doin' this, it's hard to believe [head shaking]
well ya should be dammit [indignant]

in that case then i really wanna double all the thanks and appreciation i've given you guys... (except for that hard headed DON lol ) obviously jk, he's been a huge help to me

EDIT: just realized (realised for the UK ppl lol) something, everyone east of the US - UK, Europe, etc. are doin' us a big favor... ya'll get up earlier than we do so you catch some bugs, etc. before we even turn on our puters... appreciate that too...

I get paid .......($, six figures), i'm sure MAPKOPKA is just being modest and get about the same as i and the rest of the spindoctor crew....................................i think we're worth every penny. An emoticion or two might be missing and humour might have been used as well.

Now onto something helpfull (maybe, hopefully):

Link to the official fix: http://support.kaspersky.com/viruses/computers?qid=208279581.

Run System File Checker (sfc.exe), this will scan all protected Windows files to verify their versions have not been overwritten or damaged, and if so will replace the compromised version with a fresh copy. To run it, click Start/Run and type 'sfc.exe /scannow' (without the quotes but with the space between the 'e' and the '/'). Alternatively, you can click start/Run and type in CMD and click O.K., when the black window opens type in "sfc /scannow". You will need to insert your Windows CD into the drive to enable sfc to effect the repair. Sfc.exe will just stop without any other sign than the statusbar is gone!

No success with attempting that, kept asking for the original CD as I have an OEM one. Then I attempted to reinstall windows in its entirety and was stopped when asked for my NVIDIA Bus Installation Disk #1 which I dont have and have no idea what it is!

So I'm currently stuck with a super slow computer, which wont connect on the internet (stick stuck on 'acquiring network address') this is very bad

Also in regards to a later question, I have a dynamic IP address, if that helps at all.

don't you have a disk from your motherboard? try to insert that. are you reinstallnig windows from within windows or did you boot from the windows cd?

from within windows. I do have a motherboard cd but it doesnt say NVIDIA on it, is that the right one?

nvidia is your chipset manufacturer (the chipset on your motherboard). it's probably that one.

Just download a driver from the Nvidia site.

Ok so I found the driver within the ASUS CD I had and completed the repair of windows (this time from outside windows itself, from the CD boot) and it unfortunately repaired nothing. Still takes forever for the computer to get into windows from booting up and I cant get onto the internet. My more techy friend has suggested a complete windows reinstallation otherwise wiping the computer completely, which I have to say doesnt sound overly appealing.

Any advice to avoid this situation would be greatly appreciated.

Looks like this is getting some attention outside the Kaspersky forums:
http://news.zdnet.com/2100-1009_22-6223836.html

This may be out in left field. I wondering if one or more of your prefetch files is messed up.

These can be deleted see:

http://www.windowsnetworking.com/articles_...refetch-XP.html

You can find other Sites that contradict this Site, however, consider deleting all prefetch files, reboot, & see what happens.
C:\Windows\Prefetch\

They will rebuild themselves if you do not change the registry value. A second reboot hopefully shows an improvement.

What the h_ll, won't hurt & may work, for the slow startup anyway.

Techies almost always want to reformat, it's too time consuming to find the real problem, which is usually very simple when found.
And you wouldn't want to pay their price when they do find it. I didn't, so did my own debugging.

Keep Googleing & trying

I've had very serious problems over the years, but somehow managed to eventually solve them without a reformat & reinstall.
I have a huge amount of data over many years in several locations and formats. I never accepted the reformat, reinstall solution.
Started with Windows, Windows for Workgroups etc up to XP Pro SP2 without a reformat & it runs well. Well enough to do Solids CAD Design.

Frank

the file explorer.exe is an update to explorer found in :- WindowsXP-KB938828-x86-ENU.exe
i deleted the explorer and the cache'd one (and had to duel boot and find a copy of explorer on sp2 cdrom
windows update on automatic is downloading and reinstalling the new (false pos) explorer.exe
LOOPs anyone...
1) are microsoft or nsa pushing a trojian explorer to overseas update users?
2) would you tell us the truth?
i will be turning off automatic updates for the patching period
and using the older explorer (read-only and no write permissions for anyone including me)
i had noticed , explorer.exe was running x2 with a clone of itself /IDLIST & & & (logging?)
what diabolical scheme to close down prirate computers are they upto now?
"well if they downgrade to xp we will have to introduce RFM to xp" lol
an update solves the problem? it that because you've been nobbled?
sapien-red

Hmmmmmmmmmmmmmm..........................................