-
June 24th, 2008, 08:55 AM
#1
Junior Member
explorer.exe not executing
Please help!
This is another abnormal functioning in a series of others.
Today when i booted my PC, the Welcome screen took a little longer to disappear and then, on the desktop there was nothing, absolutely nothing.
I'm using WinXP SP2, its never happened before.
I opened msconfig, to see two new processes,
process command
1) owjokuch rundll32.exe "C:\WINDOWS\system32\owjokuch.dll",s
2) wmjgenhj rundll32.exe "C:\WINDOWS\system32\wmjgenhj.dll",b
i disabled them, and after rebooting, i got the same problem.
Then, i tried starting the explorer.exe from the task manager. It starts, only to get terminated automatically.
HOW??
-
June 24th, 2008, 09:26 AM
#2
Junior Member
Now, I see that even the folders or drives are not opening in GUI.
I can access them on DOS only.
-
June 24th, 2008, 09:45 AM
#3
Hmmmm,
I would say that you have polymorphic malware onboard.
Try booting into safe mode and running the latest version of your anti-malware applications. Make a note of what they detect, we might need that information later
I would strongly recommend saving any personal data files to external media at this stage.
Try logging on in "safe mode with network support" and running the PC-Cillin and Panda online checks.
Good Luck!
Remember: You will need to disable the saved configurations first, then make a manual one when you have cleaned your PC.
-
June 24th, 2008, 11:43 PM
#4
I think that you got some work in you computer that infected most of files.
Burn som antivirus on the CD and run it from it.
sophos has "sav32cli" that you can put on CD
http://www.sophos.com/support/knowle...cle/13251.html
and Dr.Web has CureIt
http://freedrweb.com/cureit/ -
Use other computer to download and burn files on CD.
-
June 26th, 2008, 09:03 AM
#5
Junior Member
thanx!
But, my novice bro called up someone, who took 200/- to reinstall the OS!!
So, lets forget that and carry on...
-
June 26th, 2008, 12:09 PM
#6
That was probably the best solution.
It sounds rather like vundo/virtumonde as this trojan goes for explorer.exe and uses random filenames.
I would hazard a guess that it is either a badly coded variant or a screwed up installation. The reason I say that is the usual function of that family of malware is to serve up adware. Obviously it cannot do that if you can't get your PC to work properly.
You need to ask yourself how you got it, as it certainly did not blow in with the wind............. it is a classic trojan for the most part.
Last edited by nihil; June 26th, 2008 at 12:12 PM.
-
June 27th, 2008, 09:04 AM
#7
Junior Member
I don't know how it came, I was just doing my stuff... And the system hanged for some time, and then it happened.
I think its like some time bomb.
It was a dll which used rundll32.exe to execute.
I must have downloaded some software which activated them..
-
June 27th, 2008, 11:59 AM
#8
Well,
If you have software you saved from the system or anything you downloaded onto external media I would scan it very carefully before trying to use it, or you will just go back to square 1.
-
July 4th, 2008, 10:00 PM
#9
if it ever happens again and you don't have a desktop or it errors on boot (including safemode) try combofix
http://www.bleepingcomputer.com/comb...o-use-combofix
just tested it on a customers computer 3 seconds ago
-
July 15th, 2008, 06:32 PM
#10
Junior Member
Originally Posted by ech0
thanx!
Similar Threads
-
By al1aprize in forum AntiVirus Discussions
Replies: 10
Last Post: August 21st, 2006, 12:33 PM
-
By ShagDevil in forum General Computer Discussions
Replies: 0
Last Post: July 5th, 2006, 09:11 PM
-
By imported_all_smiles in forum Operating Systems
Replies: 8
Last Post: May 2nd, 2006, 08:36 PM
-
By mrg81 in forum Microsoft Security Discussions
Replies: 7
Last Post: June 30th, 2004, 10:17 PM
-
By TAIWL in forum AntiOnline's General Chit Chat
Replies: 1
Last Post: February 11th, 2004, 05:58 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|