Little Witch Trojan<>Infecting Explorer_EXE

R

RCYoung

MS Antispyware(Beta 1) ID'd the above infection today when
I went to make sure my definitions had been updated... A
new set of definitions was d/l'd, which surprised me as I
have been checking for a week. I had lost control of my
Windows Explorer(the settings would change back to the
original Win XP Home settings(with icons ect.) Anyway I
told the Anti-Spyware to delete the offending LittleWitch
Trojan... and was told that it was corrected/deleted etc.
but when I went back to the Windows directory the same
explorer exe was in place with the same size reported. So
I went back to the explorer toolbar and change the set-
ings once again, to the way I want them only to find them
the same way as before I ran the deletion for the virus.
I'm going to try a reboot to see what(if anything happens)
will turn up... Would sure like some help on this...!!!
Thanks
 
E

Engel

Please submit a suspected spyware report to spynet. (tools-
submit suspected spyware report).
Click to expand...

Feel free to say what you've got in place and have tried,
and that it didn't work.

Once that has completed, please reboot into safemode and
run a full antivirus and spyware scan to see if that helps.
 
R

RCYoung

I have checked for new updates and followed your
directions. Went to safemode and ran both MS AS(Beta1) &
Norton AV on my hard drives... & nothing found. I even
changed the name of my Windows\explorer_exe to _ex1, but
to no avail as explorer_exe was put back in an instant.
So there is no infection found(in 727,360 files checked)
and in checking explorer again I still have to reset all
the files/directories on each drive, no matter what I
change in the View Settings... I don't know why I had to
mess a "Suspected" spyware report... It wasn't suspected
I said that the Antispyware program ID a LittleWitch
Trojan that had infected my Windows Explorer and had
supposedly repaired/extracted the Trojan. Is there a file
somewhere that captures and holds the explorer settings
or some thing along those lines? ? ? I have even tried
to extract the replacement(Pack2), but it's protected in
someway and reappears and does exactly the same thing!!

So what's next..? {:-(
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Superantispyware won out and here is why 20
WinXP wont activate after trojan / repair install 4
Trojan 10
Trojan Vundo removal guide? 5
Defender wont remove unwanted items!!! 8
Solved: No sound from browers for videos - Internet Explorer andFirefox 1
GAME RETAIL LIMITED - can they do this, and is it legal 9
Trojan-Clicker.Win32.Delf.qt 1

Top