Explorer.exe virus - cant get rid of it

[new2AMD]

My freinds PC got a virus and I tried to reformat it and reinstall the OS to get rid of it. It didnt work. I deleted all partitions and formatted it again and reloaded XP home and the moment I got it on the internet it got infected again. Explorer.exe file in windows/system32 is a virus. Anyone have any experience dealing with this virus? Is there something else going on here that broadcasts this PC the second it gets online? Its a dell 2400. It has NA2003 and SP1 on it. I hook it up to the web to get live update and sp2 on it and by the time it is done it is infected.

Any suggestions?

 

[spyordie007]

Is there something else going on here that broadcasts this PC the second it gets online?

Unlikely; the reason it is getting infected so quickly is most likely because of all the other machines out there that are infected with all the worms and looking for hosts like yours. I recall reading an article not too long ago that basically the average time it took an unpatched windows machine infected with one of the current worm epedemics was something like 20 min.

What you'll have to do is turn on the windows firewall before connecting it to the internet; the windows firewall should be sufficient to protect you long enough to install SP2.

Also you might want to update your topic a little. I'm not sure what you mean by the "explorer.exe virus" but explorer.exe is the windows shell (the application that is the GUI); so you might want to clarify. I've made some assumptions that it's infected with one of the many internet worms (due to the way it was infected).

 

[new2AMD]

the explorer.exe shell sits in the windows folder. This viscous files sits in the system32 folder.

 

[LTC8K6]

http://cexx.org/dlder.htm