False alarm triggered by Kaspersky paralyses Windows computers
Russian anti-virus vendor Kaspersky distributed a virus signature update last night that identifies the explorer.exe file ? which, among other things, provides users with the Windows desktop ? as Worm.Win32.Huhk.c. This prompted several users of the software and of anti-virus software based on it, for example Gdata, to permanently remove the file. However, this causes the system to become inoperable after a reboot.
The situation is particularly likely to occur if Windows File Protection has been deactivated and Windows can't automatically restore explorer.exe. In addition, users may have deleted all copies of the file on their system, which would also result in Windows not being able to restore the file. In this case, however, Windows could be successfully recovered from the Windows installation CD by retrieving the file either through the recovery console or the emergency installation.