Windows Explorer Labeled a Virus

Linux users might actually agree with this "false positive". On the other hand Microsoft breathes a sigh of relief, as for once the antivirus software in question is not Windows Live OneCare.

The security company's systems had decided that a virus called Huhk-C was present in the explorer.exe file, leading to its confinement or, in some cases, deletion. As Windows Explorer is the graphical user interface (GUI) for Windows' file system, this made it difficult to perform many common tasks within the operating system, such as finding files.

David Emm, a senior technology consultant at Kaspersky Lab, told ZDNet UK on Friday that the company was still examining its checklist to find out why the false positive "slipped through the net."


The moral: if a critical Windows system file is marked as infected, do not immediately delete (or even quarantine it). Ask at the AV vendor's site first. On the other hand, most people wouldn't recognize a critical Windows system file if it bit them.