ok I have a bit of a long story to get out of the way… I do regular scans on my computer with a few antiviruses spyware/ad ware applications… none of the programs I use detected any problems. (avast, malware bytes, spy-bot search and destroy, ad-aware, Microsoft security essentials) but I ran another program called hitman pro and it detected my explorer.exe to be infected but it didn’t say what the infection is… it doesn’t have much of a log but i can post what it said about it:
I am experiencing no effects at all on my machine it is operating fine with no slow downs or crashes… could this be a false positive?
well there is one effect my libraries folder opens up automatically at startup for some reason…
I just need some advice on how to deal with this threat if it is one.
oh and I have windows 7 64 bit installed if you need to know that…
thank you for any help
update
I did a scan with virus total web scanner and it lists: medium risk malware from prevx the company that made hitman pro.
I am experiencing no effects at all on my machine it is operating fine with no slow downs or crashes... could this be a false positive?
It may...you can upload the file to Avira and have it analysed http://analysis.avira.com/samples/
(avast, malware bytes, spy-bot search and destroy, ad-aware, Microsoft security essentials)
so you are having 3 virus engines installed....avast. ad-aware with Ikarus AV engine and MSE....not smart
having multiple AV engines installed can create all kind of mysterious windows errors and FP detections
ok i got super spyware and i like it I got rid of security essentials… I haven’t gottem anyword back yet about my file analysis but ill post the results when I do…
also wouldn’t spybot be good to keep even for the immunize feature? if not are there other preventative programs out there?
I also notice from your signature that you have malware bytes pro is that worth it or should i stick to the free version?
also wouldn't spybot be good to keep even for the immunize feature? if not are there other preventative programs out there?
there have been some cases where teatimer is conflicting with avast
I also notice from your signature that you have malware bytes pro is that worth it or should i stick to the free version?
yes, i use the PRO version, it has a autoupdate and a protection module with process monitor that will see if malware try to install and also IP block that will block you from entering IP listed as bad
The price is a one time fee for a lifetime license
ok I got it I plan on running a full scan with it after avast completes its… about explorer being infected I doubt it no other program detects it only prevx does and it doesn’t list what type of infection it is so it may just fulfill the conditions all I can really do is wait for the report to be emailed to me from avira all I can do till then is speculate
ok I got my results back but there is a big problem… um I cannot read any of it T.T
Eine Auflistung der Dateien und Ergebnisse sind im folgenden aufgeführt:
Datei ID Dateiname Größe (Byte) Ergebnis
26106712 explorer.exe 2.28 MB DAMAGED FILE (UNKNOWN)
Genaue Ergebnisse für jede Datei finden sie im folgenden Abschnitt:
Dateiname Ergebnis
explorer.exe DAMAGED FILE (UNKNOWN)
Die Datei 'explorer.exe' wurde als 'DAMAGED FILE (UNKNOWN)' eingestuft. In particular this means that this file is damaged and not working properly. We could not find any malicious content. However the heuristic detection module may still detect this particular file even though it is damaged. In that case we will not adjust and remove detection for this damaged file.
Alternativ können Sie die Ergebnisse der Analyse hier einsehen:
http://analysis.avira.com/samples/details.php?uniqueid=V0LpZbnjDQMsRVyVE8Djxks7jcT3Dpz5&incidentid=722170
Zusätzlich finden Sie eine Übersicht aller Einsendungen hier:
http://analysis.avira.com/samples/details.php?uniqueid=V0LpZbnjDQMsRVyVE8Djxks7jcT3Dpz5
Hinweis: Bitte wenden Sie sich mit spezifischen Fragen an support@avira.de
Mit besten Grüßen
Avira Virenlabor
---------------------------------------------
Avira GmbH
Lindauer Str. 21, D-88069 Tettnang, Germany
Telefon: +49 (0) 7542-500 0
Telefax: +49 (0) 7542-525 10
Internet: http://www.avira.de
Geschäftsführer: Tjark Auerbach
Firmensitz: Tettnang
Handelsregister: Amtsgericht Ulm HRB 630992
---------------------------------------------
my original submission was in English and my submission email was too but the report for some reason is in German?
anyone able to translate?
update
it identifies my explorer file to be damaged but I’m running it fine so not sure where to go from here…
Seems a false positive.
Prevx to detect more get a lot of false positives.
Your submition was to whom? Which site? Sorry, got it was Avira. Another false positive winner. Or should I say looser? ;D
If you seem to have a virus attached to Internet Explorer, you’ll want to get rid of it as soon as possible. In addition to the issues that arise with your Internet browsing, it could be doing significant damage behind the scenes.
Run Microsoft’s Malicious Software Removal Tool. To do so, click your “Start” menu and open the “Run” dialog. Type “MRT,” then press “Enter.” This application comes preinstalled with Windows 7, Windows Vista, Windows XP, Windows 2000 and Windows Server 2003. If you cannot run or find the repair tool for whatever reason, you’ll have to download a new copy from the link in Resources.
Click the “Next” button.
Select “Full Scan.” Although this scan takes a bit longer than the default quick scan, it gives a better chance of deleting a virus attached to Internet Explorer.
Click the “Next” button. Wait for the program to complete its scan of the infected PC.
Follow the prompts to delete the Internet Explorer virus, along with any others it may have downloaded.
Click the “Finish” button.
Restart your computer.
Always remember that antivirus software is very important to have to protect your computer from harmful virus that could damage the system. Whether it’s Avast or other antivirus like Norton, AVG, McAfee, etc…
Its explorer.exe. NOT iexplorer.exe. Two different things. By chance archonoffate…Are you using any sort of patch for themes? Some patches will replace your original explorer.exe for another one. Be sure that explorer.exe is located in C:\Windows\Explorer.EXE.
thank you for your reply but I should have been more specific it isn’t internet explorer it is explorer.exe in the C:/windows folder and its appears to be a false positive because though avira said the file was damaged it also said it was clean and prevx shows alot of false positive… i’m 90% sure its a false positive unless someone has more to add