Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot remove suspected virus from startup in Windows Defender (32bit Vista)


  • Please log in to reply
4 replies to this topic

#1 talktravel

talktravel

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:France (vacation)
  • Local time:04:50 AM

Posted 16 July 2011 - 06:37 AM

Hi there,
I'm using the pacs-portal database to help discover which things I can safely remove from the startup in windows vista 32bit. I am accessing the start-up file list using windows defender. The database indicates that explorer.exe should not normally be in the start-up and that it is probably a virus; however when I select this file all 3 buttons are inactive (Delete, Deactivate, Activate - sorry, it's in French and those are the closest translations I can think of). I also tried unsuccessfully to delete the file located on C:\Windows\eplorer.exe
I'd like to know if it is a virus and if so, how I can remove it altogether (not just from the startup)

Thanks very much

BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:50 PM

Posted 16 July 2011 - 10:05 AM

The short answer....explorer.exe is necessary and should be in startup.
Are you experiencing any malware related problems or attempting to speedup the startup?

Whenever you suspect a file is malware you can submit it to one of the linked online services below and it will
scan the file with numerous security programs and give you a report.
VirusTotal - Free Online Virus and Malware Scan
Jotti's malware scan
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 talktravel

talktravel
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:France (vacation)
  • Local time:04:50 AM

Posted 16 July 2011 - 10:29 AM

Hi Buddy215,
Thanks for replying. The startup is abnormally slow, as for malware related problems... I'm not actually sure what those might look like :blink:

I'm cheesed off that the database listed it as a problem though! I will try out the links you gave me and go from there.
Thanks again

#4 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:50 PM

Posted 16 July 2011 - 11:18 AM

Eliminating programs from startup will speed it up.
But if the slowness you are experiencing is a recent occurrence and you have not added programs,
then you should look further as to the cause.

Some suggestions: Defragment your hdd, use the Disk Cleanup utility (see link), scan with Super Antispyware Free
and allow it to remove whatever it finds. If it finds anything other than cookies, let me know.

Delete files using Disk Cleanup

SUPERAntiSpyware.com - AntiAdware, AntiSpyware, AntiMalware! (if you have SAS Free already installed, be sure to update before scanning)

Directions for using SAS:
http://www.bleepingcomputer.com/virus-removal/how-to-use-superantispyware-tutorial
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 hamluis

hamluis

    Moderator


  • Moderator
  • 56,119 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:10:50 PM

Posted 16 July 2011 - 01:12 PM

IMO...you didn't read the data properly :)...which is the sort of thing that malware-writers count on often.

The entry reads:

"exp1orer.exe X exp1orer.exe Added by the DLOAD-FG TROJAN! Notice the digit "1" used in both the startup entry and filename, rather than a lower case "L"

Louis




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users