Is this a virus ? If not is it okay to have !!

H

heyyaa

New Member
Hi, This is my first post. While trying to clear up some memory on my computer I came across this site stating explorer.exe and how it could be a virus. After having a few of the symptoms mentioned it got me wondering. I will copy and paste my registry info... thanks for the views and help !!

William

WHAT I READ --- WHERE THE VIRUS WOULD BE !!!

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution.options

6. There might be sub-keys named explorer.exe and iexplorer.exe under this key. Those keys should not be listed under the Image File Execution.options registry key. Delete them entirely.
7. Close Registry Editor.
8. Reboot your computer.


WHAT MY REG LOOKS LIKE

Under Image File Execution.options ( I HAVE )

Only 1

IEInstal.exe ---- is this normal ?
 
I had folders on my desktop with pics. Those folders and many others are now grayed out and some of the pictures I am unable to delete. When I try to delete them the folders will become unresponsive and windows will close leaving my desktop screen with out any icons taskbars etc.. after a few minutes it will come back. the grayed out photos are un-openable.
 
If you think you are infected please do the following and post the requested logs.

Please download Malwarebytes' Anti-Malware from here or here and save it to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version. Please keep updating until it says you have the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • A log will be saved automatically which you can access by clicking on the Logs tab within Malwarebytes' Anti-Malware

If for some reason Malwarebytes will not install or run please download and run Rkill.scr, Rkill.exe, or Rkill.com. If you are still having issues running rkill then try downloading these renamed versions of the same program.

EXPLORER.EXE
IEXPLORE.EXE
USERINIT.EXE
WINLOGON.EXE

But DO NOT reboot the system and then try installing or running Malwarebytes. If Rkill (which is a black box) appears and then disappears right away or you get a message saying rkill is infected, keep trying to run rkill until it over powers the infection and temporarily kills it. Once a log appears on the screen, you can try running malwarebytes or downloading other programs.



Download the HijackThis installer from here.
Run the installer and choose Install, indicating that you accept the licence agreement. The installer will place a shortcut on your desktop and launch HijackThis.

Click Do a system scan and save a logfile

Most of what HijackThis lists will be harmless or even essential, don't fix anything yet.

When the hijackthis log appears in a notepad file, click on the edit menu, click select all, then click on the edit menu again and click on copy. Come back to your reply and right click on your mouse and click on paste.

Post the logfile that HijackThis produces along with the Malwarebytes Anti-Malware log
 
You must log in or register to reply here.
Back
Top