 |
Windows 7: Explorer.exe showing as malware
|
24 Jan 2011
|
#1 | |
Windows 7 Home Premium x64 SP1 England |
Explorer.exe showing as malware
Hi All
Ive just run a scan with Hitman Pro and its flagged explorer.exe as Malware.MSE and Malwarebytes scans come back clear.Is this just an FP or do i have a problem.
Any help appreciated.
Danny
Last edited by xxxdannyxxx; 15 Apr 2011 at 07:45 AM..
| My System Specs |
| System Manufacturer/Model Number acer aspire 5935g
OS Windows 7 Home Premium x64 SP1
CPU intel(R)core(TM)2 duo CPU T6600 @ 2.20GHz
Motherboard intel gm45/gm47 revision 07
Memory 3 gb ddr3
Graphics Card ati radeon hd4570/512mb
Monitor(s) Displays lop156wh2-tle1 15.3 flat
Screen Resolution 1366x768
Mouse Optical
Hard Drives OCZ-Agility3 60gig ssd
320gig external hdd
500gig external hdd
Internet Speed 30Mbps Down/30Mbps Up
|
24 Jan 2011
|
#2 | |
Vista, Windows7, Mint Mate, Zorin, Windows 8 Florida in winter, Black Forest/Germany |
I would call that a "false positive". | | My System Specs | | System Manufacturer/Model Number HP, Dell, Gateway, Toshiba - 4 laptops and 2 desktops
OS Vista, Windows7, Mint Mate, Zorin, Windows 8
CPU from 1.6GHz Duo to i7
Monitor(s) Displays 2x HP w2207
Keyboard with trackball - no mices
Mouse Trackball mice
Hard Drives 5x HDD, 7x SSD, 12x Externals
Internet Speed DSL 6000
|
24 Jan 2011
|
#3 | |
Windows 7 Home Premium x64 SP1 England |
Quote: Originally Posted by whs  I would call that a "false positive". That was my first thought too
Thankyou | | My System Specs | | System Manufacturer/Model Number acer aspire 5935g
OS Windows 7 Home Premium x64 SP1
CPU intel(R)core(TM)2 duo CPU T6600 @ 2.20GHz
Motherboard intel gm45/gm47 revision 07
Memory 3 gb ddr3
Graphics Card ati radeon hd4570/512mb
Monitor(s) Displays lop156wh2-tle1 15.3 flat
Screen Resolution 1366x768
Mouse Optical
Hard Drives OCZ-Agility3 60gig ssd
320gig external hdd
500gig external hdd
Internet Speed 30Mbps Down/30Mbps Up
|
24 Jan 2011
|
#4 | |
Vista, Windows7, Mint Mate, Zorin, Windows 8 Florida in winter, Black Forest/Germany |
Especially since it shows in C:>Windows, which is the correct location. | | My System Specs | | System Manufacturer/Model Number HP, Dell, Gateway, Toshiba - 4 laptops and 2 desktops
OS Vista, Windows7, Mint Mate, Zorin, Windows 8
CPU from 1.6GHz Duo to i7
Monitor(s) Displays 2x HP w2207
Keyboard with trackball - no mices
Mouse Trackball mice
Hard Drives 5x HDD, 7x SSD, 12x Externals
Internet Speed DSL 6000
|
24 Jan 2011
|
#5 | |
Windows 7 Home Premium x64 SP1 England |
Quote: Originally Posted by whs Especially since it shows in C:>Windows, which is the correct location. Thanks whs always appreciate a second opinion
Danny | | My System Specs | | System Manufacturer/Model Number acer aspire 5935g
OS Windows 7 Home Premium x64 SP1
CPU intel(R)core(TM)2 duo CPU T6600 @ 2.20GHz
Motherboard intel gm45/gm47 revision 07
Memory 3 gb ddr3
Graphics Card ati radeon hd4570/512mb
Monitor(s) Displays lop156wh2-tle1 15.3 flat
Screen Resolution 1366x768
Mouse Optical
Hard Drives OCZ-Agility3 60gig ssd
320gig external hdd
500gig external hdd
Internet Speed 30Mbps Down/30Mbps Up
|
24 Jan 2011
|
#6 | |
Windows 7 Professional 64 Bit SP1 |
I'm curious, did you do any modding of Window's to adjust the theme?
Quote: Originally Posted by xxxdannyxxx
Quote: Originally Posted by whs Especially since it shows in C:>Windows, which is the correct location. Thanks whs always appreciate a second opinion
Danny | | My System Specs | | System Manufacturer/Model Number HP DV6 1330sa
OS Windows 7 Professional 64 Bit SP1
CPU INTEL DUAL CORE 2.1Ghz
Motherboard N/A
Memory 4GB DDR3
Graphics Card INTEL
Sound Card LAPTOP
Monitor(s) Displays 2
Screen Resolution 3200x1080
Keyboard SOLID YEAR 260U
Mouse USB
PSU LAPTOP
Case LAPTOP
Cooling LAPTOP
Hard Drives 250GB
Internet Speed 20 MB/S
|
24 Jan 2011
|
#7 | |
Windows 7 Home Premium x64 SP1 England |
I do have custom icons and a custom orb but havent applied any custom themes. | | My System Specs | | System Manufacturer/Model Number acer aspire 5935g
OS Windows 7 Home Premium x64 SP1
CPU intel(R)core(TM)2 duo CPU T6600 @ 2.20GHz
Motherboard intel gm45/gm47 revision 07
Memory 3 gb ddr3
Graphics Card ati radeon hd4570/512mb
Monitor(s) Displays lop156wh2-tle1 15.3 flat
Screen Resolution 1366x768
Mouse Optical
Hard Drives OCZ-Agility3 60gig ssd
320gig external hdd
500gig external hdd
Internet Speed 30Mbps Down/30Mbps Up
|
24 Jan 2011
|
#8 | |
Windows 7 Professional 64 Bit SP1 |
I just thought that if you had, maybe the AV had picked up on the altered explorer.exe signature because of the theme changes. I mean, there are people on here who hack many system's .exe and .dll files to make themselves custom Window's theme, so I had to ask if you were one of then. But I guess not, so it's just a normal FP 
Quote: Originally Posted by xxxdannyxxx I do have custom icons and a custom orb but havent applied any custom themes. | | My System Specs | | System Manufacturer/Model Number HP DV6 1330sa
OS Windows 7 Professional 64 Bit SP1
CPU INTEL DUAL CORE 2.1Ghz
Motherboard N/A
Memory 4GB DDR3
Graphics Card INTEL
Sound Card LAPTOP
Monitor(s) Displays 2
Screen Resolution 3200x1080
Keyboard SOLID YEAR 260U
Mouse USB
PSU LAPTOP
Case LAPTOP
Cooling LAPTOP
Hard Drives 250GB
Internet Speed 20 MB/S
|
24 Jan 2011
|
#9 | |
Windows 7 Home Premium x64 SP1 England |
Quote: Originally Posted by Lost Colonist I just thought that if you had, maybe the AV had picked up on the altered explorer.exe signature because of the theme changes. I mean, there are people on here who hack many system's .exe and .dll files to make themselves custom Window's theme, so I had to ask if you were one of then. But I guess not, so it's just a normal FP
Quote: Originally Posted by xxxdannyxxx I do have custom icons and a custom orb but havent applied any custom themes. Actually Lost Colonist your on to something i restored the explorer.exe back-up file that windows 7 start button changer creates and ran it again and no problems, used it again to apply a custom orb and the problems back.
Any Views on this
Danny | | My System Specs | | System Manufacturer/Model Number acer aspire 5935g
OS Windows 7 Home Premium x64 SP1
CPU intel(R)core(TM)2 duo CPU T6600 @ 2.20GHz
Motherboard intel gm45/gm47 revision 07
Memory 3 gb ddr3
Graphics Card ati radeon hd4570/512mb
Monitor(s) Displays lop156wh2-tle1 15.3 flat
Screen Resolution 1366x768
Mouse Optical
Hard Drives OCZ-Agility3 60gig ssd
320gig external hdd
500gig external hdd
Internet Speed 30Mbps Down/30Mbps Up
|
24 Jan 2011
|
#10 | |
Windows 7 Professional 64 Bit SP1 |
Every file has a default signature and MD5 hash etc, maybe whatever is in this hitmanpro checks these signatures / hashes. In this case it would have noticed an altered signature/hash and flagged it as infected.
Quote: Originally Posted by xxxdannyxxx
Quote: Originally Posted by Lost Colonist I just thought that if you had, maybe the AV had picked up on the altered explorer.exe signature because of the theme changes. I mean, there are people on here who hack many system's .exe and .dll files to make themselves custom Window's theme, so I had to ask if you were one of then. But I guess not, so it's just a normal FP
Quote: Originally Posted by xxxdannyxxx I do have custom icons and a custom orb but havent applied any custom themes. Actually Lost Colonist your on to something i restored the explorer.exe back-up file that windows 7 start button changer creates and ran it again and no problems, used it again to apply a custom orb and the problems back.
Any Views on this
Danny | | My System Specs | | System Manufacturer/Model Number HP DV6 1330sa
OS Windows 7 Professional 64 Bit SP1
CPU INTEL DUAL CORE 2.1Ghz
Motherboard N/A
Memory 4GB DDR3
Graphics Card INTEL
Sound Card LAPTOP
Monitor(s) Displays 2
Screen Resolution 3200x1080
Keyboard SOLID YEAR 260U
Mouse USB
PSU LAPTOP
Case LAPTOP
Cooling LAPTOP
Hard Drives 250GB
Internet Speed 20 MB/S
Explorer.exe showing as malware problems? All times are GMT -5. The time now is 06:54 PM. |  |
ntoskrnl.exe showing up in task manager,malware? 
