Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > explore.exe ? GRAYBIRD.G virus

Reply
Thread Tools

explore.exe ? GRAYBIRD.G virus

 
 
Keith (Southend)
Guest
Posts: n/a
 
      05-08-2006
I noticed on TCPView yesterday that I had a process 'explore.exe'
running. Also I have AVG scan my computer at 1am every morning yet the
last scan never completed and I noticed the computer had 'crashed /
re-started' I've done a search on this one and am currently running AVG
manually as the process is no longer listed in TCPView, was just
wondering if I should do anything else to be sure I have cleared this
'virus' assuming that's what it is?

Process File: explore or explore.exe
Process Name: GRAYBIRD.G virus


http://www.symantec.com/avcenter/ven...plore.zip.html
http://www.liutilities.com/products/...brary/explore/

Many thanks
--
Keith (Southend)
http://www.southendweather.net
 
Reply With Quote
 
 
 
 
David H. Lipman
Guest
Posts: n/a
 
      05-08-2006
From: "Keith (Southend)" <(E-Mail Removed)>

| I noticed on TCPView yesterday that I had a process 'explore.exe'
| running. Also I have AVG scan my computer at 1am every morning yet the
| last scan never completed and I noticed the computer had 'crashed /
| re-started' I've done a search on this one and am currently running AVG
| manually as the process is no longer listed in TCPView, was just
| wondering if I should do anything else to be sure I have cleared this
| 'virus' assuming that's what it is?
|
| Process File: explore or explore.exe
| Process Name: GRAYBIRD.G virus
|
| http://www.symantec.com/avcenter/ven...plore.zip.html
| http://www.liutilities.com/products/...brary/explore/
|
| Many thanks

Please submit a sample of "explore.exe" to Virus Total --
http://www.virustotal.com/flash/index_en.html
The submission will then be tested against many different AV vendor's scanners.
That will give you an idea what it is and who recognizes it. In addition, unless told
otherwise, Virus Total will provide the sample to all participating vendors.

You can also submit a suspect, one at a time, via the following email URL...
(E-Mail Removed)?subject=SCAN

When you get the report, please post back the exact results.

For removal...

Download MULTI_AV.EXE from the URL --
http://www.ik-cs.com/programs/virtools/Multi_AV.exe

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file. http://www.ik-cs.com/multi-av.htm

Additional Instructions:
http://pcdid.com/Multi_AV.htm


* * * Please report back your results * * *


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm


 
Reply With Quote
 
 
 
 
Keith (Southend)
Guest
Posts: n/a
 
      05-08-2006
David H. Lipman wrote:
> From: "Keith (Southend)" <(E-Mail Removed)>


Hello David,

Many thanks for your thorough reply. I'm familiar with Multi_AV.exe, we
got it working before some months ago when I was having some problems. I
need to install it again as I made some additions to my PC last
Christmas and now run Windows XP Pro off a SATA Hard Disk.

AVG has just finished a scan and found nothing, also TCPView is no
longer listing explore.exe, like it was yesterday evening, so atm I have
nothing to send. However, if it returns I will send it to Virus Total
and also run Multi-AV.exe (Sophos/Trend etc).

As an aside...

I must add, I have been plagued with timing problems and had to set up
some manual timings some time ago, infact I had to 'tweak' things again
after microsofts last update, I was always suspicious that my Abit an8
Mo-bo had some issues with a previous update on SP2 of XP. It maybe they
have addressed this one and hence the following patch started it off
again, but I'm guessing.

http://www.dozleng.com/updates/calen...&eventid=25595

http://support.microsoft.com/kb/900485
<snip>
CAUSE
This problem occurs because of a timing issue.
<snip>

Many thanks for your help once again.

Keith (Southend)
http://www.southendweather.net
 
Reply With Quote
 
David H. Lipman
Guest
Posts: n/a
 
      05-08-2006
From: "Keith (Southend)" <(E-Mail Removed)>

| David H. Lipman wrote:
>> From: "Keith (Southend)" <(E-Mail Removed)>

|
| Hello David,
|
| Many thanks for your thorough reply. I'm familiar with Multi_AV.exe, we
| got it working before some months ago when I was having some problems. I
| need to install it again as I made some additions to my PC last
| Christmas and now run Windows XP Pro off a SATA Hard Disk.
|
| AVG has just finished a scan and found nothing, also TCPView is no
| longer listing explore.exe, like it was yesterday evening, so atm I have
| nothing to send. However, if it returns I will send it to Virus Total
| and also run Multi-AV.exe (Sophos/Trend etc).
|
| As an aside...
|
| I must add, I have been plagued with timing problems and had to set up
| some manual timings some time ago, infact I had to 'tweak' things again
| after microsofts last update, I was always suspicious that my Abit an8
| Mo-bo had some issues with a previous update on SP2 of XP. It maybe they
| have addressed this one and hence the following patch started it off
| again, but I'm guessing.
|
| http://www.dozleng.com/updates/calen...&eventid=25595
|
| http://support.microsoft.com/kb/900485
| <snip>
| CAUSE
| This problem occurs because of a timing issue.
| <snip>
|
| Many thanks for your help once again.
|
| Keith (Southend)
| http://www.southendweather.net

OK Keith. I thought your posting name was familiar.

If and when you find EXPLORE.EXE, I'd like to see that Virus Total report.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm


 
Reply With Quote
 
Keith (Southend)
Guest
Posts: n/a
 
      05-08-2006
David H. Lipman wrote:

>
> OK Keith. I thought your posting name was familiar.
>
> If and when you find EXPLORE.EXE, I'd like to see that Virus Total report.
>


Multi_AV installed smoothly and all the downloads (Sophos/Trend etc)
downloaded fine. I'm just running 'kavdos32.rar' as that's new since I
last installed Multi_AV, just scanning c: drive on this occasion.

Excellent utility David.

Thanks
--
Keith (Southend)
http://www.southendweather.net
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
virus or not virus Dangermouse Computer Support 5 10-13-2005 01:57 PM
SWsoft Acronis Disk Director Suite 9.0 Build 508, Acronis OS Selector 8.0 Build 917, Acronis Partition Expert 2003 Build 292, Acronis Power Utilities 2004 Build 502, F-SECURE.ANTI vIRUS.PROXY v1.10.17.WINALL, F-SECURE.ANTI vIRUS v5.50.10260 for CITRI vvcd Computer Support 0 09-25-2004 01:38 AM
Virus in virus? DS Computer Support 3 02-08-2004 09:30 AM
Virus, Virus, Virus..... Phil B Computer Support 2 09-22-2003 05:02 PM



Advertisments