explore.exe ? GRAYBIRD.G virus

Discussion in 'Computer Security' started by Keith (Southend), May 8, 2006.

  1. I noticed on TCPView yesterday that I had a process 'explore.exe'
    running. Also I have AVG scan my computer at 1am every morning yet the
    last scan never completed and I noticed the computer had 'crashed /
    re-started' I've done a search on this one and am currently running AVG
    manually as the process is no longer listed in TCPView, was just
    wondering if I should do anything else to be sure I have cleared this
    'virus' assuming that's what it is?

    Process File: explore or explore.exe
    Process Name: GRAYBIRD.G virus


    http://www.symantec.com/avcenter/venc/data/worm.explore.zip.html
    http://www.liutilities.com/products/wintaskspro/processlibrary/explore/

    Many thanks
    --
    Keith (Southend)
    http://www.southendweather.net
     
    Keith (Southend), May 8, 2006
    #1
    1. Advertising

  2. From: "Keith (Southend)" <>

    | I noticed on TCPView yesterday that I had a process 'explore.exe'
    | running. Also I have AVG scan my computer at 1am every morning yet the
    | last scan never completed and I noticed the computer had 'crashed /
    | re-started' I've done a search on this one and am currently running AVG
    | manually as the process is no longer listed in TCPView, was just
    | wondering if I should do anything else to be sure I have cleared this
    | 'virus' assuming that's what it is?
    |
    | Process File: explore or explore.exe
    | Process Name: GRAYBIRD.G virus
    |
    | http://www.symantec.com/avcenter/venc/data/worm.explore.zip.html
    | http://www.liutilities.com/products/wintaskspro/processlibrary/explore/
    |
    | Many thanks

    Please submit a sample of "explore.exe" to Virus Total --
    http://www.virustotal.com/flash/index_en.html
    The submission will then be tested against many different AV vendor's scanners.
    That will give you an idea what it is and who recognizes it. In addition, unless told
    otherwise, Virus Total will provide the sample to all participating vendors.

    You can also submit a suspect, one at a time, via the following email URL...
    mailto:?subject=SCAN

    When you get the report, please post back the exact results.

    For removal...

    Download MULTI_AV.EXE from the URL --
    http://www.ik-cs.com/programs/virtools/Multi_AV.exe

    To use this utility, perform the following...
    Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
    Choose; Unzip
    Choose; Close

    Execute; C:\AV-CLS\StartMenu.BAT
    { or Double-click on 'Start Menu' in C:\AV-CLS }

    NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
    FireWall to allow it to download the needed AV vendor related files.

    C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
    This will bring up the initial menu of choices and should be executed in Normal Mode.
    This way all the components can be downloaded from each AV vendor's web site.
    The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

    You can choose to go to each menu item and just download the needed files or you can
    download the files and perform a scan in Normal Mode. Once you have downloaded the files
    needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
    during boot] and re-run the menu again and choose which scanner you want to run in Safe
    Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

    When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
    file. http://www.ik-cs.com/multi-av.htm

    Additional Instructions:
    http://pcdid.com/Multi_AV.htm


    * * * Please report back your results * * *


    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    http://www.ik-cs.com/got-a-virus.htm
     
    David H. Lipman, May 8, 2006
    #2
    1. Advertising

  3. David H. Lipman wrote:
    > From: "Keith (Southend)" <>


    Hello David,

    Many thanks for your thorough reply. I'm familiar with Multi_AV.exe, we
    got it working before some months ago when I was having some problems. I
    need to install it again as I made some additions to my PC last
    Christmas and now run Windows XP Pro off a SATA Hard Disk.

    AVG has just finished a scan and found nothing, also TCPView is no
    longer listing explore.exe, like it was yesterday evening, so atm I have
    nothing to send. However, if it returns I will send it to Virus Total
    and also run Multi-AV.exe (Sophos/Trend etc).

    As an aside...

    I must add, I have been plagued with timing problems and had to set up
    some manual timings some time ago, infact I had to 'tweak' things again
    after microsofts last update, I was always suspicious that my Abit an8
    Mo-bo had some issues with a previous update on SP2 of XP. It maybe they
    have addressed this one and hence the following patch started it off
    again, but I'm guessing.

    http://www.dozleng.com/updates/calendar.html&code=showevent&eventid=25595

    http://support.microsoft.com/kb/900485
    <snip>
    CAUSE
    This problem occurs because of a timing issue.
    <snip>

    Many thanks for your help once again.

    Keith (Southend)
    http://www.southendweather.net
     
    Keith (Southend), May 8, 2006
    #3
  4. From: "Keith (Southend)" <>

    | David H. Lipman wrote:
    >> From: "Keith (Southend)" <>

    |
    | Hello David,
    |
    | Many thanks for your thorough reply. I'm familiar with Multi_AV.exe, we
    | got it working before some months ago when I was having some problems. I
    | need to install it again as I made some additions to my PC last
    | Christmas and now run Windows XP Pro off a SATA Hard Disk.
    |
    | AVG has just finished a scan and found nothing, also TCPView is no
    | longer listing explore.exe, like it was yesterday evening, so atm I have
    | nothing to send. However, if it returns I will send it to Virus Total
    | and also run Multi-AV.exe (Sophos/Trend etc).
    |
    | As an aside...
    |
    | I must add, I have been plagued with timing problems and had to set up
    | some manual timings some time ago, infact I had to 'tweak' things again
    | after microsofts last update, I was always suspicious that my Abit an8
    | Mo-bo had some issues with a previous update on SP2 of XP. It maybe they
    | have addressed this one and hence the following patch started it off
    | again, but I'm guessing.
    |
    | http://www.dozleng.com/updates/calendar.html&code=showevent&eventid=25595
    |
    | http://support.microsoft.com/kb/900485
    | <snip>
    | CAUSE
    | This problem occurs because of a timing issue.
    | <snip>
    |
    | Many thanks for your help once again.
    |
    | Keith (Southend)
    | http://www.southendweather.net

    OK Keith. I thought your posting name was familiar.

    If and when you find EXPLORE.EXE, I'd like to see that Virus Total report.

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    http://www.ik-cs.com/got-a-virus.htm
     
    David H. Lipman, May 8, 2006
    #4
  5. David H. Lipman wrote:

    >
    > OK Keith. I thought your posting name was familiar.
    >
    > If and when you find EXPLORE.EXE, I'd like to see that Virus Total report.
    >


    Multi_AV installed smoothly and all the downloads (Sophos/Trend etc)
    downloaded fine. I'm just running 'kavdos32.rar' as that's new since I
    last installed Multi_AV, just scanning c: drive on this occasion.

    Excellent utility David.

    Thanks
    --
    Keith (Southend)
    http://www.southendweather.net
     
    Keith (Southend), May 8, 2006
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. greg

    help! explore failed to load question

    greg, Jul 5, 2003, in forum: Computer Support
    Replies:
    2
    Views:
    549
    °Mike°
    Jul 6, 2003
  2. Denise Myers

    help - problems with Internet access/explore

    Denise Myers, Jul 16, 2003, in forum: Computer Support
    Replies:
    3
    Views:
    559
    °Mike°
    Jul 17, 2003
  3. Explore.exe problem

    , Sep 18, 2006, in forum: Computer Information
    Replies:
    0
    Views:
    367
  4. tractor37142
    Replies:
    1
    Views:
    414
    ProfGene
    Jun 13, 2006
  5. Muse Gruppes

    jobseekertool.exe/ntos.exe virus/phisher

    Muse Gruppes, Jan 11, 2007, in forum: Computer Support
    Replies:
    7
    Views:
    1,075
    Walter Mautner
    Jan 13, 2007
Loading...

Share This Page