Computer Viruses
Microsoft Windows
Windows XP
Windows 95

In what directory should Explorer be located in Windows XP SP2 and how can you tell if it is the real one or malware?

107108109

Top Answer
User Avatar
Wiki User
2007-12-29 13:14:14
2007-12-29 13:14:14

It should be located in the /windows directory. The only truly effective way to determine if it is the real one is to compare the MD5 or SHA1 hash of a valid one to the same hash of the one on your system.

1
๐Ÿ™
0
๐Ÿคจ
0
๐Ÿ˜ฎ
0
๐Ÿ˜‚
0

Related Questions

User Avatar

The associated files of Malware Protection to be deleted are listed below:%UserProfile%\Application Data\Malware Protection%UserProfile%\Application Data\Malware Protection\cookies.sqlite%UserProfile%\Desktop\Malware Protection.lnk%UserProfile%\Start Menu\Malware Protection.lnk%UserProfile%\Application Data\Malware Protection\Instructions.ini%UserProfile%\Start Menu\Programs\Malware Protection.lnk%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware Protection.lnkC:\Documents and Settings\All Users\Application Data\23077d\CB130_287.exeThe registry entries of Malware Protection that need to be removed are listed as follows:HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "4" = "avgnt.exe"HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "3" = "egui.exe"HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "2" = "ekrn.exe"HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "15" = "avgwdsvc.exe"HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "14" = "avgcmgr.exe"HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "13" = "avgchsvx.exe"HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "12" = "avgemc.exe"HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "11" = "avgcfgex.exe"HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "9" = "avgtray.exe"HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "8" = "avgui.exe"HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "7" = "avgfrw.exe"HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "6" = "avscan.exe"HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "10" = "avgscanx.exe"HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "5" = "avcenter.exe"HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "0" = "msseces.exe"HKCU\Software\Microsoft\Windows\CurrentVersion\Run "Best Malware Protection"creat by pcfixessupport.com

User Avatar

Generally, taskeng.exe is not a virus. It's a component of the Windows Task Scheduler subsystem. If the file is located in the system32 directory it's a legitimate part of the OS. If it's elsewhere on your system, it could be malware masquerading as a legitimate Windows component.

User Avatar

Which version of Internet Explorer are you using? You can check your current version in the menu: Help > About Internet Explorer Verify that you have the latest version of Windows Internet Explorer which is currently Windows Internet Explorer 8. If updating does not help, or if you already have the latest version of Windows Internet Explorer installed, check for spyware (using free tools like AdAware). Chances are your browser got hijacked by malware. Also, make sure your computer has all the latest updates released through Windows Updates. If nothing helps, you might want to get another browser. There are plenty of browser out there such as Opera, Firefox, Safari and many more.

User Avatar

A JavaScript may be written with malicious intent. Script malware makes use of Microsoft's Windows Scripting Host (WSH). WSH is a Windows administration tool that makes objects and services available for various scripts and provides a set of guidelines within which the script is executed. It allows remote malicious users to run scripts from the Windows desktop, Windows Explorer, and Windows command prompt. WSH cannot distinguish between malicious and non-malicious script. Double-clicking on a script malware file will cause the malware to run its main action and payload, thus infecting the system.

User Avatar

user accounts, windows firewall, automatic updates, and malware

User Avatar

no its a file that vista and windows 7 needs to not have bsods on startup

User Avatar

With AVG virusscanner Good Luck, Jahewi :-) Bispy might be in a directory that has a .exe extension on it, with a colon (:) on the end, which screws up Windows' ability to see that directory. Scan the computer with AVG (Norton and Symantec won't even find Bispy), and AVG will tell you what directory the virus is in. In my case, it was in c:\windows\system32\biview.exe:\ Because of the weird name for that directory, Windows Explorer couldn't even see that directory, and so couldn't remove it. Record the path to the virus on a piece of paper, then boot into Safe Mode. Start up a DOS box (Start >> Run >> type 'Command' >> Click 'OK') Change the directory in the DOS box to the directory directly above the directory holding the virus (in my case, it'd be C:\windows\system32\), then rename the weirdly named folder so it no longer has the .exe extension or the colon (:) on it. After that, remove the directory to get rid of the virus, and do another virus scan with AVG. You need to run these 5 essential steps to remove all the spyware on your computer. 1. Run Deckard's System Scanner (DSS) 2. Run Malwarebytes Anti-Malware 3. Run the anti spyware removal programs spybot 4 Run Superantispyware 5. Run a complete scan with free curing utility Dr.Web CureIt! Install threat fire which will enhance your antivirus protection

User Avatar

Some common ways of malware in order to infiltrate one's Windows computer is by having someone download a file that has a virus and downloading a form of spyware.

User Avatar

Windows Defender is a software which is from Microsoft. Specifically, it is anti-spyware software, which protects your computer from spyware and malware infections. In Windows 8, Windows Defender has been upgraded to an antivirus.

User Avatar

It sounds like you have a malware issue. It would be a good idea to run a malware scan on your computer to see what is causing the program to open with no reason.

User Avatar

Both MAC Snow Leopard and Windows 7 have mainstream 64-bit computing. They both contain anti-malware components, providing protection against malware, phising, and scripting attacks.

User Avatar

Windows 7 doesn't really compare to Windows Vista. However, Windows 7 is way better than Windows Vista, because it doesn't have any bugs, viruses, malware, spyware, etc. and it is much, much faster.

User Avatar

Which security feature in Windows 7 prevents malware by limiting user privelege levels

User Avatar

No, not yet. They do get a very low percentage of malware/spy-ware tho. It's rare but does happen. So you should still use a (free) malware/virus program just to be safe. Mac's can still pass on virus's to Windows machines so most Mac Malware programs do search Mac files for Windows Virus executable's.

User Avatar

Malware is short for 'malicious software'. There are many versions of anti-malware or anti-virus programmes that can protect your PC, including some available free to download from the Internet. An example of this is Microsoft Security Essentials, which works for Microsoft Windows.

User Avatar

No there are Linux malware in the wild. However, there are fewer when compared to Windows and access to the operating system is more difficult than it is for Windows.

User Avatar

Absolutely not. That would be both illegal and possibly put you at increased risk of being infected with malware.

User Avatar

It's malware hidden in the windows/system32 folder. It is a good idea to remove stuff like this from your machine.

User Avatar

It sounds like you may be experiencing malware. Go to a friend's house and download malwarebytes(look it up on Google) onto a disk and take it home. Install and run. You may have had your computer sustain too much damage from the malware, so afterwards if things don't start working you may have to do a clean install of Windows.

User Avatar

Explorer uses ActiveX which allows Web pages to execute program code on your machine - and there's no way for you to know ahead of time whether that code is harmless or a malicious attack on your computer.Because Internet Explorer is the most popular browser so people send malware to it more often than other lesser popular browsers. LPCAlso Internet explorer is closely integrated with windows components

User Avatar

Active X controls are closely integrated with windows components, making it easier for malware writters to attack your windows

User Avatar

The file lassas.exe is a critical system file in Windows. It is not a good idea to remove it. However, some malware will mimic it. Use quality malware removal software to find and quarantine the infection.

User Avatar

If you mean Malware, then it is malicious software made by hackers to steal information or mess up your computer. But beware never trust a website saying you have malware. Usually they are malicious websites themselves. Only use windows software or virus scanning software that you have paid for to look for malware.

User Avatar

Yes. No operating system is 100% safe from viruses. Vista is one of the safest however. Windows Security Center, Windows Defender, and Windows Firewall, and User Account Control (UAC) are four of the ways in which Vista protects itself from malware.


Copyright ยฉ 2020 Multiply Media, LLC. All Rights Reserved. The material on this site can not be reproduced, distributed, transmitted, cached or otherwise used, except with prior written permission of Multiply.