Think I found spyware. Should I remove it?

[ipoopfool]

I recently got a spyware on my new computer, and I have boon looking for hours to find out how to remove it without having to pay norton 100 dollars. Now, I got the spyware and I think i found it. I think it is in c:\\windows\\system32\\drivers\\etc\\explorer.exe

a bunch of people think its safe, and more people think its a virus
http://www.google.com/url?sa=t&source=web&ct=res&cd=1&url=http%3A%2F%2Fwww.neuber.com%2Ftaskmanager%2Fprocess%2Fexplorer.exe.html&ei=80k7SZL7IIuueczu3NgG&usg=AFQjCNGKcI6EDu-zbC3jgv2Ms1WEdAx9Ww&sig2=w3Gv2BYGnJ4rvA6vdgMtAQ

 

[ipoopfool]

something's wrong with the text
nvm, it was wierd for a sec

 

[btk1w1]

I wouldn't go removing it just in case it is a legitimate system file.

You can use an online scanner to upload and scan the file for an assessment.

Two of the most widely used online scanners for single files are:

http://www.virustotal.com/
http://virusscan.jotti.org/

They use miltiple anti-virus engines to scan the file for you.

In any case if you do find the file is infected then there will likely be other malware present which call on it to run. The best advice would be to use a malware scanner and let it do the job for you (personally I would download and run it regardless).

A very, very good free malware scanner which has become widely popular is Malwarebytes' Anti-Malware. It is also Vista compatible.

http://www.malwarebytes.org/

The download button is on the left of the page.

 

[ipoopfool]

well, the think is, I can't find the file normally, and only through spyware terminator, and stuff. Now, I do knkow that this is a spyware because I read that any explorer in system32 is not legit and is usually a spyware. Now, removing it is the hard part. I try and try again, but it is either not there when I look or scan or I just can't fix it even with admin permission

 

[btk1w1]

Have you set the folders options to view hidden files?

Start > Control Panel > (Select "Calssic View" on the left) Folder Options > "View" tab at the top of the page. Under "hidden files and folders" make sure the radio button that says "Show hidden files and folders" is selected.

If the file has hidden attributes you should now at least be able to see it.

Now if you wish to scan the file using Jotti or Virustotal just copy and paste the bold line below into the box and submit.

C:\Windows\System32\drivers\etc\explorer.exe

An excellent tool for force deletion of malware files is unlocker.

To use it with Vista you will temporarily have to disable UAC.

"disable UAC globally, go to "Control Panel" then "User Accounts" then again "User Accounts" then "Turn User Account Control" and set it to Off, then restart your computer."

I have linked Unlocker below... Read through the FAQ'a and read what they say about it.

http://ccollomb.free.fr/unlocker/

I can't stress how important it is that you are 100% certain that you are doing the right thing by deleting the file. It could result in error messages at boot up.