I seemed to have caught a nasty and friggen persistant virus, happened in the day between reinstalling windows and downloading my Av software any way I thought antivir and malwarebits cleaned it but it kept coming back. Tried nod32 and it picked up a vew extra things but a day latter it has poped up again, I believe I have tracked it down as explorer crashed in safe mode, 3 times before I gave up. So I killed explorer in taskmanager and straight away C:\ProgramData\Microsoft\Secure\Icons\iconscachehelper.dll apeared and was cleaned by nod32 straight away, killed taskmanager again and started and it appeared again. There is a file in C:\ProgramData\Microsoft\Secure\Icons\ called SecureIconsProvider.dll that can't be deleted. I can't find any info about this file but it can't be deleted because it is open in windows explorer. It says it is a microsoft dll but the details says it's original filename was SecureOverlay.dll hmmm does anyone have a file called SecureIconsProvider.dll in C:\ProgramData\Microsoft\Secure\Icons and what is it's size? Should I delete it in command prompt after killing explorer? Or am I playing wack a mole?
tl/dr
C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll anyone have this file in windows 7 and what is it's size please.
* Thanks, I went ahead a moved it to a different folder after ending explorer and that other dll didn't appear when I restarted explorer. There is very little information about SecureIconsProvider.dll and on virustotal only AhnLab-V3 picked it up as a Trojan/Win64.Sathurbot although RogueKiller says it is suspicious, nod32 and antivir both say it is clean. Will run a boot disk scan but if it comes back a reinstall looks like the only way to go. Thanks,
tl/dr
C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll anyone have this file in windows 7 and what is it's size please.
* Thanks, I went ahead a moved it to a different folder after ending explorer and that other dll didn't appear when I restarted explorer. There is very little information about SecureIconsProvider.dll and on virustotal only AhnLab-V3 picked it up as a Trojan/Win64.Sathurbot although RogueKiller says it is suspicious, nod32 and antivir both say it is clean. Will run a boot disk scan but if it comes back a reinstall looks like the only way to go. Thanks,