Question bitcoin minor false positive (with XYplorer)? open-source alternative to malware bytes?

Not open for further replies.


Aug 24, 2015
ok, this is a little long just because i am trying to be clear and avoid having to leave people with only half the information they need to help me. if it is TOO much information, I am sorry...I wrote this in notepad and was going to break it into two posts, but one provides context for the other, so here:

it had been years and my computer really just needed a fresh windows install. no major problem, just the bunch of tiny glitches that, after a couple of years, get annoying enough to have me reset it. running win 7 pro x64 on an hp 6300. yes i know it is old. i am poor; don't judge. anyways, it used to be part of a server system so it was really in great shape and clean and stable since all it had ever really dealt with was a steady transfer stream. it never had to output any video or sound or even take direct inputs. why am i justifying what computer i have? anyways, i did a complete clean reinstall of the OS. and i have just been setting it up kinda slowly (got other machines that need attention also).

i did't get much done after the theming, because i hit a snag when i was installing my file explorer. XYplorer - it helps, I am lost without dual panes. After it installed avast popped up an alert saying it suspected a bitcoin miner. at that time, i just took avasts word for it. i hadnt installed revo yet so i had to uninstall xyplorer using the windows menu. i get kind of ocd and decided i need to roll it back to a restore point before i ever installed xyplorer (i will tell you about the install file later in this post) so that i had nothing to worry about. i hadnt installed revo yet so i had to uninstall xyplorer using the windows menu. but before i rolled it back i wanted to figure out WHY it suspected a bcm. and i wanted to see if i could hunt down anything left over that the scan didn't find.

So, I went looking around. First I ran the most intense avast scan that could be set. it found NOTHING.
i went through my entire system by hand. every file, every folder, checking the properties and actually learning a lot about how windows organizes itself. so i guess that is a plus.
i found a couple of empty folders in the username/appdata/roaming folder that were in an XYplorer folder, and basically the same thing in the program
Found nothing.
Did searches for file names and contents for "XYplorer" and the name of the developer and various other words i had seen associated with the program. I found nothing. i sat back and messed around with a couple programs while i watched my processes and services for anything unusual.
i went to the registry. did the same searches i had done for files. it found i think 2 entries and from what i could tell, they were instructions to use it as a default for opening the file type(s) of the explorers configuration settings - there are a couple of settings export options. the values were empty in both of them and i deleted them.
no issues.
shut down
repeated the file search
and the registry search.
files - nothing at all.
registry also had nothing.
processes and services unaffected. performance doesnt seem hindered, but i didn't benchmark it before. internet works fine (i did switch providers to get a faster plan, though). i have seen no trace of anything associated with the program at all.

can someone tell me a couple of reasons why there might be falso positives on this, if you can think of any?

look, i am going to be honest here, I am using an old install file that is registered to someone else. they shoved their license number into the proper place and basically cracked it. call me an amoral, selfish, greedy, thief, but .... it was a present? i don't have a great excuse for that so i am not even going to insult your intelligence by trying. like I said, I am poor, and I can't afford to get a new license. yes, i said a NEW liscence. i HAVE purchased this explorer before - a very long time ago, and the licesnse wouldn't work on the newest version - i think it goes up to 9? i don't know where my license is and i really cannot afford to buy a new license just because the version has gone up. i don't care about the version, there is no noticeable improvement in the new release that i could see, anyways. also, i don't even know if it would count as a registration bc i bought it for a 32bit system and am now using a 64bit.

so, that is the story of why i am using that file. if you believe me, thank you. if you don't, i get it, and you can yell at me, but before that can someone try and help me figure this out? i am kind of obsessed with figuring it out now. at some point i need the program to work. also, i have the 64bit version and the 32bit version - which would be best to even install? and yeah, i will admit that i have not actually WITNESSED the modifications of the install file, so i won't say that it is IMPOSSIBLE that it's been infected, but it is UNLIKELY....part of the reason i want to know.

i even tore open the .exe on my other system (which, btw is running the same file explorer and avast has no problem with it despite the fact that the settings are actually imported from the first, weird? but i couldn't find anything suspicious in the file. then again i don't entirely know what i am looking for. i've been using computers my whole life but i never slowed down to learn to program in any particular language. but i can read most of them...still, i am not magic and i could have missed something. does anyone know how to rip open a program and check to see if it has any malware (etc) packed in with it?

which brings me to my next point. - i had no idea what to name this post bc it branches out a bit, i'd rather not have to do malware scans by hand. i know malwarebytes is the go to program but does anyone have a good alternative? preferably something open-source? real time scanning is optional, i suppose. I'm getting tired of working with a lot of commercial software atm. I can never afford the full version and it just dumps a bunch of files and registry entries all over my computer. something powerful and light. GUI doesnt have to be pretty, but i think i need more than a command line to work with. everybody tells me not to use combofix, unless i am a professional...what exactly do i need to know to be considered a professional? ideas?

...thanks guys. sorry if it is a stupid question or has been answered,

i couldn't find a post here.

*also...please no norton, mcaffee, panda or kaspersky

UPDATE: I TOTALLY forgot my main point! Does anyone think i really need to use a restore point? or should i just believe that the problem has been taken care of (while i figure out whether or not the install file is infected/which one i should use)? like i said, I am OCD and have this problem with making myself start all the way over with anything that hits even one i overreacting?
Last edited by a moderator:
Not open for further replies.