Jump to content

Recommended Posts

I am using windows xp with all the latest updates posted. I am also using Avast anti viruse. Avast has alerted me to a suspicious file titled: c:\windows\system32\process.exe, type: rootkit:hidden process . Unfortunately Avast is unable to remove the file. The virus/malware/wahtever it is hijacks the programs I attempt to open by opening a window titled Windows Installer. I cannot proceed with opening the program until this Windows Installer drops off the screen. I have tried all of the following with negative results: Avast, Adaware, Smit Fraud, Super anti spyware, McAfee Rootkit Detective, Trend, Malware Bytes.

I really need some help in eliminating this infection as soon as possible.

Thanks to all

Link to post
Share on other sites

To get rid of Process.exe, open Malwarebytes' Anti-Malware, click the "More Tools" tab, click the "Run Tool" button for FileASSASIN. This tool should schedule a delete on the next reboot.

I also recommend that you read these instructions, and then post your logs in the Malware Removal - HijackThis Logs forum. One of our experts will be able to help you get cleaned up.

Link to post
Share on other sites

http://www.threatexpert.com/files/process.exe.html

http://www.bleepingcomputer.com/startups/p...s.exe-7200.html

I say delete it. If it's part of a legitimate application or driver, then you can reinstall it.

BTW: Can you start Windows up in Safe Mode and save a copy of process.exe to your desktop? It would be nice if this undetected threat could be uploaded to Malwarebytes UploadNET for analysis.

Link to post
Share on other sites

fdimike should follow GT500 post #2 suggestion.

This process.exe may part of SmitFraudFix, as fdimike has stated in using this program.

http://siri.geekstogo.com/SmitfraudFix.php

Note:

process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool". It is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.

http://www.beyondlogic.org/consulting/proc...processutil.htm

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.