What is Procmon.exe?
Procmon.exe is a legitimate file process developed by Sysinternals. This process is known as Process Monitor and it belongs to Sysinternals Utilities. You can locate the file in C:\Program Files. The virus is created by malware authors and is named after Procmon.exe file.
Affected Platform: Windows OS
How to check if your computer is infected with Procmon.exe malware?
Keep an eye for the following symptoms to check if your PC is infected with Procmon.exe malware:
- Unstable internet connection
- Browser redirects to unwanted websites
- PC performance slows down
- Browser is bombarded with hordes of popup ads
- System screen freezes repeatedly
If you find any of the above mentioned symptoms, take the following steps to be sure about the malware infection:
- Press CTRL+ALT+DEL keys to open Task Manager.
- Go to the process tab and right-click on the Procmon.exe file and open its location.
If the file is located outside C:\Program Files, then you should take measures to get rid of the malware.
How to remove Procmon.exe malware from system with Comodo Cleaning Essentials?
Comodo Cleaning Essentials (CCE) incorporates antivirus software with unique features like auto-sandboxing to identify and obstruct every suspicious process running on an endpoint with a single click. To remove Procmon.exe malware using CCE, follow the steps mentioned below:
Step 1: Download the CCE suite.
Step 2: To start the application, double-click on the CCE.exe file.
Step 3: It then probes the antivirus to initiate a full system scan to identify and remove any existing malicious files.
Step 4: If threats are found during the scanning, you will be prompted with an alert screen.
Step 5: Comodo Cleaning Essentials will remove Procmon.exe malware from your computer including all other malwares!
| No. | Company | File Type | SHA1 | MD5 | Malware Name |
Digitally Signed |
File Version |
Product Version |
Submitted From |
Malware Behavior |
|---|---|---|---|---|---|---|---|---|---|---|
| 1 | N/A | Executable | e0b0165d0838eb7a 7e9f38a17756de53 52470703 |
3a567ff0b3502d33 bb87b4901f5bc9cd |
Win32.Neshta .A |
No | N/A | N/A |  Ukraine |
N/A |
| 2 | Sysinternals - www.sysinternals.com | Executable | 0303e3e0a3646f83 f1910e6ccc5d5f2c f6aa6e3d |
cd1d76d334a457da da50f14503f3e13d |
Virus.Win32. Floxif.A |
Yes | 2.8 | 2.8 |  Philippines |
N/A |
| 3 | N/A | Executable | fef106fab1376cdf 5735294389d679db 2f69dab6 |
0ad897fa087fc5fe 7152507308a42583 |
TrojWare.Win 32.Delf.NRJ |
No | N/A | N/A |  102.186.4.192/32 |
N/A |
| 4 | N/A | Executable | 3078481f72cd1490 e81dd68e00320065 375fe6f5 |
079e43aa512da87c ee477ce37376d3b2 |
Win32.Neshta .A |
No | N/A | N/A |  Mexico |
N/A |
Senegal
Turkey| No. | Company | File Type | SHA1 | MD5 | Digitally Signed |
File Version |
Product Version |
Submitted From |
|---|---|---|---|---|---|---|---|---|
| 1 | Sysinternals - www.sysinternals.com | Executable | c1266cac36f58278 127688bb8f00e1c7 e59678f9 |
db6a5b5cc0f337f3 323c88a115a38fac |
Yes | 3.20 | 3.20 | 10.100.19.18/32 |
| 2 | Microsoft | Executable | 5f0af2f1f5facb53 68f5b923fd06a927 14b62b29 |
918100ad40564ac1 20ac4626371891b9 |
No | 6.1.7600.1 6385 |
6.1.7600.1 6385 |
Internal Submission |
| 3 | Sysinternals - www.sysinternals.com | Executable | aac406cbcc2a3417 dc493aaaa09541cc ac3cf850 |
e18d11717b70b9c6 cea140b2a7ec5f5e |
Yes | 3.91 | 3.91 | 10.224.25.207/32 |
| 4 | Sysinternals - www.sysinternals.com | Executable | e5fa60cb410962ad 572533c8701c8126 85fee0f7 |
d8aebb8dd5f02dab c05ced46884c421c |
Yes | 2.96 | 2.96 | 10.224.1.65/32 |
United States
China
India
