What is Procmon.exe?
Procmon.exe is a legitimate file process developed by Sysinternals. This process is known as Process Monitor and it belongs to Sysinternals Utilities. You can locate the file in C:\Program Files. The virus is created by malware authors and is named after Procmon.exe file.
Affected Platform: Windows OS
How to check if your computer is infected with Procmon.exe malware?
Keep an eye for the following symptoms to check if your PC is infected with Procmon.exe malware:
- Unstable internet connection
- Browser redirects to unwanted websites
- PC performance slows down
- Browser is bombarded with hordes of popup ads
- System screen freezes repeatedly
If you find any of the above mentioned symptoms, take the following steps to be sure about the malware infection:
- Press CTRL+ALT+DEL keys to open Task Manager.
- Go to the process tab and right-click on the Procmon.exe file and open its location.
If the file is located outside C:\Program Files, then you should take measures to get rid of the malware.
How to remove Procmon.exe malware from system with Comodo Cleaning Essentials?
Comodo Cleaning Essentials (CCE) incorporates antivirus software with unique features like auto-sandboxing to identify and obstruct every suspicious process running on an endpoint with a single click. To remove Procmon.exe malware using CCE, follow the steps mentioned below:
Step 1: Download the CCE suite.
Step 2: To start the application, double-click on the CCE.exe file.
Step 3: It then probes the antivirus to initiate a full system scan to identify and remove any existing malicious files.
Step 4: If threats are found during the scanning, you will be prompted with an alert screen.
Step 5: Comodo Cleaning Essentials will remove Procmon.exe malware from your computer including all other malwares!
| No. | Company | File Type | SHA1 | MD5 | Malware Name |
Digitally Signed |
File Version |
Product Version |
Submitted From |
Malware Behavior |
|---|---|---|---|---|---|---|---|---|---|---|
| 1 | N/A | Executable | fef106fab1376cdf 5735294389d679db 2f69dab6 |
0ad897fa087fc5fe 7152507308a42583 |
TrojWare.Win 32.Delf.NRJ |
No | N/A | N/A |  102.186.4.192/32 |
N/A |
| 2 | N/A | Executable | 7758bac080f7a693 5330e471d1d1e3d2 a0423255 |
d581f1b7e65a6238 026b22f4739d6929 |
TrojWare.MSI L.Injector.G PA |
No | 1.0.0.0 | 1.0.0.0 |  United States |
N/A |
| 3 | Sysinternals - www.sysinternals.com | Executable | a5f5947f54006644 b654d8ec2aa0dde5 227de9ba |
ef80f437a82b2527 5c99791c6a86d9b1 |
Virus.Win32. Parite.gen |
Yes | 1.37 | 1.37 |  Senegal |
N/A |
| 4 | N/A | Executable | a604a470b152c454 cc4458359b8de203 3127a9cb |
b1da6b5b51e33495 ac48b545719eb957 |
Win32.Neshta .B |
No | N/A | N/A |  Russian Federation |
N/A |
Turkey- 4 items per page
- 8 items per page
- 16 items per page
- 32 items per page
| No. | Company | File Type | SHA1 | MD5 | Digitally Signed |
File Version |
Product Version |
Submitted From |
|---|---|---|---|---|---|---|---|---|
| 1 | Sysinternals - www.sysinternals.com | Executable | c1266cac36f58278 127688bb8f00e1c7 e59678f9 |
db6a5b5cc0f337f3 323c88a115a38fac |
Yes | 3.20 | 3.20 | 10.100.19.18/32 |
| 2 | Microsoft | Executable | 5f0af2f1f5facb53 68f5b923fd06a927 14b62b29 |
918100ad40564ac1 20ac4626371891b9 |
No | 6.1.7600.1 6385 |
6.1.7600.1 6385 |
Internal Submission |
| 3 | Sysinternals - www.sysinternals.com | Executable | e5fa60cb410962ad 572533c8701c8126 85fee0f7 |
d8aebb8dd5f02dab c05ced46884c421c |
Yes | 2.96 | 2.96 | 10.224.1.65/32 |
| 4 | Sysinternals - www.sysinternals.com | Executable | df450c03c492026f 07ca548acdd73906 ebdd7d95 |
f41772ad01b1e1bc d2a4a0e224fb6da0 |
Yes | 2.03 | 2.03 | Internal Submission |
Ukraine
China
India
