How to Remove “resrcmon.exe”

What is resrcmon.exe?

Originally developed by Microsoft Corporation, resrcmon.exe is a legitimate file process. This process is known as Cluster Resource Monitor and it belongs to Windows Operating System. It is located in C:\Windows\System32 by default.
resrcmon.exe virus is created when malware authors write virus files and name them after resrcmon.exe with an aim to spread virus on the internet.

Affected Platform: Windows OS

How to check if your computer is infected with resrcmon.exe malware?

If your system is affected by resrcmon.exe malware, you will notice one or several these symptoms:

  • resrcmon.exe occupies an unusually large CPU memory
  • Erratic internet connection
  • Your browser is bombarded with annoying popup ads
  • Computer screen freezes
  • PC's processing speed suffers
  • You are redirected to unknown websites

To pinpoint the virus file location, take the following steps:

Step 1: Press CTRL+ALT+DEL keys at once to open Task Manager.

Step 2: If you notice the file located outside C:\Windows\System32, you should run an antivirus scan to get rid of the malware.

How to remove resrcmon.exe malware from system using Comodo Cleaning Essentials?

You can either choose to remove resrcmon.exe and other malwares using Comodo Antivirus, or Comodo Cleaning Essentials (CCE) – both of which are absolutely free to download! CCE is a set of computer security tools designed to help you identify and remove malwares and unsafe processes from an infected computer.

To remove malwares using CCE, take the following steps:

1. Check the system requirements and download the feature-rich CCE suite for free.

2. After installation, choose the type of scan you want to perform. CCE offers 3 scan options to get rid of malwares from a PC:

  • Smart Scan: Does a scan on critical areas of your system.
  • Full Scan: Does a complete scan of your system.
  • Custom Scan: Does a scan only on selected items.

The process to initiate the above mentioned scans are self-explanatory and thus, easy-to-use. 
Additionally, it's recommended that you approve of any updates that the CCE will prompt you about to ensure it does a better job of identifying all the latest threats.

3. Click 'Next' to view the results.
Regardless of the type of scan you choose, the results will sometimes show false positive (flagging files that are actually safe), which has to be ignored. Only select the files you want to get rid of.

4. Click 'Apply' to apply the selected operations to the threats. The selected operations will be applied.

12

Malware Entries

First Seen: 06 November 2010 at 9:35 pm
No. Company File Type SHA1 MD5 Malware
Name
Digitally
Signed
File
Version
Product
Version
Submitted
From
Malware Behavior
1 Microsoft Corporation Executable a07724fff9efb57a
dee866c507e5871e
d833fb36
d7b1229327c02d78
177d8ab2f0bfcc85
MalCrypt.Ind
us!
No 5.2.3790.3
959
(srv03_sp2
_rtm.07021
6-1710)
5.2.3790.3
959
Russian Federation N/A
2 Microsoft Corporation Executable c8377bf526e37012
96936b4a3c9b88ab
26375a71
357099a72b7e9912
2eff6c72815294bf
Virus.Win32.
Parite.gen
No 5.2.3790.0
(srv03_rtm
.030324-20
48)
5.2.3790.0 Taiwan N/A
3 Microsoft Corporation Executable a98ceae41ffcce5e
fdcade913a1331cd
1576465d
0eb4892ad686ee2f
975443c174524282
Virus.Win32.
Parite.gen
No 5.2.3790.3
959
(srv03_sp2
_rtm.07021
6-1710)
5.2.3790.3
959
Taiwan N/A
4 Microsoft Corporation Executable 6da02890760991ee
cafc6a519ccefc70
da254e0b
329d336c00d3aab6
43f9df9987f81aa6
MalCrypt.Ind
us!
No 5.2.3790.1
830
(srv03_sp1
_rtm.05032
4-1447)
5.2.3790.1
830
Russian Federation N/A
Display 4 items per page
  • 4 items per page
  • 8 items per page
  • 16 items per page
  • 32 items per page
23

Safe Entries

First Seen: 17 June 2008 at 5:30 pm
No. Company File Type SHA1 MD5 Digitally
Signed
File
Version
Product
Version
Submitted
From
1 Microsoft Corporation Executable 106e6624fa99d8f5
f3e900ab54918bc0
7ca8c60c
7b929228e5fb60c5
e7167e129253cae9
No 5.00.2195.
2104
5.00.2195.
2104
France
2 Microsoft Corporation Executable bfa2e09ec3423685
cb905a484b1e13d8
6eab36f3
d030e88cebc6a9a6
e19d784463e0022d
No 5.00.2195.
6824
5.00.2195.
6824
Internal Submission
3 Microsoft Corporation Executable 9fdfec37c4f239e9
0963039afa7343a3
70caa6ad
868e7d599d48e026
040956431e9e1723
No 5.2.3790.3
959
(srv03_sp2
_rtm.07021
6-1710)
5.2.3790.3
959
10.224.1.115/32
4 Microsoft Corporation Executable 4019688c347de04b
1a3fe2a4796edadf
9eda320c
N/A No 5.2.3790.1
830
(srv03_sp1
_rtm.05032
4-1447)
5.2.3790.1
830
Ukraine
Display 4 items per page
  • 4 items per page
  • 8 items per page
  • 16 items per page
  • 32 items per page
 
Exclusive Offer
Get Free Endpoint Protection
Get Advanced
Endpoint
Protection

Award-Winning Security to Protect Your Clients from Cyber Attacks

Comodo Internet Security Pro

Free Antivirus protection from hackers! Get the ultimate Antivirus solution to keep your PC clean and to remove viruses from a slow or infected PC. Improve the PC performance at home or use it on-the-go!

Get Comodo Internet Security Comodo Internet Security