Your computer is infected with malicious software? Do you have pop-ups on your PC?
If so, search this blog for removal instructions or browse computer threats by category.

Sunday, December 4, 2011

Winxn.exe Process Information

Tell your friends:
winxn.exe has been identified as a threat. The malicious file runs either from %WinDir% or %Temp% folders and it's not a genuine Windows system file. winxn.exe downloads additional malicious files from the Internet, rogue security programs most of the time but it may download keyloggers, rootkits and other malware as well. Usually, it's detected as Trojan Generic or Trojan-Downloader, unfortunately, only few were actually able to detect it. If your computer is infected with this Trojan, you should immediately run anti-malware software. If you need help removing this Trojan from your computer, please leave a comment below.

This is a harmful program. To remove winxn.exe, please scan your computer with anti-malware software.

Security Rating: Dangerous

%WinDir% is a variable that refers to the Windows folder in the short path form.
  • C:\Windows
%Temp% is a variable that refers to the temporary folder in the short path form.
  • C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows 2000/NT/XP)
  • C:\Users\[UserName]\AppData\Local\Temp\ (Windows 7)
Share this information with your friends:


Anonymous said...

I can't use the restore to factory and my gateway keeps popping up a windows 7 screen and I can't even use it now please help

Anonymous said...

i got this virus today and i found the best way to find it was to go first to the bottom right corner of ur screen click the arrow and hit customize and find the win 7 mine was called something wierd then go to task manger and look for the process with the same name it will show u the .exe if u cant open anything right-click and run as admin.
more details; I was able to successfully remove the virus. You can launch the applications through "Run as Administrator" mode. So this is what I did:
1. Click on the small white up-arrow in the system tray, which is next to the clock and volume icons. Go to "customize" option. Here, you can see one of the entries as "Win 7 Security" or something in italics, and another name (process name) right above it.
2. Go to C:\Windows\System32 , and right-click on taskmgr.exe and click on "run as administrator".
3. Once taskmanager opens up, look for a 3-letter .exe file, and the description column with the process name you got in step 1. In my case, it was pqm.exe with "Microsoft directPlay…" process name.
4. Right click on the process and get the file location.
5. Kill the process and go to the file location, and delete it.
6. Re-start the laptop and press F8. You would get a repair option. Use this option to get to System restore utility and restore the system to an earlier date prior to virus attack.
7. You should be good now.