-
WINSOCK.EXE Information
This is an undesirable program.
This file has been identified as a program that is undesirable to have running on your computer. This consists of programs that are misleading, harmful, or undesirable.
If the description states that it is a piece of malware, you should immediately run an antivirus and antispyware program. If that does not help, feel free to ask us for assistance in the forums.
-
Name
win defender run
-
Filename
winsock.exe
-
Command
C:Users
AppDataRoamingSubDirwinsock.exe -
Description
Added by a information-stealing malware, likely the QuasarRat malware. It should be removed immediately, and as this malware steals passwords, you should change your passwords at the sites you visit. -
File Location
%AppData%SubDir
-
Startup Type
This startup entry is started automatically from a Run, RunOnce, RunServices, or RunServicesOnce entry in the registry.
-
HijackThis Category
-
Note
%AppData% refers to the current users Application Data folder. By default, this is C:Documents and Settings
Application Data for Windows 2000/XP. For Windows Vista and Windows 7 it is C:Users AppDataRoaming. - This entry has been requested 8 times.
Disclaimer
It is assumed that users are familiar with the operating system they are using and comfortable
with making the suggested changes. BleepingComputer.com will not be held responsible if
changes you make cause a system failure.
This is NOT a list of tasks/processes taken from Task Manager or
the Close Program window (CTRL+ALT+DEL) but a list of startup applications,
although you will find some of them listed via this method. Pressing CTRL+ALT+DEL identifies programs
that are currently running – not necessarily at startup.
Therefore, before ending a task/process via CTRL+ALT+DEL just because it has an “X” recommendation,
please check whether it’s in MSCONFIG or the registry first.
An example would be “svchost.exe” – which doesn’t appear in either under normal conditions but does via CTRL+ALT+DEL.
If in doubt, don’t do anything.