Procexp100 infect or false/positive from avast ???

Avast yesterday and today I reported this process with the usual red screen suspicious
Tovo but not 'in the SYS driver folder, not there! positive or false? do?

PROCEXP100.SYS

C: / windows/system32/drivers/procexp100.sys

i not found in drivers folder !!! help

Suspicious does not mean infected…or clean… so you can`t say False Positive or not

Suspicious = tending to cause or excite suspicion; questionable: suspicious behavior. ( http://dictionary.reference.com/browse/suspicious )

Sospettoso = che tende a provocare o eccitare sospetto; discutibile: un comportamento sospetto. ( google translate )

why you cant find the file in that folder…have no idea

Seems this hidden driver is a part of Process Explorer 10 which is now positively ancient, latest version of process explorer is v14.12.

http://blogs.technet.com/b/markrussinovich/archive/2006/03/27/the-case-of-the-mysterious-driver.aspx

Though why it should be running is beyond me, do you have this on your system and is it run on boot (normally this would be a stand alone application) ?

http://technet.microsoft.com/en-us/sysinternals/bb896653

sorry i am not expert… what is this SYS ? i delete or ignore ?

is from windowsw xp or ?

The .sys is the file type and is a system driver.

It isn’t from Windows or XP, that is why I gave you the links to what it is associated with and why I asked how it comes to be running on boot. The association on that procezp100.sys file is from a tool that can check what processes are running on your system, it is called Process Explorer.

I can’t make the decision on Ignore or Delete as I don’t know anything about your system.

ok… i ignore it or ? no expert here ? help me … ::slight_smile: