I recently looked over my processes that were running on my home computer and came across something called “sqlserver.exe”. I did a quick search online for it and was informed that it was a trojan and needed to be removed immediately.
So I ended the process and started up avast to see if it would detect it and remove it. I ran a thorough scan and it didn’t pick it up. Was that because I had ended the process for sqlserver.exe or shouldn’t it have found it anyway?
I always keep my avast up to date. Here’s what I need help with please:
Is sqlserver.exe truly a virus (trojan)?
Why didn’t avast recognize it?
And if this is really a virus, how do I get rid of it?
Send the sample to virus@avast.com zipped and password protected with password in email body and false positive/undetected malware in the subject.
Adding to the chest is possibly the best option, you will probably have to end the process in task manager. Open the avast chest, add the file to the User Files (File, Add) section of the avast chest and send it from there (right click, email to Alwil Software). No need to zip and PW protect when the sample is sent from chest.
I don’t know why it isn’t detected, I’m just an avast user like you, but it may be that as a trojan, it could be Spyware or Adware, whilst avast does detect adware and spyware it doesn’t specialise in that area.
If you haven’t already got this software (freeware), download, install, update and run it, preferably in safe mode.
Actually, I did a little more research and noticed that I made a mistake. It’s not “sqlserver.exe” which is what I did a search on. It’s really “sqlservr.exe” which is a Microsoft thing (http://www.auditmypc.com/process/sqlservr.asp).
So, looks like my defenses are doing their job – I just need to work on my typing.