There is a process Captur~e.exe (full name above) that has somehow entered my system and is hogging my RAM and slowing down the computer drastically as about 95% of the 2 GB is being used. I can't find the Program creating this process through a search so I have to Tremininate the process in the Resource Monitor of Windows 7.
Is this a Trojan? McAfee Security Center has not picked it up in a scan. How can I locate this file and remove it? Any help out there?
Did you download that or was it an option as a part of another download?
Scan your machine with an independant anti-spyware application such as the free version of this tool. Update it before running:Message was edited by: Ex_Brit on 11/13/09 12:23 PM
Thanks for the link to this software. As I have had to reinstall all my software coming from XP to Windows 7, this has obviously been installed at some point unknown to me during the past week. Now to find and remove it. A Search of my C:\ drive using Windows Explorer did not turn up this program so I am presently doing a scan with the Software you have suggested. Back in a bit.
If that doesn't help and you can't find reference to the software anywhere you could try the following:
The registry is an area I am not comfortable editing but may try your suggestion. Having done a search and used 3 different Malware programs, I cannot find this file or the program associated with it.
I am now not sure that this Captur~3.exe file has anything to do with Capture_Express_1.3.exe which is identified here: http://spywarefiles.prevx.com/RRHFAE4655841/CAPTURE_EXPRESS_1.3.EXE.html but it appears to be an unwanted program. I notice that when I terminate the process, it pops right back up again as a process....I can't kill it.
Here is a link to someone else experiencing the same problem http://www.phpfreaks.com/forums/index.php/topic,273312.msg1290908.html#msg1290908
Well you could post a Hijackthis log on one of the following forums along with an explanation and they will probably give some good advice on what to do next.
Do not post the log here, we can't help!
Post the logs at a specialist Forum:
Be sure to read all the sticky announcements/instructions at the top of each malware forum!
Thanks for all this information and there has to be an answer somewhere and I appreciate your helpful suggestions.
I finally found the culprit! It is a file called CaptureBase.exe which is shortened in the System Monitor program to Captur~3.exe and used in the WinTV program from Hauppage for a PCI TV tuner I have installed. I was watching TV on the monitor and when I disabled this process, this program stopped! I then searched the WinTV program files and found 3 files starting with Capture, CaptureBase.exe being one of them.
The day was not a total loss as I learned something new.
Again, thanks for your suggestions and hope others can benefit from what I have discovered.
Well that's good news. There is a way of submitting files that are wrongly identified as malware.
See: http://community.mcafee.com/message/6645#6645 or....
Send a file to Avert Labs for analysis:
Email file to: mailto:firstname.lastname@example.org
When submitting samples via E-mail all samples must be packaged in a .ZIP file. When creating this .ZIP file, it is important to understand that the .ZIP can be no more than 3 megabytes in size and can contain no more than 30 files. Additionally, any .ZIP file created must be password-protected using the password "infected" (minus the ""). Failure to follow these guidelines will cause your submission to be rejected