You may not have known it, but to gain possession of a computer, hackers almost always use a technique called RunPE. This technique involves taking a legitimate process and replacing it with malware directly in memory.
Your Windows machine is thus tricked and treats the malware as a legitimate process. The antivirus thus has no idea that the explorer is no longer a nice news program but that it has turned into a kind of virus.
This technique is widely used today by hackers. RunPE Detector is an analysis tool that takes care of spot and eliminate these suspicious processes with a simple scan of your computer.
Eliminate malicious processes
Download the RunPE Detector program. Unzip the archive and launch it as an administrator (right click in the icon). You will then see all the processes running in the background on your machine. Then do Run Scan. The tool will compare the fingerprints of these processes with "known" fingerprints.
In this example, process # 198800 is suspect. He is named explorer.exe, but it does not have the expected imprint. It is in fact DarkComet which has usurped the identity of Windows Explorer! Clicking on end! You can delete it ...
