HCL (hindustan computers limited) is the name of the computer/netbook manufacturer..i just purchased it recently..interestingly malwarebyte also flagged it when i did a full scan with it,so i ignored it then as well..i think this is the hcl file because of the icon..i use internet sparingly and that only for work and the netbook is new (bought like 15 days back)..i really cant see how it got infected so soon??? :/
i've submitted the file to virus lab..should i zip it and put it up here also or is it sufficient?
It isn't that it could become infected so soon, but what it actually does and why it is a hidden process. These are questions that you will have to address to HCL telling them about the avast and MBAM alerts on their file.
The name is really a bad choice as in itself I would have been suspicious already before any alert as it is too close to regular system file names, a common tactic of malware creators. Add to that they placed it in the system32 folder also a common tactic of malware creators. Then add the google hits about the explore.exe being highly associates with malware.
So you need some plain answers from HCL as to exactly what it does and why it is needed and why some anti-virus/malware applications consider it at the very least suspicious if not infected.
No need to attach it, we don't want the forums become a possible malware distribution center and you never know we don't want the forums alerting on an uploaded file (you can't attack zip files anyway).
~~~~
You could also check the offending/suspect file at:
VirusTotal - Multi engine on-line virus scanner and
report the findings here the URL in the Address bar of the VT results page. You can't do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.
Create a folder called
Suspect in the
C:\ drive. Now exclude that folder in the
File System Shield, Expert Settings, Exclusions, Add, type (or copy and paste)
C:\Suspect\* That will stop the File System Shield scanning any file you put in that folder.