Is this a windows 7 file? I tried to google it and found it can be a trojan (I find unlikely... I don't usually get any viruses) I also found matches to some sort of win 7 crack??? I just downloaded the RC off microsoft website and upgraded my vista. I have no idea how it got there In the properties tab it says the original name is project1.exe I have ended it in task manager but I'm not comfortable removing from system32 until I know for sure that it is indeed spyware of sorts. Also... uh.. removal instructions would be great too :) Thanks alot :D

It's a trojan, get rid of it. Download the free Malwarebytes' Anti-Malware from http://www.malwarebytes.org/ If that doesn't remove it, get the free SAS, here http://www.superantispyware.com/

Thanks for the confirmation, I removed it manually. For future reference, here is pretty much the only information I found on it exactly http://www.threatexpert.com/report.aspx?md5=3d70abd036ca8f86cf1d0391a07e77a2 I did not get any attachments in emails so I am not sure exactly how this got on my system but I found the affected files and removed them. In the socklink text document was written "http://xvidcodecs.org/sd3/submit.php" So is this telling me that I got it from the xvid codec pack? Thanks again :) edit: Malwarebytes did not detect it. Kapersky online scanner did but of course no removal option online. I found the files in: Windows\System32\Socks.exe Windows\System32\socklink.txt Users\"username\AppData\Local\Temp\hi.bat [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] WinsysMon = "System32\Socks.exe" I deleted said files and registry entry and all appears fine :)

I'm glad you sorted it out.That hi.bat in the Temp folder looks likea possibletrigger.

Wow that looks spooky lol ,feel glad too you removed it!!!.txt looks like settings and instructions for its actions!prolly socks.exe would be in the system start up when you login windows!Nice Suppra_Girl :DRR

socks.exe is a virus.hi.bat is also a virus... as mentioned its in the user account, local setting temp folder... also check your start, programs, startup... make sure server.exe in NOT there also... end task on it and then deletemsconfig to stop the start up also.. use spybot s&d and malwarebytes to clean up after.if helps..C.