If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
OT I still suspect my computer is infected
Sorry for the OT post but I am unaware of an "active" Usenet group for
virus. I use Win7 and F Secure. F Secure reports a clean system, but the "deep guard" has just blocked a program I use called Clipmate. I don't know why F Secure would do that. I scanned the Clipmate folder and then just uninstalled it. F Secure found nothing suspicious, but just having it blocked is suspicious enough for me. I took a screen shot of the task manager. There are 3 files that don't show a description, but searching the net, they have a valid purpose. http://i.imgur.com/mHdrfWU.png Anything about the task manager look suspicious to anyone here? TIA BTW from a web page csrss.exe can be harmful/benign. I tried to do a "properties" on the file and nothing happened. I had to use Explorer to scan for it's location. |
Ads |
#2
|
|||
|
|||
OT I still suspect my computer is infected
Seymore4Head wrote:
Sorry for the OT post but I am unaware of an "active" Usenet group for virus. I use Win7 and F Secure. F Secure reports a clean system, but the "deep guard" has just blocked a program I use called Clipmate. I don't know why F Secure would do that. I scanned the Clipmate folder and then just uninstalled it. F Secure found nothing suspicious, but just having it blocked is suspicious enough for me. I took a screen shot of the task manager. There are 3 files that don't show a description, but searching the net, they have a valid purpose. http://i.imgur.com/mHdrfWU.png Anything about the task manager look suspicious to anyone here? TIA BTW from a web page csrss.exe can be harmful/benign. I tried to do a "properties" on the file and nothing happened. I had to use Explorer to scan for it's location. You can upload files to www.virustotal.com . That site is owned by Google now, as Google bought them. It scans files, but takes a shortcut on the way. If you have a modern enough browser, virustotal computes a checksum and first uploads the checksum. If the checksum matches an existing file, you are shown the "analysis" with no additional work. If the file you submit is "unique", only then does virustotal upload it. Since the bad guys can use that tool as easily as the good guys, chances are a real malware will read out "as clean as a whistle". I suspect what has happened to you, is Fsecure is using the same "reputation" based analysis its competitors use. If a program is not "popular", doesn't have a lot of downloads, then if is "flagged as suspicious". So rather than stuff being tossed because of an actual AV scan, it's being tossed because the name is not in an "approved list". Which is a **** poor way of doing malware checking. As just about everything you download, is now "suspicious" because you downloaded it! Paul |
#3
|
|||
|
|||
OT I still suspect my computer is infected
Seymore4Head writted thus:
Sorry for the OT post but I am unaware of an "active" Usenet group for virus. I use Win7 and F Secure. F Secure reports a clean system, but the "deep guard" has just blocked a program I use called Clipmate. I don't know why F Secure would do that. I scanned the Clipmate folder and then just uninstalled it. F Secure found nothing suspicious, but just having it blocked is suspicious enough for me. I took a screen shot of the task manager. There are 3 files that don't show a description, but searching the net, they have a valid purpose. http://i.imgur.com/mHdrfWU.png Anything about the task manager look suspicious to anyone here? TIA BTW from a web page csrss.exe can be harmful/benign. I tried to do a "properties" on the file and nothing happened. I had to use Explorer to scan for it's location. Download the free scanner from: http://malwarebytes.org and run the full scan. That is the best way to determine if "csrss.whatever" is a trojan or not. BTW, you are far too paranoid, calm down and trust your AV, or get another that you do trust otherwise you will drive yourself nuts... -- Free Dropbox: http://db.tt/aI6WBZ7w |
#4
|
|||
|
|||
OT I still suspect my computer is infected
tigger writted thus:
Seymore4Head writted thus: BTW from a web page csrss.exe can be harmful/benign. I tried to do a "properties" on the file and nothing happened. I had to use Explorer to scan for it's location. You could also read this.... http://answers.microsoft.com/en-us/p...protect_other- protect_scanning/i-have-two-csrssexe-and- csrssexemui/30812b09-3ca5-4f8b-8cf1-7b8c8afe8f74?auth=1 |
#5
|
|||
|
|||
OT I still suspect my computer is infected
On Sun, 19 Jul 2015 01:29:16 +0000 (UTC), tigger
wrote: Seymore4Head writted thus: Sorry for the OT post but I am unaware of an "active" Usenet group for virus. I use Win7 and F Secure. F Secure reports a clean system, but the "deep guard" has just blocked a program I use called Clipmate. I don't know why F Secure would do that. I scanned the Clipmate folder and then just uninstalled it. F Secure found nothing suspicious, but just having it blocked is suspicious enough for me. I took a screen shot of the task manager. There are 3 files that don't show a description, but searching the net, they have a valid purpose. http://i.imgur.com/mHdrfWU.png Anything about the task manager look suspicious to anyone here? TIA BTW from a web page csrss.exe can be harmful/benign. I tried to do a "properties" on the file and nothing happened. I had to use Explorer to scan for it's location. Download the free scanner from: http://malwarebytes.org and run the full scan. That is the best way to determine if "csrss.whatever" is a trojan or not. BTW, you are far too paranoid, calm down and trust your AV, or get another that you do trust otherwise you will drive yourself nuts... Too paranoid? Do you not think that the firewall blocking a known trusted program called Clipmate is a reason to suspect something is wrong? |
#6
|
|||
|
|||
OT I still suspect my computer is infected
On Sun, 19 Jul 2015 01:33:58 +0000 (UTC), tigger
wrote: tigger writted thus: Seymore4Head writted thus: BTW from a web page csrss.exe can be harmful/benign. I tried to do a "properties" on the file and nothing happened. I had to use Explorer to scan for it's location. You could also read this.... http://answers.microsoft.com/en-us/p...protect_other- protect_scanning/i-have-two-csrssexe-and- csrssexemui/30812b09-3ca5-4f8b-8cf1-7b8c8afe8f74?auth=1 http://imgur.com/a/i9PXV I just checked "Show processes from all users" It doubled the amount of stuff listed. I was using Team Viewer although it shouldn't have been running. I uninstalled that. I still have lots of stuff and as far as I know, I am the only user. When I tried to switch users. I was the only log on name found. |
#7
|
|||
|
|||
OT I still suspect my computer is infected
On 19/07/2015 03:45, Seymore4Head wrote:
Too paranoid? Do you not think that the firewall blocking a known trusted program called Clipmate is a reason to suspect something is wrong? A program like clipmate is unknown to Symantec and I suspect to McAfee as well but if you have followed "Safe Hex" of computing i.e. backed up your personal docs, images, videos and anything else that is too valuable to lose, then resetting the machine to factory standard would be the best way to remove any doubts in your mind. It takes about 30 minutes maximum assuming you haven't many things to re-install and that you are very organized like me. You will get all sorts of suggestions here from drug junkies and Linux junkies but you won't get satisfaction from any of them. Just reset the machine and problem solved. |
#8
|
|||
|
|||
OT I still suspect my computer is infected
Didn't you read the article tigger tried to send you to?
"Seymore4Head" wrote in message ... On Sun, 19 Jul 2015 01:33:58 +0000 (UTC), tigger wrote: tigger writted thus: Seymore4Head writted thus: BTW from a web page csrss.exe can be harmful/benign. I tried to do a "properties" on the file and nothing happened. I had to use Explorer to scan for it's location. You could also read this.... http://answers.microsoft.com/en-us/p...protect_other- protect_scanning/i-have-two-csrssexe-and- csrssexemui/30812b09-3ca5-4f8b-8cf1-7b8c8afe8f74?auth=1 http://imgur.com/a/i9PXV I just checked "Show processes from all users" It doubled the amount of stuff listed. I was using Team Viewer although it shouldn't have been running. I uninstalled that. I still have lots of stuff and as far as I know, I am the only user. When I tried to switch users. I was the only log on name found. |
#9
|
|||
|
|||
OT I still suspect my computer is infected
On Sun, 19 Jul 2015 05:21:44 +0100, Good Guy wrote:
You will get all sorts of suggestions here from drug junkies and Linux junkies but you won't get satisfaction from any of them. Just reset the machine and problem solved. What, take my machine back to 1990? Too much water under the bridge... |
#10
|
|||
|
|||
OT I still suspect my computer is infected
Seymore4Head wrote:
Sorry for the OT post but I am unaware of an "active" Usenet group for virus. I use Win7 and F Secure. F Secure reports a clean system, but the "deep guard" has just blocked a program I use called Clipmate. I don't know why F Secure would do that. I scanned the Clipmate folder and then just uninstalled it. F Secure found nothing suspicious, but just having it blocked is suspicious enough for me. I took a screen shot of the task manager. There are 3 files that don't show a description, but searching the net, they have a valid purpose. http://i.imgur.com/mHdrfWU.png Anything about the task manager look suspicious to anyone here? TIA BTW from a web page csrss.exe can be harmful/benign. I tried to do a "properties" on the file and nothing happened. I had to use Explorer to scan for it's location. Download and install the free versions of the two programs below. Do the FULL scan with both, in sequence. Depending on the size of your drive/partitions, this can take a while. Be patient. Follow the instructions. Don't do anything on the computer while the scan is working. See what they find. https://www.malwarebytes.org/ http://www.superantispyware.com/ Stef |
#11
|
|||
|
|||
OT I still suspect my computer is infected
On Sun, 19 Jul 2015 17:18:01 +0000 (UTC), Stef
wrote: Seymore4Head wrote: Sorry for the OT post but I am unaware of an "active" Usenet group for virus. I use Win7 and F Secure. F Secure reports a clean system, but the "deep guard" has just blocked a program I use called Clipmate. I don't know why F Secure would do that. I scanned the Clipmate folder and then just uninstalled it. F Secure found nothing suspicious, but just having it blocked is suspicious enough for me. I took a screen shot of the task manager. There are 3 files that don't show a description, but searching the net, they have a valid purpose. http://i.imgur.com/mHdrfWU.png Anything about the task manager look suspicious to anyone here? TIA BTW from a web page csrss.exe can be harmful/benign. I tried to do a "properties" on the file and nothing happened. I had to use Explorer to scan for it's location. Download and install the free versions of the two programs below. Do the FULL scan with both, in sequence. Depending on the size of your drive/partitions, this can take a while. Be patient. Follow the instructions. Don't do anything on the computer while the scan is working. See what they find. https://www.malwarebytes.org/ http://www.superantispyware.com/ Stef I ran superantispyware first and got 518 tracking cookies. I ran malwarebytes and it found 4 faketrojanalerts Thanks |
#12
|
|||
|
|||
OT I still suspect my computer is infected
On 7/19/2015 1:42 PM, Seymore4Head wrote:
On Sun, 19 Jul 2015 17:18:01 +0000 (UTC), Stef wrote: Seymore4Head wrote: Sorry for the OT post but I am unaware of an "active" Usenet group for virus. I use Win7 and F Secure. F Secure reports a clean system, but the "deep guard" has just blocked a program I use called Clipmate. I don't know why F Secure would do that. I scanned the Clipmate folder and then just uninstalled it. F Secure found nothing suspicious, but just having it blocked is suspicious enough for me. I took a screen shot of the task manager. There are 3 files that don't show a description, but searching the net, they have a valid purpose. http://i.imgur.com/mHdrfWU.png Anything about the task manager look suspicious to anyone here? TIA BTW from a web page csrss.exe can be harmful/benign. I tried to do a "properties" on the file and nothing happened. I had to use Explorer to scan for it's location. Download and install the free versions of the two programs below. Do the FULL scan with both, in sequence. Depending on the size of your drive/partitions, this can take a while. Be patient. Follow the instructions. Don't do anything on the computer while the scan is working. See what they find. https://www.malwarebytes.org/ http://www.superantispyware.com/ Stef I ran superantispyware first and got 518 tracking cookies. I ran malwarebytes and it found 4 faketrojanalerts Thanks You might want to follow up with adwcleaner, it has been very good AFTER the typical scanners. Majorgeeks has the latest http://www.majorgeeks.com/files/details/adwcleaner.html portable |
#13
|
|||
|
|||
OT I still suspect my computer is infected
On Sun, 19 Jul 2015 05:21:44 +0100, Good Guy wrote:
On 19/07/2015 03:45, Seymore4Head wrote: Too paranoid? Do you not think that the firewall blocking a known trusted program called Clipmate is a reason to suspect something is wrong? A program like clipmate is unknown to Symantec and I suspect to McAfee as well but if you have followed "Safe Hex" of computing i.e. backed up your personal docs, images, videos and anything else that is too valuable to lose, then resetting the machine to factory standard would be the best way to remove any doubts in your mind. It takes about 30 minutes maximum assuming you haven't many things to re-install and that you are very organized like me. You will get all sorts of suggestions here from drug junkies and Linux junkies but you won't get satisfaction from any of them. Just reset the machine and problem solved. html head meta content="text/html; charset=UTF-8" http-equiv="Content-Type" /head body text="#000000" bgcolor="#FFFFCC" div class="moz-cite-prefix"On 19/07/2015 03:45, Seymore4Head wrote:br /div blockquote om" type="cite" pre wrap="" /pre pre wrap="" Too paranoid? Do you not think that the firewall blocking a known trusted program called Clipmate is a reason to suspect something is wrong? /pre /blockquote br A program like clipmate is unknown to Symantec and I suspect to McAfee as well but if you have followed "Safe Hex" of computing i.e. backed up your personal docs, images, videos and anything else that is too valuable to lose, then resetting the machine to factory standard would be the best way to remove any doubts in your mind. It takes about 30 minutes maximum assuming you haven't many things to re-install and that you are very organized like me.br br You will get all sorts of suggestions here from drug junkies and Linux junkies but you won't get satisfaction from any of them.Â* Just reset the machine and problem solved.br br br br br /body /html An added plus is following GoodGuy you can peruse the html stuff he includes in all his posts. Any one who can bring an as purchased install to a current condition in 30 minutes isn't running much in the way of user installed programs. |
#14
|
|||
|
|||
OT I still suspect my computer is infected
On Sat, 18 Jul 2015 19:24:57 -0400, Seymore4Head
wrote: Sorry for the OT post but I am unaware of an "active" Usenet group for virus. I use Win7 Ah ! That explains it. Phoning home, datamining, downloading suspicious patches ? That's Win 7 alright. They say Windows 10 and Chrome are even worse. If you want advice on malware, first upload the suspicious file to Jotti https://virusscan.jotti.org/ If you need any help, try posting to alt.comp.virus or alt.comp.antivirus. Or: https://forums.malwarebytes.org/index.php http://www.bleepingcomputer.com/forums/f/79/security/ []'s PS avoid calling malware a virus in the newsgroups and forums. Viruses are very rare these days. -- Don't be evil - Google 2004 We have a new policy - Google 2012 |
Thread Tools | |
Display Modes | Rate This Thread |
|
|