cancel
Showing results for 
Search instead for 
Did you mean: 

Red Mcafee Icon

I am scanning my computer using cogeco's online virus scanner and I just noticed that my Mcafee icon has the red brackets surrounding it. Is it because I am using a different virus scanner? Maybe it's violating one of it's policies? It lasted for about a half hour and now the brackets are gone. This is what came up when I opened the Protection Log File...

07/05/2010 12:21:22 AM Would be blocked by Access Protection rule  (rule is currently not enforced)  hp-PC\hp C:\Program Files\Internet Explorer\iexplore.exe C:\Users\hp\AppData\Local\Temp\Low\fsonlinescanner.exe Common Standard Protection:Prevent common programs from running files from the Temp folder Action blocked : Execute
07/05/2010 12:45:42 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:45:43 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:46:15 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:46:20 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:46:20 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:46:33 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:46:41 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:46:42 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:49:45 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:49:45 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:49:45 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:49:46 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:49:46 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:49:46 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:49:47 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:49:47 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:49:47 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:49:48 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:49:48 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:49:48 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:49:48 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:49:49 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:49:49 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:51:20 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:51:20 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:51:21 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:51:21 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:51:21 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:51:21 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
07/05/2010 12:51:46 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read

3 Replies
Highlighted

Re: Red Mcafee Icon

Hi,

These are some of the default actions taken by McAfee to protect you from malware. Most of the times, Trojans capitalize on the Windows processes by spoofing them and running the malicious exectables so that it comes up as a valid windows file.

McAfee blocked such action by the Virus Scanner and also some of the lines in the log state that you have enabled the rule to stop fiels being executed from the Temp folder and that is what has happened. I guess the online scanner had saved its file sin the temp folder and thus McAfee blocked it from running. All in all, Nothing crirtical though as those actions have been bloacked.

By the way, I am just curious !!! When you have an updated and active Antivirus, Why would you want to run an online scan ? That too from a lesser known scanner ?

Thank you

Sameer

Re: Red Mcafee Icon

My computer had previous issues with viruses and I had sent it in to get it fixed but yesterday my computer screen was turning black and saying something had failed. I am not too sure, but Cogeco had called before and asked that I run that scan to make sure there were no viruses. So I figured I would run it. I did run the Mcafee first and it came back clear but it's failed on me before so I felt better running a different scan. Plus I think that what ever virus it was, it was disguised as an HP update. I don't if that is possible, but I am pretty sure that is what happened because almost exactly after I clicked to update the issues began.

Re: Red Mcafee Icon

HI,

Going by the information you have provided, I believe it is more a case of an incompatible driver rather than a virus.

If you started experiencing strange behaviour and black screen after installing something via HP update, Chances are that you just installed a driver which your computer or the OS on it is not completely compatible with. Try doing a system restore and see if that helps.

Thank you

Sameer

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community