3 Replies Latest reply on May 8, 2010 8:20 AM by sameer172006

    Red Mcafee Icon

      I am scanning my computer using cogeco's online virus scanner and I just noticed that my Mcafee icon has the red brackets surrounding it. Is it because I am using a different virus scanner? Maybe it's violating one of it's policies? It lasted for about a half hour and now the brackets are gone. This is what came up when I opened the Protection Log File...

       

       

      07/05/2010 12:21:22 AM Would be blocked by Access Protection rule  (rule is currently not enforced)  hp-PC\hp C:\Program Files\Internet Explorer\iexplore.exe C:\Users\hp\AppData\Local\Temp\Low\fsonlinescanner.exe Common Standard Protection:Prevent common programs from running files from the Temp folder Action blocked : Execute
      07/05/2010 12:45:42 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.1800 5_none_71ae7a22d2134741\winlogon.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:45:43 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.1800 0_none_6fc30116d4f17bf5\winlogon.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:46:15 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35 _6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:46:20 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_no ne_ae26210916536b06\smss.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:46:20 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_no ne_ac3aa7fd19319fba\smss.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:46:33 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6 001.18000_none_b5bb59a1054dbde5\svchost.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:46:41 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35 _6.0.6002.18005_none_d14b3973ca6acc56\services.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:46:42 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35 _6.0.6001.18000_none_cf5fc067cd49010a\services.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:49:45 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_non e_a8a80213731ca5a7\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:49:45 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_non e_a886901f7335e2fc\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:49:45 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_non e_a7fbf30a5a1929db\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:49:46 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_non e_a83603ce59ed0382\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:49:46 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_non e_a6d1618975e9b345\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:49:46 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_non e_a69e1da376115b2a\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:49:47 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_non e_a68e7da1761c2def\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:49:47 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_non e_a600dfae5d0228c9\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:49:47 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_non e_a644c0145ccecd28\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:49:48 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_non e_a64a8ac25ccb3836\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:49:48 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_non e_a4dd285578ce285b\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:49:48 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_non e_a4b3e75378eccda6\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:49:48 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_non e_a4e2f4e978ca9090\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:49:49 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_non e_a418a0745fdd652a\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:49:49 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_non e_a44eb0105fb4d975\lsass.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:51:20 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.1800 5_none_53a0201e76de3a0b\explorer.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:51:20 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.1816 4_none_5177ca9879e978e8\explorer.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:51:21 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.2229 8_none_51e4f8c7931bd1e1\explorer.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:51:21 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.1800 0_none_51b4a71279bc6ebf\explorer.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:51:21 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.2094 7_none_5033cb5995cd990b\explorer.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:51:21 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.1677 1_none_4f83bb287ccdb7e3\explorer.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read
      07/05/2010 12:51:46 AM Blocked by Access Protection rule  hp-PC\hp C:\Users\hp\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe C:\WINDOWS\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_n one_58e3e3d7e415ae4c\csrss.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Read

        • 1. Re: Red Mcafee Icon

          Hi,

           

          These are some of the default actions taken by McAfee to protect you from malware. Most of the times, Trojans capitalize on the Windows processes by spoofing them and running the malicious exectables so that it comes up as a valid windows file.

           

          McAfee blocked such action by the Virus Scanner and also some of the lines in the log state that you have enabled the rule to stop fiels being executed from the Temp folder and that is what has happened. I guess the online scanner had saved its file sin the temp folder and thus McAfee blocked it from running. All in all, Nothing crirtical though as those actions have been bloacked.

           

          By the way, I am just curious !!! When you have an updated and active Antivirus, Why would you want to run an online scan ? That too from a lesser known scanner ?

           

           

          Thank you

           

           

          Sameer

          1 of 1 people found this helpful
          • 2. Re: Red Mcafee Icon

            My computer had previous issues with viruses and I had sent it in to get it fixed but yesterday my computer screen was turning black and saying something had failed. I am not too sure, but Cogeco had called before and asked that I run that scan to make sure there were no viruses. So I figured I would run it. I did run the Mcafee first and it came back clear but it's failed on me before so I felt better running a different scan. Plus I think that what ever virus it was, it was disguised as an HP update. I don't if that is possible, but I am pretty sure that is what happened because almost exactly after I clicked to update the issues began.

            • 3. Re: Red Mcafee Icon

              HI,

               

              Going by the information you have provided, I believe it is more a case of an incompatible driver rather than a virus.

               

              If you started experiencing strange behaviour and black screen after installing something via HP update, Chances are that you just installed a driver which your computer or the OS on it is not completely compatible with. Try doing a system restore and see if that helps.

               

               

              Thank you

               

               

              Sameer