Jump to content

WinXP sp 3 contains keylogger?

Guest Edna Boxe

By Guest Edna Boxe
in Windows XP

 Share

Recommended Posts

Guest Edna Boxe

Guest Edna Boxe

Posted
Posted

Since I've downloaded sp 3 Norton Internet Security says that

c:\\windows\system32\ctfmon.exe has a keylogger, is this a false positive?

If I remove sp 3 the keylogger also goes so I know it's nothing else.

 

Edna.

  • Replies 25
  • Created
  • Last Reply

Popular Days

Popular Days

Guest R. McCarty

Guest R. McCarty

Posted
Posted

Re: WinXP sp 3 contains keylogger?

 

Yes because NIS = Not Intelligent Software

 

Really gives a good sense of security when it indicts a Microsoft

Office component as a keylogger.

 

"Edna Boxe" <spamtrap@ntlworld.com> wrote in message

news:79EDC435-E3C9-4694-B521-33FCF8FF1FE3@microsoft.com...

> Since I've downloaded sp 3 Norton Internet Security says that

> c:\\windows\system32\ctfmon.exe has a keylogger, is this a false positive?

> If I remove sp 3 the keylogger also goes so I know it's nothing else.

>

> Edna.

>

Guest PA Bear [MS MVP]

Guest PA Bear [MS MVP]

Posted
Posted

Re: WinXP sp 3 contains keylogger?

 

What does Symantec Support have to say about it?

 

Frequently asked questions about Ctfmon.exe:

http://support.microsoft.com/kb/282599

 

--

~Robear Dyer (PA Bear)

MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002

AumHa VSOP & Admin http://aumha.net

DTS-L http://dts-l.net/

 

 

Edna Boxe wrote:

> Since I've downloaded sp 3 Norton Internet Security says that

> c:\\windows\system32\ctfmon.exe has a keylogger, is this a false positive?

> If I remove sp 3 the keylogger also goes so I know it's nothing else.

>

> Edna.

Guest nass

Guest nass

Posted
Posted

Re: WinXP sp 3 contains keylogger?

 

 

but this process can be infected R.McCarty with a virus or keyloggers?

Not because of the updates but it could be the updates revealed the

infection and the OP need to check further.

Like the Svchost.exe can be embedded with a Troj?

 

FileMon for Windows v7.04

http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx

Have a look here for windows Sysinternals

http://technet.microsoft.com/en-us/sysinternals/default.aspx

 

Use this tool to see what taken the most usage of the CPU on your machine.

ShellExView v1.19 - Shell Extensions Manager

http://www.nirsoft.net/utils/shexview.html

 

To the OP please upload this file ( ctfmon.exe) to this link for scan:

http://www.virustotal.com

 

 

 

"R. McCarty" wrote:

> Yes because NIS = Not Intelligent Software

>

> Really gives a good sense of security when it indicts a Microsoft

> Office component as a keylogger.

>

> "Edna Boxe" <spamtrap@ntlworld.com> wrote in message

> news:79EDC435-E3C9-4694-B521-33FCF8FF1FE3@microsoft.com...

> > Since I've downloaded sp 3 Norton Internet Security says that

> > c:\\windows\system32\ctfmon.exe has a keylogger, is this a false positive?

> > If I remove sp 3 the keylogger also goes so I know it's nothing else.

> >

> > Edna.

> >

>

>

>

Guest MowGreen [MVP]

Guest MowGreen [MVP]

Posted
Posted

Re: WinXP sp 3 contains keylogger?

 

NIS is NOT reliable. It's difficult to believe anything it reports.

IF ctfmon.exe was infected prior to the application of SP3, then NIS

*should have been reporting* it as infected then.

 

Since this issue occurred after applying SP3, then I'd be willing to bet

my house that it's a False Positive.

 

Frequently asked questions about Ctfmon.exe

http://support.microsoft.com/kb/282599

 

Was NIS actively monitoring the system during the download and

installation of SP3 ?

Have you checked Symantec's site to see if this has been reported to them ?

 

 

MowGreen [MVP 2003-2008]

===============

*-343-* FDNY

Never Forgotten

===============

 

 

Edna Boxe wrote:

> Since I've downloaded sp 3 Norton Internet Security says that

> c:\\windows\system32\ctfmon.exe has a keylogger, is this a false positive?

> If I remove sp 3 the keylogger also goes so I know it's nothing else.

>

> Edna.

>

>

Guest MowGreen [MVP]

Guest MowGreen [MVP]

Posted
Posted

Re: WinXP sp 3 contains keylogger?

 

Why wasn't NIS reporting ctfmon as being infected prior to the

application of SP3 ?

 

Malwares can prevent updates from being downloaded or installed.

IF the installation of Windows updates was needed by NIS in order for it

be able to detect ctfmon as infected, then NIS is NOT trustworthy.

 

MowGreen [MVP 2003-2008]

================

*-343-* FDNY

Never Forgotten

===============

 

 

nass wrote:

> but this process can be infected R.McCarty with a virus or keyloggers?

> Not because of the updates but it could be the updates revealed the

> infection and the OP need to check further.

> Like the Svchost.exe can be embedded with a Troj?

>

> FileMon for Windows v7.04

> http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx

> Have a look here for windows Sysinternals

> http://technet.microsoft.com/en-us/sysinternals/default.aspx

>

> Use this tool to see what taken the most usage of the CPU on your machine.

> ShellExView v1.19 - Shell Extensions Manager

> http://www.nirsoft.net/utils/shexview.html

>

> To the OP please upload this file ( ctfmon.exe) to this link for scan:

> http://www.virustotal.com

>

>

>

> "R. McCarty" wrote:

>

>

>>Yes because NIS = Not Intelligent Software

>>

>>Really gives a good sense of security when it indicts a Microsoft

>>Office component as a keylogger.

>>

>>"Edna Boxe" <spamtrap@ntlworld.com> wrote in message

>>news:79EDC435-E3C9-4694-B521-33FCF8FF1FE3@microsoft.com...

>>

>>>Since I've downloaded sp 3 Norton Internet Security says that

>>>c:\\windows\system32\ctfmon.exe has a keylogger, is this a false positive?

>>>If I remove sp 3 the keylogger also goes so I know it's nothing else.

>>>

>>>Edna.

>>>

>>

>>

>>

Guest nass

Guest nass

Posted
Posted

RE: WinXP sp 3 contains keylogger?

 

 

 

"Edna Boxe" wrote:

> Since I've downloaded sp 3 Norton Internet Security says that

> c:\\windows\system32\ctfmon.exe has a keylogger, is this a false positive?

> If I remove sp 3 the keylogger also goes so I know it's nothing else.

>

> Edna.

 

Check this and you can contact Norton for help:

Spyware.UltraKeylogger

http://www.symantec.com/security_response/writeup.jsp?docid=2006-021416-3341-99&tabid=2

Technical Issues Support

http://www.symantec.com/norton/support/selectproduct_ts.jsp

Also you can use other online virus scanners to get a clear idea on how

clean your system.

Guest nass

Guest nass

Posted
Posted

Re: WinXP sp 3 contains keylogger?

 

 

Actually it happen with me this morning on a client machine updating from

AVG 7.0.5 to version 8.0.1 reported a Zip as a keylogger.

This Zip was there while AVG version 7.5 was installed and up2date..some new

definitions can give new flase positive or can discover viral infection that

wasn't spread at the time to get its grip on the system!

Does this ring the bill:

Spyware.UltraKeylogger

http://www.symantec.com/security_response/writeup.jsp?docid=2006-021416-3341-99&tabid=2

I agree with you that NIS can give false positive about some files/folders,

but again the security implementation in SP3 ??? more raised and can cause

confusion still to know what the rest of AVs will come up with :)

 

nass

 

"MowGreen [MVP]" wrote:

> Why wasn't NIS reporting ctfmon as being infected prior to the

> application of SP3 ?

>

> Malwares can prevent updates from being downloaded or installed.

> IF the installation of Windows updates was needed by NIS in order for it

> be able to detect ctfmon as infected, then NIS is NOT trustworthy.

>

> MowGreen [MVP 2003-2008]

> ================

> *-343-* FDNY

> Never Forgotten

> ===============

>

>

> nass wrote:

>

> > but this process can be infected R.McCarty with a virus or keyloggers?

> > Not because of the updates but it could be the updates revealed the

> > infection and the OP need to check further.

> > Like the Svchost.exe can be embedded with a Troj?

> >

> > FileMon for Windows v7.04

> > http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx

> > Have a look here for windows Sysinternals

> > http://technet.microsoft.com/en-us/sysinternals/default.aspx

> >

> > Use this tool to see what taken the most usage of the CPU on your machine.

> > ShellExView v1.19 - Shell Extensions Manager

> > http://www.nirsoft.net/utils/shexview.html

> >

> > To the OP please upload this file ( ctfmon.exe) to this link for scan:

> > http://www.virustotal.com

> >

> >

> >

> > "R. McCarty" wrote:

> >

> >

> >>Yes because NIS = Not Intelligent Software

> >>

> >>Really gives a good sense of security when it indicts a Microsoft

> >>Office component as a keylogger.

> >>

> >>"Edna Boxe" <spamtrap@ntlworld.com> wrote in message

> >>news:79EDC435-E3C9-4694-B521-33FCF8FF1FE3@microsoft.com...

> >>

> >>>Since I've downloaded sp 3 Norton Internet Security says that

> >>>c:\\windows\system32\ctfmon.exe has a keylogger, is this a false positive?

> >>>If I remove sp 3 the keylogger also goes so I know it's nothing else.

> >>>

> >>>Edna.

> >>>

> >>

> >>

> >>

>

Guest Edna Boxe

Guest Edna Boxe

Posted
Posted

Re: WinXP sp 3 contains keylogger?

 

From what I hear if the svchost is in the system 32 folder then it's ok,

anywhere else & it's definitely a virus, is this correct?

 

Edna.

 

"nass" <nass@discussions.microsoft.com> wrote in message

news:40A528C2-4DD0-435F-869C-483B1E093449@microsoft.com...

>

> but this process can be infected R.McCarty with a virus or keyloggers?

> Not because of the updates but it could be the updates revealed the

> infection and the OP need to check further.

> Like the Svchost.exe can be embedded with a Troj?

>

> FileMon for Windows v7.04

> http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx

> Have a look here for windows Sysinternals

> http://technet.microsoft.com/en-us/sysinternals/default.aspx

>

> Use this tool to see what taken the most usage of the CPU on your machine.

> ShellExView v1.19 - Shell Extensions Manager

> http://www.nirsoft.net/utils/shexview.html

>

> To the OP please upload this file ( ctfmon.exe) to this link for scan:

> http://www.virustotal.com

>

>

>

> "R. McCarty" wrote:

>

>> Yes because NIS = Not Intelligent Software

>>

>> Really gives a good sense of security when it indicts a Microsoft

>> Office component as a keylogger.

>>

>> "Edna Boxe" <spamtrap@ntlworld.com> wrote in message

>> news:79EDC435-E3C9-4694-B521-33FCF8FF1FE3@microsoft.com...

>> > Since I've downloaded sp 3 Norton Internet Security says that

>> > c:\\windows\system32\ctfmon.exe has a keylogger, is this a false

>> > positive?

>> > If I remove sp 3 the keylogger also goes so I know it's nothing else.

>> >

>> > Edna.

>> >

>>

>>

>>

Guest Edna Boxe

Guest Edna Boxe

Posted
Posted

Re: WinXP sp 3 contains keylogger?

 

File analyser says it's clean.

 

Everything is running as it should be there's no unusual processes or heavy

usage that I can see.

 

Edna.

 

"nass" <nass@discussions.microsoft.com> wrote in message

news:40A528C2-4DD0-435F-869C-483B1E093449@microsoft.com...

>

> but this process can be infected R.McCarty with a virus or keyloggers?

> Not because of the updates but it could be the updates revealed the

> infection and the OP need to check further.

> Like the Svchost.exe can be embedded with a Troj?

>

> FileMon for Windows v7.04

> http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx

> Have a look here for windows Sysinternals

> http://technet.microsoft.com/en-us/sysinternals/default.aspx

>

> Use this tool to see what taken the most usage of the CPU on your machine.

> ShellExView v1.19 - Shell Extensions Manager

> http://www.nirsoft.net/utils/shexview.html

>

> To the OP please upload this file ( ctfmon.exe) to this link for scan:

> http://www.virustotal.com

>

>

>

> "R. McCarty" wrote:

>

>> Yes because NIS = Not Intelligent Software

>>

>> Really gives a good sense of security when it indicts a Microsoft

>> Office component as a keylogger.

>>

>> "Edna Boxe" <spamtrap@ntlworld.com> wrote in message

>> news:79EDC435-E3C9-4694-B521-33FCF8FF1FE3@microsoft.com...

>> > Since I've downloaded sp 3 Norton Internet Security says that

>> > c:\\windows\system32\ctfmon.exe has a keylogger, is this a false

>> > positive?

>> > If I remove sp 3 the keylogger also goes so I know it's nothing else.

>> >

>> > Edna.

>> >

>>

>>

>>

Guest Edna Boxe

Guest Edna Boxe

Posted
Posted

Re: WinXP sp 3 contains keylogger?

 

That's what I'd like to know, usually Norton is 100% reliable for me that's

why I use it, seems strange that previous to the sp 3 it didn't detect this.

 

Edna.

 

"MowGreen [MVP]" <mowgreen@nowandzen.com> wrote in message

news:uh2ywcGtIHA.5268@TK2MSFTNGP06.phx.gbl...

> Why wasn't NIS reporting ctfmon as being infected prior to the application

> of SP3 ?

>

> Malwares can prevent updates from being downloaded or installed.

> IF the installation of Windows updates was needed by NIS in order for it

> be able to detect ctfmon as infected, then NIS is NOT trustworthy.

>

> MowGreen [MVP 2003-2008]

> ================

> *-343-* FDNY

> Never Forgotten

> ===============

>

>

> nass wrote:

>

>> but this process can be infected R.McCarty with a virus or keyloggers?

>> Not because of the updates but it could be the updates revealed the

>> infection and the OP need to check further.

>> Like the Svchost.exe can be embedded with a Troj?

>>

>> FileMon for Windows v7.04

>> http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx

>> Have a look here for windows Sysinternals

>> http://technet.microsoft.com/en-us/sysinternals/default.aspx

>>

>> Use this tool to see what taken the most usage of the CPU on your

>> machine.

>> ShellExView v1.19 - Shell Extensions Manager

>> http://www.nirsoft.net/utils/shexview.html To the OP please upload this

>> file ( ctfmon.exe) to this link for scan:

>> http://www.virustotal.com

>>

>>

>>

>> "R. McCarty" wrote:

>>

>>

>>>Yes because NIS = Not Intelligent Software

>>>

>>>Really gives a good sense of security when it indicts a Microsoft

>>>Office component as a keylogger.

>>>

>>>"Edna Boxe" <spamtrap@ntlworld.com> wrote in message

>>>news:79EDC435-E3C9-4694-B521-33FCF8FF1FE3@microsoft.com...

>>>

>>>>Since I've downloaded sp 3 Norton Internet Security says that

>>>>c:\\windows\system32\ctfmon.exe has a keylogger, is this a false

>>>>positive? If I remove sp 3 the keylogger also goes so I know it's

>>>>nothing else.

>>>>

>>>>Edna.

>>>>

>>>

>>>

>>>

Guest Edna Boxe

Guest Edna Boxe

Posted
Posted

Re: WinXP sp 3 contains keylogger?

 

 

 

"nass" <nass@discussions.microsoft.com> wrote in message

news:D3236911-AACC-499A-878C-08658128DF10@microsoft.com...

>

>

> "Edna Boxe" wrote:

>

>> Since I've downloaded sp 3 Norton Internet Security says that

>> c:\\windows\system32\ctfmon.exe has a keylogger, is this a false

>> positive?

>> If I remove sp 3 the keylogger also goes so I know it's nothing else.

>>

>> Edna.

>

> Check this and you can contact Norton for help:

> Spyware.UltraKeylogger

> http://www.symantec.com/security_response/writeup.jsp?docid=2006-021416-3341-99&tabid=2

> Technical Issues Support

> http://www.symantec.com/norton/support/selectproduct_ts.jsp

> Also you can use other online virus scanners to get a clear idea on how

> clean your system.

>

 

Checked & there's nothing in the start-up files so system is clean, I'll now

contact Norton for help.

 

Edna.

Guest Edna Boxe

Guest Edna Boxe

Posted
Posted

Re: WinXP sp 3 contains keylogger?

 

No as it tells you to disable AV software otherwise it can cause conflicts,

as yet I've not contacted Norton but will do so.

 

Edna.

 

"MowGreen [MVP]" <mowgreen@nowandzen.com> wrote in message

news:#FXosWGtIHA.2188@TK2MSFTNGP04.phx.gbl...

> NIS is NOT reliable. It's difficult to believe anything it reports.

> IF ctfmon.exe was infected prior to the application of SP3, then NIS

> *should have been reporting* it as infected then.

>

> Since this issue occurred after applying SP3, then I'd be willing to bet

> my house that it's a False Positive.

>

> Frequently asked questions about Ctfmon.exe

> http://support.microsoft.com/kb/282599

>

> Was NIS actively monitoring the system during the download and

> installation of SP3 ?

> Have you checked Symantec's site to see if this has been reported to them

> ?

>

>

> MowGreen [MVP 2003-2008]

> ===============

> *-343-* FDNY

> Never Forgotten

> ===============

>

>

> Edna Boxe wrote:

>

>> Since I've downloaded sp 3 Norton Internet Security says that

>> c:\\windows\system32\ctfmon.exe has a keylogger, is this a false

>> positive? If I remove sp 3 the keylogger also goes so I know it's nothing

>> else.

>>

>> Edna.

Guest nass

Guest nass

Posted
Posted

Re: WinXP sp 3 contains keylogger?

 

 

Yes, but you can have 6 instances of svchost.exe running in the task

manager? did you searched for it (Ctfmon.exe)?

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run = how many

entries there for the ctfmon.exe here?

 

The svchost.exe is a security process and can be used by many running

services, also you can experiencing a memory leak.

Process located here:

C:\WINDOWS\system32\svchost.exe size: 14336

 

Use this tool to see what taken the most usage of the CPU on your machine.

ShellExView v1.19 - Shell Extensions Manager

http://www.nirsoft.net/utils/shexview.html

 

Go through these cleaning steps:

1... Click start >> Control Panel >> Double Click Network and Internet

Connections >> Double click Internet Options, on the IE Properties window

you will see these Options:

General | Security | Privacy | Content | Connections | Programs

| Advanced .

 

Click on General Tab (1st Tab on the left) and you will see a Button called

[ Clear History ..] click on it to clear your History caches, then click on

[Delete Files..] to delete Internet Files created over the time, click on [

Delete Cookies...] to delete your cookies left by visiting websites.

Then click on Advanced tab and scroll down to under the Browsing Option:

[&] Browsing

[ ] Enable Third-Party browser extensions (Req Rest) uncheck this box.

 

= Then try to Disable the Add-Ons on your Browser somehow installed on your

browser, On how to disable the Add-ons follow this:

Click on Programs Tab and then click the Manage Add-Ons Button there Disable

the None/Not Verified Plug-ins/Add-ons ( you need to Renable them one-by-one

later and see which is the culprit .

How to manage Add-Ons:

http://support.microsoft.com/kb/883256

 

Scan for malware from here:

SuperAntispyware - Free

http://www.superantispyware.com/superantispywarefreevspro.html

http://onecare.live.com/site/en-gb/default.htm?s_cid=sah

http://onecare.live.com/standard/en-gb/default.htm

 

RootkitRevealer v1.71

By Bryce Cogswell and Mark Russinovich

http://www.microsoft.com/technet/sysinternals/Security/RootkitRevealer.mspx

 

Run a scan from here on-line:

http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym

http://www3.ca.com/securityadvisor/virusinfo/scan.aspx

Download Avast Cleaner (off-line scanner) from here:

http://www.avast.com/eng/avast-virus-cleaner.html

 

Lots of tools to download and disinfect your machine (off-line scanner):

http://www.bitdefender.co.uk/site/Downloads/browseFreeRemovalTool/

 

How to speed your PC:

http://www.blackviper.com/WinXP/supertweaks.htm

 

Run disk clean up and then run this command:

sfc /scannow

 

How To: troubleshoot svchost.exe:

http://blogs.technet.com/askperf/archive/2008/01/11/getting-started-with-svchost-exe-troubleshooting.aspx

 

 

Download the Hijackthis and send the report to one of

many

forums for analysis and troubleshooting:

When all else fails, HijackThis v2.0.2

(http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php) is

the preferred tool to use.

It will help you to both identify and remove any hijackware/spyware. Post

your log to:

http://aumha.net/viewforum.php?f=30,

http://castlecops.com/forum67.html,

http://forums.subratam.org/index.php?showforum=7

http://www.bleepingcomputer.com/tutorials/tutorial42.html

http://www.bleepingcomputer.com/forums/

Or other appropriate

forums for expert analysis, not here.

Let us know your progress.

nass

----

http://www.nasstec.co.uk

 

 

"Edna Boxe" wrote:

> From what I hear if the svchost is in the system 32 folder then it's ok,

> anywhere else & it's definitely a virus, is this correct?

>

> Edna.

>

> "nass" <nass@discussions.microsoft.com> wrote in message

> news:40A528C2-4DD0-435F-869C-483B1E093449@microsoft.com...

> >

> > but this process can be infected R.McCarty with a virus or keyloggers?

> > Not because of the updates but it could be the updates revealed the

> > infection and the OP need to check further.

> > Like the Svchost.exe can be embedded with a Troj?

> >

> > FileMon for Windows v7.04

> > http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx

> > Have a look here for windows Sysinternals

> > http://technet.microsoft.com/en-us/sysinternals/default.aspx

> >

> > Use this tool to see what taken the most usage of the CPU on your machine.

> > ShellExView v1.19 - Shell Extensions Manager

> > http://www.nirsoft.net/utils/shexview.html

> >

> > To the OP please upload this file ( ctfmon.exe) to this link for scan:

> > http://www.virustotal.com

> >

> >

> >

> > "R. McCarty" wrote:

> >

> >> Yes because NIS = Not Intelligent Software

> >>

> >> Really gives a good sense of security when it indicts a Microsoft

> >> Office component as a keylogger.

> >>

> >> "Edna Boxe" <spamtrap@ntlworld.com> wrote in message

> >> news:79EDC435-E3C9-4694-B521-33FCF8FF1FE3@microsoft.com...

> >> > Since I've downloaded sp 3 Norton Internet Security says that

> >> > c:\\windows\system32\ctfmon.exe has a keylogger, is this a false

> >> > positive?

> >> > If I remove sp 3 the keylogger also goes so I know it's nothing else.

> >> >

> >> > Edna.

> >> >

> >>

> >>

> >>

>

>

Guest nass

Guest nass

Posted
Posted

Re: WinXP sp 3 contains keylogger?

 

 

Then it is false positive by Norton and you are clear from infestation.

Although it does not harm you if you performed the cleaning steps in my

previous post but it is n't necessary to do so unless you have some doubts

and you need to put them to rest!.

----

nass

 

 

"Edna Boxe" wrote:

> File analyser says it's clean.

>

> Everything is running as it should be there's no unusual processes or heavy

> usage that I can see.

>

> Edna.

>

> "nass" <nass@discussions.microsoft.com> wrote in message

> news:40A528C2-4DD0-435F-869C-483B1E093449@microsoft.com...

> >

> > but this process can be infected R.McCarty with a virus or keyloggers?

> > Not because of the updates but it could be the updates revealed the

> > infection and the OP need to check further.

> > Like the Svchost.exe can be embedded with a Troj?

> >

> > FileMon for Windows v7.04

> > http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx

> > Have a look here for windows Sysinternals

> > http://technet.microsoft.com/en-us/sysinternals/default.aspx

> >

> > Use this tool to see what taken the most usage of the CPU on your machine.

> > ShellExView v1.19 - Shell Extensions Manager

> > http://www.nirsoft.net/utils/shexview.html

> >

> > To the OP please upload this file ( ctfmon.exe) to this link for scan:

> > http://www.virustotal.com

> >

> >

> >

> > "R. McCarty" wrote:

> >

> >> Yes because NIS = Not Intelligent Software

> >>

> >> Really gives a good sense of security when it indicts a Microsoft

> >> Office component as a keylogger.

> >>

> >> "Edna Boxe" <spamtrap@ntlworld.com> wrote in message

> >> news:79EDC435-E3C9-4694-B521-33FCF8FF1FE3@microsoft.com...

> >> > Since I've downloaded sp 3 Norton Internet Security says that

> >> > c:\\windows\system32\ctfmon.exe has a keylogger, is this a false

> >> > positive?

> >> > If I remove sp 3 the keylogger also goes so I know it's nothing else.

> >> >

> >> > Edna.

> >> >

> >>

> >>

> >>

>

Guest smlunatick

Guest smlunatick

Posted
Posted

Re: WinXP sp 3 contains keylogger?

 

Where did you get your version of SP3? If it was not from a Microsoft's web

site, then it's integrity is "suspect!"

 

 

 

On 12/05/2008 "Edna Boxe" <spamtrap@ntlworld.com> wrote:

>Since I've downloaded sp 3 Norton Internet Security says that

>c:\\windows\system32\ctfmon.exe has a keylogger, is this a false positive?

>If I remove sp 3 the keylogger also goes so I know it's nothing else.

>

>Edna.

>

>

Guest Edna Boxe

Guest Edna Boxe

Posted
Posted

Re: WinXP sp 3 contains keylogger?

 

Checking the registry there's no entries for ctfmon.exe, there's one in

HKEY_LOCAL_MACHINE\system\control\terminal server\SysProc though.

 

History & cookies are deleted every time my computer starts - using

CCleaner.

 

Edna.

 

"nass" <nass@discussions.microsoft.com> wrote in message

news:A4F3509C-F85A-4E88-9C47-6CC2F8E3FEFE@microsoft.com...

>

> Yes, but you can have 6 instances of svchost.exe running in the task

> manager? did you searched for it (Ctfmon.exe)?

> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run = how

> many

> entries there for the ctfmon.exe here?

>

> The svchost.exe is a security process and can be used by many running

> services, also you can experiencing a memory leak.

> Process located here:

> C:\WINDOWS\system32\svchost.exe size: 14336

>

> Use this tool to see what taken the most usage of the CPU on your machine.

> ShellExView v1.19 - Shell Extensions Manager

> http://www.nirsoft.net/utils/shexview.html

>

> Go through these cleaning steps:

> 1... Click start >> Control Panel >> Double Click Network and Internet

> Connections >> Double click Internet Options, on the IE Properties window

> you will see these Options:

> General | Security | Privacy | Content | Connections | Programs

> | Advanced .

>

> Click on General Tab (1st Tab on the left) and you will see a Button

> called

> [ Clear History ..] click on it to clear your History caches, then click

> on

> [Delete Files..] to delete Internet Files created over the time, click on

> [

> Delete Cookies...] to delete your cookies left by visiting websites.

> Then click on Advanced tab and scroll down to under the Browsing Option:

> [&] Browsing

> [ ] Enable Third-Party browser extensions (Req Rest) uncheck this box.

>

> = Then try to Disable the Add-Ons on your Browser somehow installed on

> your

> browser, On how to disable the Add-ons follow this:

> Click on Programs Tab and then click the Manage Add-Ons Button there

> Disable

> the None/Not Verified Plug-ins/Add-ons ( you need to Renable them

> one-by-one

> later and see which is the culprit .

> How to manage Add-Ons:

> http://support.microsoft.com/kb/883256

>

> Scan for malware from here:

> SuperAntispyware - Free

> http://www.superantispyware.com/superantispywarefreevspro.html

> http://onecare.live.com/site/en-gb/default.htm?s_cid=sah

> http://onecare.live.com/standard/en-gb/default.htm

>

> RootkitRevealer v1.71

> By Bryce Cogswell and Mark Russinovich

> http://www.microsoft.com/technet/sysinternals/Security/RootkitRevealer.mspx

>

> Run a scan from here on-line:

> http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym

> http://www3.ca.com/securityadvisor/virusinfo/scan.aspx

> Download Avast Cleaner (off-line scanner) from here:

> http://www.avast.com/eng/avast-virus-cleaner.html

>

> Lots of tools to download and disinfect your machine (off-line scanner):

> http://www.bitdefender.co.uk/site/Downloads/browseFreeRemovalTool/

>

> How to speed your PC:

> http://www.blackviper.com/WinXP/supertweaks.htm

>

> Run disk clean up and then run this command:

> sfc /scannow

>

> How To: troubleshoot svchost.exe:

> http://blogs.technet.com/askperf/archive/2008/01/11/getting-started-with-svchost-exe-troubleshooting.aspx

>

>

> Download the Hijackthis and send the report to one of

> many

> forums for analysis and troubleshooting:

> When all else fails, HijackThis v2.0.2

> (http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php)

> is

> the preferred tool to use.

> It will help you to both identify and remove any hijackware/spyware. Post

> your log to:

> http://aumha.net/viewforum.php?f=30,

> http://castlecops.com/forum67.html,

> http://forums.subratam.org/index.php?showforum=7

> http://www.bleepingcomputer.com/tutorials/tutorial42.html

> http://www.bleepingcomputer.com/forums/

> Or other appropriate

> forums for expert analysis, not here.

> Let us know your progress.

> nass

> ----

> http://www.nasstec.co.uk

>

>

> "Edna Boxe" wrote:

>

>> From what I hear if the svchost is in the system 32 folder then it's ok,

>> anywhere else & it's definitely a virus, is this correct?

>>

>> Edna.

>>

>> "nass" <nass@discussions.microsoft.com> wrote in message

>> news:40A528C2-4DD0-435F-869C-483B1E093449@microsoft.com...

>> >

>> > but this process can be infected R.McCarty with a virus or keyloggers?

>> > Not because of the updates but it could be the updates revealed the

>> > infection and the OP need to check further.

>> > Like the Svchost.exe can be embedded with a Troj?

>> >

>> > FileMon for Windows v7.04

>> > http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx

>> > Have a look here for windows Sysinternals

>> > http://technet.microsoft.com/en-us/sysinternals/default.aspx

>> >

>> > Use this tool to see what taken the most usage of the CPU on your

>> > machine.

>> > ShellExView v1.19 - Shell Extensions Manager

>> > http://www.nirsoft.net/utils/shexview.html

>> >

>> > To the OP please upload this file ( ctfmon.exe) to this link for scan:

>> > http://www.virustotal.com

>> >

>> >

>> >

>> > "R. McCarty" wrote:

>> >

>> >> Yes because NIS = Not Intelligent Software

>> >>

>> >> Really gives a good sense of security when it indicts a Microsoft

>> >> Office component as a keylogger.

>> >>

>> >> "Edna Boxe" <spamtrap@ntlworld.com> wrote in message

>> >> news:79EDC435-E3C9-4694-B521-33FCF8FF1FE3@microsoft.com...

>> >> > Since I've downloaded sp 3 Norton Internet Security says that

>> >> > c:\\windows\system32\ctfmon.exe has a keylogger, is this a false

>> >> > positive?

>> >> > If I remove sp 3 the keylogger also goes so I know it's nothing

>> >> > else.

>> >> >

>> >> > Edna.

>> >> >

>> >>

>> >>

>> >>

>>

>>

Guest Edna Boxe

Guest Edna Boxe

Posted
Posted

Re: WinXP sp 3 contains keylogger?

 

Thanks, I will.

 

Edna.

 

"nass" <nass@discussions.microsoft.com> wrote in message

news:8CA02C88-64DA-4326-A3CB-3DCC2309C33A@microsoft.com...

>

> Then it is false positive by Norton and you are clear from infestation.

> Although it does not harm you if you performed the cleaning steps in my

> previous post but it is n't necessary to do so unless you have some doubts

> and you need to put them to rest!.

> ----

> nass

>

>

> "Edna Boxe" wrote:

>

>> File analyser says it's clean.

>>

>> Everything is running as it should be there's no unusual processes or

>> heavy

>> usage that I can see.

>>

>> Edna.

>>

>> "nass" <nass@discussions.microsoft.com> wrote in message

>> news:40A528C2-4DD0-435F-869C-483B1E093449@microsoft.com...

>> >

>> > but this process can be infected R.McCarty with a virus or keyloggers?

>> > Not because of the updates but it could be the updates revealed the

>> > infection and the OP need to check further.

>> > Like the Svchost.exe can be embedded with a Troj?

>> >

>> > FileMon for Windows v7.04

>> > http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx

>> > Have a look here for windows Sysinternals

>> > http://technet.microsoft.com/en-us/sysinternals/default.aspx

>> >

>> > Use this tool to see what taken the most usage of the CPU on your

>> > machine.

>> > ShellExView v1.19 - Shell Extensions Manager

>> > http://www.nirsoft.net/utils/shexview.html

>> >

>> > To the OP please upload this file ( ctfmon.exe) to this link for scan:

>> > http://www.virustotal.com

>> >

>> >

>> >

>> > "R. McCarty" wrote:

>> >

>> >> Yes because NIS = Not Intelligent Software

>> >>

>> >> Really gives a good sense of security when it indicts a Microsoft

>> >> Office component as a keylogger.

>> >>

>> >> "Edna Boxe" <spamtrap@ntlworld.com> wrote in message

>> >> news:79EDC435-E3C9-4694-B521-33FCF8FF1FE3@microsoft.com...

>> >> > Since I've downloaded sp 3 Norton Internet Security says that

>> >> > c:\\windows\system32\ctfmon.exe has a keylogger, is this a false

>> >> > positive?

>> >> > If I remove sp 3 the keylogger also goes so I know it's nothing

>> >> > else.

>> >> >

>> >> > Edna.

>> >> >

>> >>

>> >>

>> >>

>>

Guest Edna Boxe

Guest Edna Boxe

Posted
Posted

Re: WinXP sp 3 contains keylogger?

 

Direct from the Microsoft website using Windows update this is why I believe

it's a false positive.

 

Edna.

 

"smlunatick" <yveslec@gmail.com> wrote in message

news:e5VCCDRtIHA.2292@TK2MSFTNGP03.phx.gbl...

> Where did you get your version of SP3? If it was not from a Microsoft's

> web

> site, then it's integrity is "suspect!"

>

>

>

> On 12/05/2008 "Edna Boxe" <spamtrap@ntlworld.com> wrote:

>>Since I've downloaded sp 3 Norton Internet Security says that

>>c:\\windows\system32\ctfmon.exe has a keylogger, is this a false positive?

>>If I remove sp 3 the keylogger also goes so I know it's nothing else.

>>

>>Edna.

>>

>>

Guest Edna Boxe

Guest Edna Boxe

Posted
Posted

Re: WinXP sp 3 contains keylogger?

 

The link refers to Microsoft XP Office, I don't have that but do have a PP

reader, it does seem I don't require Ctfmon.exe as I also don't use the

language bar.

 

I haven't asked Norton yet as it's a very poor support but will do so.

 

Edna.

 

"PA Bear [MS MVP]" <PABearMVP@gmail.com> wrote in message

news:OMwR5SGtIHA.5580@TK2MSFTNGP04.phx.gbl...

> What does Symantec Support have to say about it?

>

> Frequently asked questions about Ctfmon.exe:

> http://support.microsoft.com/kb/282599

>

> --

> ~Robear Dyer (PA Bear)

> MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002

> AumHa VSOP & Admin http://aumha.net

> DTS-L http://dts-l.net/

>

>

> Edna Boxe wrote:

>> Since I've downloaded sp 3 Norton Internet Security says that

>> c:\\windows\system32\ctfmon.exe has a keylogger, is this a false

>> positive?

>> If I remove sp 3 the keylogger also goes so I know it's nothing else.

>>

>> Edna.

>

Guest Edna Boxe

Guest Edna Boxe

Posted
Posted

Re: WinXP sp 3 contains keylogger?

 

Addendum: looking in the correct place (using msconfig rather than regedit)

I find 1 (one) entry for ctfmon.exe :)

 

Edna.

 

"Edna Boxe" <spamtrap@ntlworld.com> wrote in message

news:11D900F9-0E1A-426F-93AE-5E2F11F0D473@microsoft.com...

> Checking the registry there's no entries for ctfmon.exe, there's one in

> HKEY_LOCAL_MACHINE\system\control\terminal server\SysProc though.

>

> History & cookies are deleted every time my computer starts - using

> CCleaner.

>

> Edna.

>

> "nass" <nass@discussions.microsoft.com> wrote in message

> news:A4F3509C-F85A-4E88-9C47-6CC2F8E3FEFE@microsoft.com...

>>

>> Yes, but you can have 6 instances of svchost.exe running in the task

>> manager? did you searched for it (Ctfmon.exe)?

>> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run = how

>> many

>> entries there for the ctfmon.exe here?

>>

>> The svchost.exe is a security process and can be used by many running

>> services, also you can experiencing a memory leak.

>> Process located here:

>> C:\WINDOWS\system32\svchost.exe size: 14336

>>

>> Use this tool to see what taken the most usage of the CPU on your

>> machine.

>> ShellExView v1.19 - Shell Extensions Manager

>> http://www.nirsoft.net/utils/shexview.html

>>

>> Go through these cleaning steps:

>> 1... Click start >> Control Panel >> Double Click Network and Internet

>> Connections >> Double click Internet Options, on the IE Properties window

>> you will see these Options:

>> General | Security | Privacy | Content | Connections | Programs

>> | Advanced .

>>

>> Click on General Tab (1st Tab on the left) and you will see a Button

>> called

>> [ Clear History ..] click on it to clear your History caches, then click

>> on

>> [Delete Files..] to delete Internet Files created over the time, click on

>> [

>> Delete Cookies...] to delete your cookies left by visiting websites.

>> Then click on Advanced tab and scroll down to under the Browsing Option:

>> [&] Browsing

>> [ ] Enable Third-Party browser extensions (Req Rest) uncheck this box.

>>

>> = Then try to Disable the Add-Ons on your Browser somehow installed on

>> your

>> browser, On how to disable the Add-ons follow this:

>> Click on Programs Tab and then click the Manage Add-Ons Button there

>> Disable

>> the None/Not Verified Plug-ins/Add-ons ( you need to Renable them

>> one-by-one

>> later and see which is the culprit .

>> How to manage Add-Ons:

>> http://support.microsoft.com/kb/883256

>>

>> Scan for malware from here:

>> SuperAntispyware - Free

>> http://www.superantispyware.com/superantispywarefreevspro.html

>> http://onecare.live.com/site/en-gb/default.htm?s_cid=sah

>> http://onecare.live.com/standard/en-gb/default.htm

>>

>> RootkitRevealer v1.71

>> By Bryce Cogswell and Mark Russinovich

>> http://www.microsoft.com/technet/sysinternals/Security/RootkitRevealer.mspx

>>

>> Run a scan from here on-line:

>> http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym

>> http://www3.ca.com/securityadvisor/virusinfo/scan.aspx

>> Download Avast Cleaner (off-line scanner) from here:

>> http://www.avast.com/eng/avast-virus-cleaner.html

>>

>> Lots of tools to download and disinfect your machine (off-line scanner):

>> http://www.bitdefender.co.uk/site/Downloads/browseFreeRemovalTool/

>>

>> How to speed your PC:

>> http://www.blackviper.com/WinXP/supertweaks.htm

>>

>> Run disk clean up and then run this command:

>> sfc /scannow

>>

>> How To: troubleshoot svchost.exe:

>> http://blogs.technet.com/askperf/archive/2008/01/11/getting-started-with-svchost-exe-troubleshooting.aspx

>>

>>

>> Download the Hijackthis and send the report to one of

>> many

>> forums for analysis and troubleshooting:

>> When all else fails, HijackThis v2.0.2

>> (http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php)

>> is

>> the preferred tool to use.

>> It will help you to both identify and remove any hijackware/spyware. Post

>> your log to:

>> http://aumha.net/viewforum.php?f=30,

>> http://castlecops.com/forum67.html,

>> http://forums.subratam.org/index.php?showforum=7

>> http://www.bleepingcomputer.com/tutorials/tutorial42.html

>> http://www.bleepingcomputer.com/forums/

>> Or other appropriate

>> forums for expert analysis, not here.

>> Let us know your progress.

>> nass

>> ----

>> http://www.nasstec.co.uk

>>

>>

>> "Edna Boxe" wrote:

>>

>>> From what I hear if the svchost is in the system 32 folder then it's ok,

>>> anywhere else & it's definitely a virus, is this correct?

>>>

>>> Edna.

>>>

>>> "nass" <nass@discussions.microsoft.com> wrote in message

>>> news:40A528C2-4DD0-435F-869C-483B1E093449@microsoft.com...

>>> >

>>> > but this process can be infected R.McCarty with a virus or keyloggers?

>>> > Not because of the updates but it could be the updates revealed the

>>> > infection and the OP need to check further.

>>> > Like the Svchost.exe can be embedded with a Troj?

>>> >

>>> > FileMon for Windows v7.04

>>> > http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx

>>> > Have a look here for windows Sysinternals

>>> > http://technet.microsoft.com/en-us/sysinternals/default.aspx

>>> >

>>> > Use this tool to see what taken the most usage of the CPU on your

>>> > machine.

>>> > ShellExView v1.19 - Shell Extensions Manager

>>> > http://www.nirsoft.net/utils/shexview.html

>>> >

>>> > To the OP please upload this file ( ctfmon.exe) to this link for scan:

>>> > http://www.virustotal.com

>>> >

>>> >

>>> >

>>> > "R. McCarty" wrote:

>>> >

>>> >> Yes because NIS = Not Intelligent Software

>>> >>

>>> >> Really gives a good sense of security when it indicts a Microsoft

>>> >> Office component as a keylogger.

>>> >>

>>> >> "Edna Boxe" <spamtrap@ntlworld.com> wrote in message

>>> >> news:79EDC435-E3C9-4694-B521-33FCF8FF1FE3@microsoft.com...

>>> >> > Since I've downloaded sp 3 Norton Internet Security says that

>>> >> > c:\\windows\system32\ctfmon.exe has a keylogger, is this a false

>>> >> > positive?

>>> >> > If I remove sp 3 the keylogger also goes so I know it's nothing

>>> >> > else.

>>> >> >

>>> >> > Edna.

>>> >> >

>>> >>

>>> >>

>>> >>

>>>

>>>

>

Guest MowGreen [MVP]

Guest MowGreen [MVP]

Posted
Posted

Re: WinXP sp 3 contains keylogger?

 

Did you apply SP3 with Norton's actively monitoring the system ?

There have been some 'strange' issues reported by Users who have done

that:

http://www.bleepingcomputer.com/blogs/mowgreen/index.php?showentry=1288

 

Scroll down to the 'After installing SP3, Device Manager is blank;

Network Connections is blank; .... " section.

 

MowGreen [MVP 2003-2008]

===============

*-343-* FDNY

Never Forgotten

===============

 

 

Edna Boxe wrote:

> Direct from the Microsoft website using Windows update this is why I believe

> it's a false positive.

>

> Edna.

>

> "smlunatick" <yveslec@gmail.com> wrote in message

> news:e5VCCDRtIHA.2292@TK2MSFTNGP03.phx.gbl...

>

>>Where did you get your version of SP3? If it was not from a Microsoft's

>>web

>>site, then it's integrity is "suspect!"

>>

>>

>>

>>On 12/05/2008 "Edna Boxe" <spamtrap@ntlworld.com> wrote:

>>

>>>Since I've downloaded sp 3 Norton Internet Security says that

>>>c:\\windows\system32\ctfmon.exe has a keylogger, is this a false positive?

>>>If I remove sp 3 the keylogger also goes so I know it's nothing else.

>>>

>>>Edna.

>>>

>>>

>

>

Guest nass

Guest nass

Posted
Posted

Re: WinXP sp 3 contains keylogger?

 

 

 

"Edna Boxe" wrote:

> Addendum: looking in the correct place (using msconfig rather than regedit)

> I find 1 (one) entry for ctfmon.exe :)

>

> Edna.

>

> "Edna Boxe" <spamtrap@ntlworld.com> wrote in message

> news:11D900F9-0E1A-426F-93AE-5E2F11F0D473@microsoft.com...

> > Checking the registry there's no entries for ctfmon.exe, there's one in

> > HKEY_LOCAL_MACHINE\system\control\terminal server\SysProc though.

> >

> > History & cookies are deleted every time my computer starts - using

> > CCleaner.

> >

> > Edna.

 

 

These are normal entries!

The one on the start up for ctfmon.exe located at this Key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

in the windows root System32

 

The other entry in control\terminal server\SysProc is true one for ctfmon.exe

So it looks like a false positive in the end :)

 

Wait and see Norotn response they will not sleep on it as their Lap will

track it and sort it out one way or another!

 

HTH

nass

Guest Edna Boxe

Guest Edna Boxe

Posted
Posted

Re: WinXP sp 3 contains keylogger?

 

No Norton firewall & AV disabled.

 

Contacted Norton who say it's a false positive but they don't have any info

about it on their site.

 

Edna.

 

"MowGreen [MVP]" <mowgreen@nowandzen.com> wrote in message

news:uT18kCTtIHA.1436@TK2MSFTNGP05.phx.gbl...

> Did you apply SP3 with Norton's actively monitoring the system ?

> There have been some 'strange' issues reported by Users who have done

> that:

> http://www.bleepingcomputer.com/blogs/mowgreen/index.php?showentry=1288

>

> Scroll down to the 'After installing SP3, Device Manager is blank; Network

> Connections is blank; .... " section.

>

> MowGreen [MVP 2003-2008]

> ===============

> *-343-* FDNY

> Never Forgotten

> ===============

>

>

> Edna Boxe wrote:

>

>> Direct from the Microsoft website using Windows update this is why I

>> believe it's a false positive.

>>

>> Edna.

>>

>> "smlunatick" <yveslec@gmail.com> wrote in message

>> news:e5VCCDRtIHA.2292@TK2MSFTNGP03.phx.gbl...

>>

>>>Where did you get your version of SP3? If it was not from a Microsoft's

>>>web

>>>site, then it's integrity is "suspect!"

>>>

>>>

>>>

>>>On 12/05/2008 "Edna Boxe" <spamtrap@ntlworld.com> wrote:

>>>

>>>>Since I've downloaded sp 3 Norton Internet Security says that

>>>>c:\\windows\system32\ctfmon.exe has a keylogger, is this a false

>>>>positive?

>>>>If I remove sp 3 the keylogger also goes so I know it's nothing else.

>>>>

>>>>Edna.

>>>>

>>>>

>>

>>

Guest Edna Boxe

Guest Edna Boxe

Posted
Posted

Re: WinXP sp 3 contains keylogger?

 

 

 

"nass" <nass@discussions.microsoft.com> wrote in message

news:F389FA00-A048-4B32-A864-E61965A36B8C@microsoft.com...

>

>

> "Edna Boxe" wrote:

>

>> Addendum: looking in the correct place (using msconfig rather than

>> regedit)

>> I find 1 (one) entry for ctfmon.exe :)

>>

>> Edna.

>>

>> "Edna Boxe" <spamtrap@ntlworld.com> wrote in message

>> news:11D900F9-0E1A-426F-93AE-5E2F11F0D473@microsoft.com...

>> > Checking the registry there's no entries for ctfmon.exe, there's one in

>> > HKEY_LOCAL_MACHINE\system\control\terminal server\SysProc though.

>> >

>> > History & cookies are deleted every time my computer starts - using

>> > CCleaner.

>> >

>> > Edna.

>

>

> These are normal entries!

> The one on the start up for ctfmon.exe located at this Key:

> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

> in the windows root System32

>

> The other entry in control\terminal server\SysProc is true one for

> ctfmon.exe

> So it looks like a false positive in the end :)

>

> Wait and see Norotn response they will not sleep on it as their Lap will

> track it and sort it out one way or another!

>

> HTH

> nass

>

 

Contacted Norton who confirm it is a false positive, I asked them where

there's any further info about it on their website but they say there isn't

but they've reported my comments about this to a higher level.

 

Edna.

 Share
Go to topic listing
×
×
  • Create New...