M
Matt Gregory
I'm a programmer doing some tech support work on the side and I'm
working on someone's home computer which has a process running that
shows up in Sysinternal's Process Explorer (the task manager is
disabled) as ?ttrib.exe. Does anyone know anything about it? Norton
Antivirus doesn't seem to detect it, but something on the computer seems
to be changing the Symantec LiveUpdate client or changing its checksum
in McAfee firewall and causing McAfee to pop up a window saying the
LiveUpdate client has changed since it last accessed the internet. This
happens every few seconds. I'm not sure if the antivirus has been
compromised or the firewall or both. Also, the Windows security center
can't seem to check the status of the antivirus software. I updated
Norton and scanned the whole drive but it found nothing.
How do people normally deal with situations like this?
Thanks for any help or advice!
Matt Gregory
working on someone's home computer which has a process running that
shows up in Sysinternal's Process Explorer (the task manager is
disabled) as ?ttrib.exe. Does anyone know anything about it? Norton
Antivirus doesn't seem to detect it, but something on the computer seems
to be changing the Symantec LiveUpdate client or changing its checksum
in McAfee firewall and causing McAfee to pop up a window saying the
LiveUpdate client has changed since it last accessed the internet. This
happens every few seconds. I'm not sure if the antivirus has been
compromised or the firewall or both. Also, the Windows security center
can't seem to check the status of the antivirus software. I updated
Norton and scanned the whole drive but it found nothing.
How do people normally deal with situations like this?
Thanks for any help or advice!
Matt Gregory