![]() ![]() ![]() ![]() I don’t know if and the software it promotes is malicious. I backed out and went to another Google result (see below), this time to one telling me it was a legitimate executable from Dell (I have a Dell laptop) called PC-Doctor, which I know Dell uses. Luckily, I’m experienced enough to realize that this site was giving me a whole lot of scare tactics without asking for a lot of detail. I have no idea if SpyHunter and Wipersoft anti-malware software are legitimate, or if they’re adware or malicious programs. Of course, they would be happy to have me download software they are promoting to get rid of the very dangerous malware: In fact, I’m surprised it didn’t suggest that my eldest child would be stricken with the plague. The page was full of very scary language and outcomes. It brought me to the information warning page: In the second-to-last search result, the words “PCdrwi.exe is a hazardous and destructive Trojan infection…” caught my eye, so I clicked on it. Google results for pcdrwi.exe Is it really malware? Although it’s not exactly the case, I think of it as any program that wants to run in the older DOS prompt environment. Conhost can represent any program running in Windows command window environment. In this scenario, when I ran Process Explorer, it came up with a few 1/70 findings and a single 1/67 finding. I wasn’t worried that any of them were malicious, but I am a little tired of seeing conhost.exe instances appearing in false-positive reports. Most malicious programs will be found by over a dozen antivirus engines. You only need to worry if Process Explorer reports three or more antivirus engines as finding something malicious. Usually the false-positives are reported to these vendors and they fix their false finding within a day or two. In my long experience with running Process Explorer over thousands of computers, if what is reported is 1/x or 2/x, then it is always a false-positive report. Unfortunately, one or two antivirus engines will almost always report legitimate, non-malicious processes as malicious. Most of the things running on your computer will report something like 0/70, indicating that none of the 70 antivirus engines are finding what you report as malicious. Process Explorer runs every active executable’s and process’s hash result against Google’s VirusTotal database and reports how many antivirus engines flag each instance as malicious. This rules out malware, just in case my patch issue was a false-negative coincidence. This has happened to me two or three other times before where my Microsoft Office apps locked up and ground to a halt because some patches were trying to apply themselves.Īfter the patches applied, I ran Microsoft’s free Process Explorer with the VirusTotal option enabled, as I always do after my computer is running slow or acting funky. I rebooted it, and then I saw some previously unannounced Microsoft Office patches automatically applying. My computer was acting slow and funky, especially when using Microsoft Outlook. My recent experience is an example and can serve as a warning to others. ![]() They often succeed by using scare tactics and misleading information. In a world where the top search engines try their best to filter out the chaff, scammers still do their best to encourage victims to install unneeded and sometimes malicious software. Scammers and adware purveyors have long used the helpful nature of the internet to get more victims. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |