Jump to content



Photo

Is this normal?

windows wicait newegg

  • Please log in to reply
20 replies to this topic

#1 Krome

Krome

    Neowinian God!

  • Joined: 29-August 01

Posted 09 May 2014 - 17:42

I went to sleep. I did not have anything running.  Computer is left on without any active application running.  When I woke up, I see this:

Newegg.PNG

 

After I deny it from internet access, I get this:

QABD.PNG

 

Is someone attempting to have access to my computer?  What's "Newegg" has anything to do with Microsoft Compability Advisor Inventory Tool?  Anyone can help give logical explanation would be greatly appreciated.  Thanks.




#2 Dot Matrix

Dot Matrix

    Neowinian Senior

  • Tech Issues Solved: 7
  • Joined: 14-November 11
  • Location: Upstate New York
  • OS: Windows 8.1
  • Phone: Nokia Lumia 920

Posted 09 May 2014 - 17:46

Can you show us a list of the processes running? Watson is a name I haven't heard in a long time. Is this Vista?



#3 +techbeck

techbeck

    Neowinian Senior

  • Tech Issues Solved: 11
  • Joined: 20-January 05

Posted 09 May 2014 - 17:51

From doing a quick search, those EXE files listed in the screenshots could be malware related.  Have you run a scan?



#4 Top Qat

Top Qat

    Neowinian

  • Tech Issues Solved: 8
  • Joined: 09-July 04
  • Location: London, UK
  • OS: Windows 8.1u1 and Server 2012 R2u1
  • Phone: Samsung Galaxy S 3

Posted 09 May 2014 - 17:55

I run Win 8.1 on 3 machines and I have never seen that before.

 

Looks very suspicious to me, I would not allow that to run or install.

Also do a full system scan with a good AV product to make sure your system is clean.



#5 +techbeck

techbeck

    Neowinian Senior

  • Tech Issues Solved: 11
  • Joined: 20-January 05

Posted 09 May 2014 - 17:57

Actually, this is with Windows 7.  Files are located in the system32\CompatTel folder under windows.  I have the same files on my Win7 systems.  Should be OK as long as they are valid MS files.  Some are masquerading as malware tho or could be a false positive.

 

The system32\CompatTel does not appear on any of my Win8 systems. 



#6 OP Krome

Krome

    Neowinian God!

  • Joined: 29-August 01

Posted 09 May 2014 - 17:57

Well, the snapshot is taken from Symantec a/v that was monitoring any suspicious activity and I didn't think I have much application installed.  Here's the processes.

Process2.PNG

 

I am running Windows 7.


Edited by Krome, 09 May 2014 - 17:58.


#7 +techbeck

techbeck

    Neowinian Senior

  • Tech Issues Solved: 11
  • Joined: 20-January 05

Posted 09 May 2014 - 17:58

Well, the snapshot is taken from Symantec a/v that was monitoring any suspicious activity and I didn't think I have much application installed.  Here's the processes.

 

 

See my post above.  Those are normal files with Win7.  Probably a false positive with Symantec which happens every now and then.  Woudlnt worry about it but if you are, do some scans of your system.



#8 Ironman273

Ironman273

    Neowinian Fanatic

  • Tech Issues Solved: 4
  • Joined: 26-October 01
  • Location: Florida
  • OS: Windows 8.1 Pro (Home & Work)
  • Phone: Nokia Lumia 920

Posted 09 May 2014 - 18:00

http://systemexplore...cainventory-exe

http://systemexplore...eryappblock-exe



#9 Top Qat

Top Qat

    Neowinian

  • Tech Issues Solved: 8
  • Joined: 09-July 04
  • Location: London, UK
  • OS: Windows 8.1u1 and Server 2012 R2u1
  • Phone: Samsung Galaxy S 3

Posted 09 May 2014 - 18:03

See my post above.  Those are normal files with Win7.  Probably a false positive with Symantec which happens every now and then.  Woudlnt worry about it but if you are, do some scans of your system.

 

Those files are showing Win8.1u1 version numbers.



#10 +techbeck

techbeck

    Neowinian Senior

  • Tech Issues Solved: 11
  • Joined: 20-January 05

Posted 09 May 2014 - 18:05

Those files are showing Win8.1u1 version numbers.

 

The OP is running Win7.  I can see that folder on every single system I checked so far at work running Win7.  They are normal files and Symantec is probably throwing a false positive.  See attahced

Attached Images

  • Capture.PNG


#11 OP Krome

Krome

    Neowinian God!

  • Joined: 29-August 01

Posted 09 May 2014 - 18:06

Well, it's not about "false positive".  It's more like "why did it ask for internet" and "why does it has anything to do with 'newegg'?".  My browser was not running at the time.  Nothing was running.

 

I see so many response.  Thank you guys for paying attention to this problem.  This is still puzzling tbh.



#12 +techbeck

techbeck

    Neowinian Senior

  • Tech Issues Solved: 11
  • Joined: 20-January 05

Posted 09 May 2014 - 18:12

Well, it's not about "false positive".  It's more like "why did it ask for internet" and "why does it has anything to do with 'newegg'?".  My browser was not running at the time.  Nothing was running.

 

Not sure on that one.  promotions.newegg.com is a valid site and they do talk about the compatibility/upgrade adviser.  Really wouldnt worry about it and was probably running all along. Most likely, Symantec updated and is reporting issues with those files.  My guess is, it will be fixed in another update.



#13 OP Krome

Krome

    Neowinian God!

  • Joined: 29-August 01

Posted 09 May 2014 - 19:37

Thanks techbeck.  Just FYI.  For the past few days, I have been formatting/restoring my PC using True Image.  Why?  Because there's so many odd things happenning.  I had just recently finished formatting my PC yesterday because, I was not doing anything at all, and all the sudden, the CMD window pop up and it was scanning or did something.  Previously, some other odd things happening.  I do not have any malware installed on the PC.  The computer has almost no application installed and yet I see very odd things going on.  I believe I have been a target of government surveillance program.  I have not done anything at all.  Most of the stuff I do is posting stuff on Neowin.  I do not know why I am being targetted.  Very silly and a waste of US government money.



#14 +warwagon

warwagon

    Only you can prevent forest fires.

  • Tech Issues Solved: 2
  • Joined: 30-November 01
  • Location: Iowa

Posted 09 May 2014 - 19:50

I believe I have been a target of government surveillance program.  I have not done anything at all.  Most of the stuff I do is posting stuff on Neowin.  I do not know why I am being targetted.  Very silly and a waste of US government money.

 

paranoid.gif



#15 Dot Matrix

Dot Matrix

    Neowinian Senior

  • Tech Issues Solved: 7
  • Joined: 14-November 11
  • Location: Upstate New York
  • OS: Windows 8.1
  • Phone: Nokia Lumia 920

Posted 09 May 2014 - 19:51

Thanks techbeck.  Just FYI.  For the past few days, I have been formatting/restoring my PC using True Image.  Why?  Because there's so many odd things happenning.  I had just recently finished formatting my PC yesterday because, I was not doing anything at all, and all the sudden, the CMD window pop up and it was scanning or did something.  Previously, some other odd things happening.  I do not have any malware installed on the PC.  The computer has almost no application installed and yet I see very odd things going on.  I believe I have been a target of government surveillance program.  I have not done anything at all.  Most of the stuff I do is posting stuff on Neowin.  I do not know why I am being targetted.  Very silly and a waste of US government money.

Extraordinary claims, require extraordinary evidence.