So I got rid of mcafee…been meaning to for a while now…and downloaded avira and comodo.
Now, comodo is reporting that an application with no name is trying to take a screenshot of my computer. It says “[blank] is trying to access the screen directly…” and when I pull up my task manager, the only one with a blank description is csrss.exe (I have two csrss.exe’s running).
I tried googling and it doesn’t seem anyone else is having this problem. I did however find this:
csrss.exe is a normal running program. It is part of Windows and is not a virus or anything. I run Avira Premium 8 and Comodo on 2 machines with no troubles what so ever. What program are you denying access to? Did you tick off “remember”? DId you block your snipping tool under D+?
I don’t know what program I am denying access to. It comes up with no name at all. And I don’t believe I blocked my snipping tool, I haven’t messed with that at all. And yes, I clicked remember, but it keeps asking me anyway. Every 10 seconds it asks me…until I click to allow then it takes about 10 minutes before it asks me again.
This might be over my head. I have not downloaded any executables though from the internet unless they’re KNOWN good programs like comodo or avira, or have like huge amounts of good reviews and are trusted.
Could you get something like this from a Flash animation?
Yes it can be a virus.
It depends where it is stored it should be in C:\Windows\system32
Copy from website
If a process named csrss.exe is running on your computer, you may have been infected with a strain of the Ahlem.A worm.
csrss.exe is considered to be a security risk, not only because antivirus programs flag Ahlem.A Worm as a virus, but also because a number of users have complained about its performance.
Ahlem.A Worm is likely a virus and as such, presents a serious vulnerability which should be fixed immediately! Delaying the removal of csrss.exe may cause serious harm to your system and will likely cause a number of problems, such as slow performance, loss of data or leaking private information to websites.
CSRSS.EXE - Confusion
Csrss.exe is the Microsoft client server runtime which generates worker threads for client requests. The confusion over csrss.exe comes from Trojans or viruses that use the same executable name (.exe) as that of csrss.
Many spyware/malware programs use filenames of usual, non-malware programs.
The legitimate csrss.exe is part of the Microsoft client server software and is a very important part of the system which should not be removed.
From the screenshots I presume you have Vista I have two csrss.exe running both together at the top.
Do not try to shutdown them in the task manager as the website suggested this only works for XP.
I tried and got a BSOD