Vista
C:\Windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6001.18000_none_b95403151f989ff3\unsecapp.exe
C:\Windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6002.18005_none_bb3f7c211cba6b3f\unsecapp.exe
C:\Windows\Prefetch\UNSECAPP.EXE-A02905A6.pf
Thanks. That's right on point, Nergal. Same thing started here, maybe I know why the different date.
I watch process explorer pretty closely, am quite sure it was not starting before the 16th.
Avast tries to run a bunch of stuff that i don't need (Grime Fighter, Browser Cleanup, maybe others i forget).
Before the 15th I had always blocked them until I had Powershadow running, but that day I let something connect, just don't remember what, and the next day there is unsecapp autostarting.
So it probably is Avast. When time permits, I'll rename unsecapp.exe and see what happens.
There don't seem to be any objectionable outgoing connections, so no rush, afaik.
Hi, Kroozer. Where you been? None of my business, I know, but you were missed.
Thanks for the info. Have not been on win 7 or 8 for a long time, will check them out also.
Edit: Kroozer, are the Vista & win 7 computers running Avast?
Collisions can be generated with MD5, so a hacker can replace one portion of code with his own version to do what the hacker wishes,
and yet the MD5 checksums will be identical
it is trivial to generate collisions using nothing more than algebra. SHA0 and SHA1 are also broken, although unlike md5() no one has generated a SHA1 collision, but it is believed to be computationally feasible with our current technology.
If AVAST is a proper security company then it ought to provide SHA-2 (or better) hash checksums ( which Nirsoft HashMyFiles also handles )
though SHA-1 is probable good enough for now unless a powerful government body (you know who I mean) wants to fake something.
MD5 is perfectly good for indicating an extremely high probability than a file has NOT suffered a random error due to an Internet transmission or Disk connection,
BUT is considered to be BROKEN and should NOT be trusted by any security company.
i was also worried about this, turns out for me that unsecapp.exe was started with system monitoring on ccleaner. when i turned of system monitoring unsecapp was also closed.
Hi, You can now download v4.18.4844. This version allows for easier control of the new Active Monitoring feature. Active Monitoring can be disabled by: 1. Open CCleaner, then click Options > Monitoring2. Disable System Monitoring by unticking the box next to "Enable System Monitoring"3. Disable Active Monitoring by unticking the box next to "Enable Active Monitoring", and click Yes when the confirmation box appears