Problem with "fedcbaqpon.exe"

[Guest]

[Stefano BZ]

Hello,

I use Comodo as spyware, and lately it asks me if a lot of programs are authorized to access the net, like Internet Explorer, svchost application and more. Comodo says, e.g. with Internet Explorer:
C:\WINDOWS\system32\fedcbaqpon.exe has tride to use iexplorer.exe through OLE Automation, which can be used to hijack other application. fedcbaqpon.exe might be using iexplorer.exe to connect the Internet

With other programs, already authorized defenetively in the past  to have access to the net,like for example Microsoft Messenger:
C:\WINDOWS\system32\fedcbaqpon.exe has modified msnmsgr.exe in memory. This is typical of Virus, Trojan and Spyware behaviour
 
I made a scan with Adware but it didn't find anything, I looked for the file with Search function of Windows, but it doesn't find anything and I even looked for info on Google and other searching engines, but nothing.

Is it truely something or it's just a bug of the programme???

[zurst]

I think you can submit that .exe to the people working on Comodo Antivirus / Comodo Anti-malware

Another tip is use Firefox instead of IE

[Stefano BZ]

... The problem is that I don't find the .exe file on my computer!
How can I submit it to Comodo programmers when I cannot find it by myself?

As I already wrote in my previous message, I tried to find it in the path Comodo told me, but once I was there, there wasn't any file like that, neither hidden.

[zurst]

Mmm this seems to be serious, try this --> http://www.adstools.net.nz/

Or maybe a rootkit remover . . . I'm not sure about this, try antispyware/malware comodo forums.

Mmm try to locate the "strange process" using:

Dtaskmanager --> http://dimio.altervista.org/eng/

Or MS Process Explorer --> http://www.microsoft.com/technet/sysinternals/utilities/ProcessExplorer.mspx

I hope something will be useful

[N.T.T.W.]

You could also try downloading agent ransack:

http://www.mythicsoft.com/agentransack/

this is fantastic free search utility that is handy for finding those files that are difficult to find with the built in windows search tools.

 

[Stefano BZ]

I made a search with File Locator Pro, and I found this programme in the system32 folder. In the properties nothing appears, so I don’t know if this is Windows regular file or not.

Anyways I solved it in part... I made "run" and wrote "msconfig". I went in the “Start” window and there I found this .exe, that used to start every time Windows starts.

I unchecked it so that it doesn’t start, and now Comodo doesn’t write me anything anymore.

So the problem is solved now, partly, but I still have this doubt about what that file is, since also in the internet I couldn’t find any info about that.

[N.T.T.W.]

Now that you know the location of the file you could also add the file to the application monitor in CFP settings with a block rule. This would make it easier to submit the file to Comodo also.

 

[Tags:]