comodo did its overnight scan and i came back and pressed clean for everything and it says “Not all threats have been removed!” (theyre all checked and none got removed)
help?
Can you please find these files and upload them to both VirusTotal and CIMA and post a link to the results?
The first thing to do is to make sure that these aren’t false positives.
Hi, one of the files have the location of “C:\System Volume Information_restore{47E7117B-18F3-4A10-B47C-105BED1BFF9B}\RP150\A0035312.exe”
the others being 35313, etc. There are about 7, and if you browse C: I do not see a folder named “System Volume Information”.
EDIT: There are 5. 312-316
Have you had an infection on your computer before? The locations of those files indicate that they are probably in the restore points.
Just to make sure can you please follow the methodology given here and let me know what you find?
Yes I did have a virus previously, and I did have to reformat. I don’t know what happened, but out of nowhere every single .dll and .exe on my computer was detected as a virus from comodo, thinking it was just some i kept cleaning, and after 5 I realized some of these were programs I knew. I did a scan and in seconds hunreds of infected files were found… I still don’t know what it was or what happened but it forced me to reformat, it was really freaky.
I will go try that link.
Upon trying to run the .exe for the comodo cloud thingie, I got this error:
Recently there have been many problems at times running many programs, from them working fine minutes ago to not working, and then a quick restart would allow them to again work. I’ll try rebooting soon. I’m just finally realizing how scary this is. :<
edit: a re download worked… don’t know how it could have been damaged but now it’s installing.
Please read this portion of my post. If these aren’t enough then you may need to read through the rest.
If these scanners don’t detect anything then it’s probably some sort of false positive for Comodo Antivirus.
Hopefully it’s nothing serious. By the way, what does Comodo Antivirus detect these files as? If you could take a screenshot of your antivirus events or scan logs that may be useful.
Ran the installer for each, allowed every request, and they both keep crashing.
I clear my junk files daily and I scan using MWB weekly. I’ll try SAS now.
By the way, you should run Emsisoft Free Emergency Kit from a USB if possible.
Also, what security programs do you currently have installed?
In addition you can use an AV Rescue Disk if the programs I recommended still won’t work. By this I mean they won’t install or scan correctly. The method I described for making a bootable disk/flash drive should work, but let me know if it doesn’t.
By the way, can you please show me this
Shocker?
Please elaborate on what you want me to show you… what file do you want to see detected by comodo?
a2emergencykit.exe crashed too =s
I want to know the names they are detected as.
As an example it could be Trojan.xxx or heur.suspicious or backdoor.xxx? The names of the detections may help to find out what type of infection it is.
Also, please try running the Emsisoft tool from a USB. It should be able to scan, just download it on a different computer if possible. The same goes for the Rescue Disk if you need to use it.
Is this what you are asking for? Also what is a “USB”?
Sorry, what I really meant was a flash drive. You can also use a cd or DVD for the same purpose.
By the way it would be very useful if you could answer this
Also, since I assume you have CIS or Comodo Antivirus can you please tell me how you have it configured.
Also, have you removed any files using an antivirus, and if so where were they located?
As of late pretty much all files were the same as these but removeable.
I have comodo firewall/antivirus and no special configurations, just the basic things from when you first install it.
I suspect you have something nasty on there, I suggest running a bootable AV, first off go to a clean computer and download kaspersky rescue disk http://rescuedisk.kaspersky-labs.com/rescuedisk/updatable and burn the iso to a cd, and making sure your computer has a wired internet connection boot from the cd and update it, then do a full scan, disinfect what it can and delete anything else if finds. Then reboot and try running those tools again.
sigh atm i dont have another comp to do that with so can we focus on what I can do on this comp?
and right now comodo just sandboxed a \system32\nwiz.exe file?
for it to sandbox a sys32 file it must be infected im guessing…?
also another symptom of all this BS is random force restarts… before i went to double click CCS setup and before anything else, after 2 clicks, force restart -.-
Also this new version of comodo is weird… in defense plus tab you could see blocked files in the click of a button & now you cannot. it’s possible ive blocked certain things wrongly and may be affecting some programs to not work, and I can’t even check? ■■■■…