Comodo exploited by a heur.pckr.FSG ?

Learn about Computer Security Virus/Malware Removal Assistance
#1

Hi!

I was using Xp a about a half of an hour ago when i observed that the system lags, and i check the CPU usage it was commodo-s cmdagent what eated the CPU, I thought its just an anomaly or something, but the system got slower and slower, and it froze after a while totall. I restated the machine, and afer the restart the CPU usage was the same high, i made a screenshot about it:

http://img80.imageshack.us/img80/9748/cmdi.jpg

I watched it a bit, until the system froze again totaly. After that i rebooted on Win7, and i stared searching on B:( its the Xp volume ) with nod32, but it didnt find anything, but an alert came up from comodo

http://img101.imageshack.us/img101/5751/comodo.jpg

As nod went through that file nod showed his alert box about heur.pckr.FSG. I thought had removed this bastard two days ago, when i had been aslo working on XP, and comodo gave me an alert, and i deleted the infected files. The comp worked 2 days without any issues,and suddenly this error appeared from nowhere. Its the same file and maleware i have removed two days ago, and not that time, nor meanwhile have my antivirus sofwares(Avira on Xp, and Nod on Win7) altered me, and i havent had any problems with my computer too.
What could be this stuff? May i have a backdoor or a downloader on my Xp?

Seeing that graph i linked it seems for me that an exploit has ruined my firewall on Xp, and there have to be more malwares hiding, beacuse as far as i know .pckr means a shrinker, whats usually isnt a standalone malware.

Do you have any suggetions how could i make sure that i have removed all malwares?

#2

run the virus scanners in “safe mode” do it in safe mode so it doesn’t come back

turn the computer off
turn the computer on
the second you turn the computer on keep hitting the “F8” key untill a new screen comes
when it does
click on safe mode
run the anti-virus programs there
now restart the computer and your done :slight_smile:

P.S. if you can, :slight_smile: It’ll only take a minute
click on the comodo icon
go to “miscellaneous”
click on “subit suspious files”
locate the possible malware
and send it. That way comodo can study and nobody else will have to suffer situation :-TU

#3

Earlier today there were a couple of AV updates making cmdagent on systems go haywire. It would totally hog the computers it was running on. Check out this topic for a workaround: https://forums.comodo.com/feedbackcommentsannouncementsnews_cis/workaround_for_the_99_cpu_problem_with_the_latest_virus_db_updates-t46150.0.html .

#4

I dont know, if an AV update should be the cause, there isnt something alright in general. My desktop icons disappeared on Win7, and i dont know how to get them back, also sometimes some letters arent that what i key in. For example if i key “ő” it appeares often as “Q” on the display. I have never seen such, what the heck is this?

#5

Please follow What to do if you’re infected - eXPerience Rev.3 and report back as requested.