I was using Comodo and Malwarebytes virus/firewall products side by side
I was on Facebook and I have now got a virus, the symptoms are:
i) It has completely disabled Malwarebytes. I downloaded it again and reinstalled but program still won’t run
ii) It won’t let me do a system restore to any previous date
iii) It won’t let me update the Comodo virus database, so when I do an update Comodo doesn’t update (I get - check internet connection and try again at a later date) although I am connected
iv) It keeps trying to make IE my default browser rather than Firefox that I am using
v) It keeps doing a refresh three times consectutively every minute, so it deselects the browsing window and I am unable to type until I reselect the browsing window
vi) The computer takes an age to shut down and says that the Program A or Program ONZ is not responding (I don’t know what either of these are)
what do you have installed in CIS ( suite, AV, Firewall, etc) and what settings do you have turned off or on in comodo. Did you get any popups from comodo when it happened and how did you answer them?
I have the suite installed
Anitvirus is on stateful
Firewall is on safe mode
Defense+ is on safe mode
Sandbox is disabled
Pop-up came up with something like Windows is trying a hook or similar - I blocked it.
was that the only pop up? I also want to know, why did you turn off the sandbox?
Yeah that was the only pop-up and the sandbox has always been off, from the time I installed it, I think. I don’t ever remember turning it off. I’ve turned it back on and it immediately gave me a message do I want to run ONZ.exe in sandbox.
Forgot - one of the other symptoms is that if I type in an url, firefox takes me to a completely different site like scour of similar and not the url I want to go to. If I double click on the back button of the browser, it takes me to the site I want to go to.
sounds like you might have gotten a rootkit. FIY: the sandbox gets turned on automatically, the only way it gets turned off is if you do it. To fix the computer do this, go here download the iso, burn it to a cd, boot from it and make sure your computer is hooked up to the network with a wired connection. Then do a complete scan and do what it recommends, disinfect what it can and delete what it needs to.
download here Index of /rescuedisk/updatable/
Thanks for your help. I downloaded Kaspersky anti virus and it immediately detected a rootkit. Unfortunately it had to uninstall comodo. Will complete a full scan using this then will re-install comodo.
good to hear. But to truly remove that rootkit use the bootable CD I provided, that is the only true way to remove a rootkit. Next time please install Comodo completely and keep it in stock setting without turning off anything.