Thanks for looking in, Long time Zonelabs user, recently switched to Comodo for a year now.
I picked up a virus or malware. Comodo caught 2 of them and quarantined them. However the damage is done.
I have my Driver disc and Win install disc setting atop my desk. Although I did not want to have to (0 zero) out my computer to scratch.
My IE Browser when clicked Gives me a blink and does nothing. As though it opened and closed instantaneously. I went over to System restore to take my computer back 90 days. After going through its Himme Himme shake, I get a pop up says no Admin rights.
Been over to the start, run and made sure my admin rights are on, it is.
I have Comodo firewall and virus latest updates
Also running Comodo system Cleaner
Currently with scans says clean, but my computer is not fine
The virus it caught was:
malware@221aozo31opiw
trojware.win32.trojandropper.bat.fp@17266960
I also installed SpyHunter 4 trying to track these things down. That found doubleclick.net cookie in my settings and documents. Could not find the proper way to remove manually. From what I gather it is a tracking cookie and even after removing it, chances are I will just get it again.
(I did 'just" instruct Firefox to NOT go to that site)
My Firefox works fine, but now when I open my hotmail I can see there is a browser virus that is “hanging out in there somewhere” My Browser is loading slower and I am waiting for that virus to implode or explode where I will get more and more Blue screens. (Currently enjoyed 2 blue screens)
I am running:
Dell Inspiron 530 which came with vista and I removed and replaced with XP home a couple years back
Service pack 3
My computer has been swift and virus free until about 90 days ago when I got a friend request from a forum through yahoo or it was in a zip file that Comodo said it caught from an E Commerce wholesale place. I did send the report to Comodo yet I cannot find any info on those two viruses above. As well as my pdf printer keeps getting removed and my printer installer is not working when i ask it to find my printer that I know the program is installed.
I hope this was descriptive enough for some help. I was thinking it was left overs from the damage the malware created. I wanted to uninstall IE 8 from my computer but that is not as easy as removing an installed program.
Regards and thanks for your help in advance
.net.com
First, please read this section of one of my articles to ensure that you don’t still have an active infection. Once you’re sure that you don’t still have an active infection, then we’ll start worrying about how to fix any damage.
Also, I’ve got to ask, how did you get infected? What was your configuration and how did you answer any alerts?
Thank you for replying- I either got the virus from a friend request through Yahoo which was a reply from a comment I made on a forum.
Or it was from a Zip file from a wholesale rep from Wholesale top 10.
The Yahoo thingy was weird because once I OK’d communication from that person, I started to get chat windows to open in my system tray. That is when I figured I got Virused.
The other was the Zip file I downloaded and then scanned with Comodo and was instructed there was a Malicious adware or virus, so not recall exactly. I Quarantined it and then cleared it in Comodo’s report area.
Ever since, I have been having ghosts in the machine!
Currently downloading Kill switch and read your link-Thank you.
I will install and see what goes from there.
As of now; Comodo and spy hunter say I am all clear, but as mentioned prior, my PDF Printer I have re-installed 3 times is not available. (even if I open the program before commanding a print) My IE is hosed and who knows what is next?
Thanks again for the help and links, I will sleuth through the Windows link for getting rid of almost any problem, as that would be better then Re installing my O.S and Ddrivers and then… everything else I use.
Best
.com.net
I unzipped Killswitch and parked it in a folder named Killswitch opened the exe file and it seemed to open fine. I clicked or ticked the “Hide safe applications” I attached a BMP view of it. You will only see that my screen capture device was running and it states “analyzing” I hope this means I DO NOT have a virus anymore?
No I have not Bored now…I will though. I am not sure how it would know if anything was altered. As I just installed this and my problems started a month ago
To Borednow
Here are some screen capture of these things I found after your suggestion. I have no idea what they mean or if repairing them is necessary or advised?
under Processes (35) (see first pic)
Name
hpzipm12.exe 508 [ nt authority\system pml driver
usbtip.exe for Pinnacle my editing studio software
Under Tools and Repair (see second pic)
Global profile:
I have a change next to Hosts…I do not know what that means.
Under my Users (see 3rd Pic)
I have a disabled under EXE file
the host file seems to have been changed. this can cause random redirects and slow internet. have killswitch repair it. exe disabled means something (usually malware) has disabled running exe files. also have killswitch repair it
i know your response was to borednow but i thought i would help
I did as instructed–let KS repair, no luck with IE.
I also tried using CCE and it asks to shut down my puter and I do, it reboots; but I did not see any scan commence?
Its easier and faster and most secure to reinstall, than to describe and write until others may find the “solution”, which is, in your case for multiple problems or damages
Somehow you should also check in the future, that you dont do wrong decisions. Like a decision that let comodo be not effective in that situation:
-You got a “friend invite”/initiated communication= infection (this should not be possible if you have defense+ enabled, and if you didnt gave a bad answer for something). Keep all programs up to date.
-Loading a zip and scan it, lead to quarantine= infection (this shouldnt be possible at all, and same as above)
A very good and fast second opinion is malwarebytes antimalware free version (especially for cases when others find nothing).
An accurate full scanner for second opinion is emsisoft antimalware free (a-squared free).
I agree clockwork, but I could not uninstall IE—It it still there? (DO you have step by step on how to?)
Win Xp Seerv pack 3 ie 8
I also am losing installed PDF printer too. That I unistalled and re installled. My system restore although on, does not have admin rights to execute.
Although my user does have admin rights.
My Comodo is running in Paranoid mode and I read each and every executable. I attached a pic of configurations of Comodo. When ever I go to activate the other tabs the one that is currently active No longer shows active next to it. I uninstalled Comodo and re installed and left it as suggested on install. Got updated everyday if there is an update.
I never had a prob with Zlabs but my genius bro told me that comodo was better because it is a smaller program. But here I sit with a half way hosed computer. About ready to pope in my OS disc and start over. Not that it was Comodo or zlabs it just so happens Firewall let it through. Trust me when I tell you that I can everything before opening. EVERYTHING! (Right click and scan)
I spoke about, re-installing the operation system is easier and faster and more secure
You would be ready allready, and most probably safe from damages and virus. (Apart from very nasty ones which survive a reformat-reinstallation.)
Comodo is a good program. But if you dont know what to do exactly in any cases, paranoid mode could be not the right choice for you.
Example: When you are not at the computer, and something automatically happens, it will be blocked. No matter if it has been a system process that tried to “restore” or whatever.
You got an “infection/malfunction” WHILE you used paranoid mode. Hey, why not trying safe mode then?
Because, if you get infected with paranoid mode, then you did something wrong. Or if you have a malfunction, too.
And while safe mode is not 100% protection in any cases, it would reduce at least the possibillity for you to make mistakes
I used paranoid mode for years. Now i use the safe mode and an antivirus of my trust. I would switch back to paranoid only, if i would have to use no antivirus guard or a bad one.
Your brother did a good suggestion, but you did a choice in the settings which isnt your all day cup of tea.
Also you should concider to make a new rule set for comodo. To avoid getting the same malfunction again, if that was the reason.
But with safe mode you will be surprised. Choose the proactive-configuration before you make your settings! And use an antivirus/the antivirus part.
Look through each window of comodo settings. And i wish you good experiences with a good program
Perhaps you are right Clockwork. I did say in my first post. The OS disk and Drivers are on my Desk. I just hate to try and redirect all my work from another drive. I am medium with these computers. Not really that advanced.
Like using Comodo and understanding it. The program has no instructions or drop downs in the configurations. Just options to turn on, off or toggle the other; on. No explanations. I am sure most get it but I do not, hence the medium and not expert or advanced.
For instance you mention using the firewall and then get some virus protection.
Comodo is supposed to be a security suite like ZL was and now you make it sound as though I need something else. As it stands now, I have Kill Switch, the Comodo suit and CCE=4 things to use instead of one suite. I guess I will dump the OS and re install and go back to ZL for a all in one type deal.
Is there anything I need to know before popping that OS disc in my puter?
I cant recall, I did it to this puter when it came 3 or 4 years back with Vista and I dumped that Pig of an OS for Win Xp.
oh and it is not always operator error, I have a Wordpress site that goes haywire with an update, not my doing. That is a web based program.
In each window is a link to the related page in the manual. You even dont have to search the page yourself
You try hard to misunderstand my words . You can use comodos antivirus for that part if you want. I spoke in general, or about what i do.
Just as an example:
I used only an antivirus for years (and a basic firewall for the internet traffic). Then i used a sandbox additional. Then i added comodo defense+, and choosed the firewall with it.
These are the things that you “need”. You will never be free of having to be cautious.
I dont need killswitch or cce usually/at all, because i dont allow infections to happen.
Choose what works best for you. I would choose comodo firewall and defense+, because it does work for me.
You should know what you do. That is what you need to know
We dont speak about allways, we speak about possibly.
Btw, what makes you sure that changing to zone alarm would change your situation?
