So i was online, and my wifi disconnected. I reconnected the wifi, and then clicked to open firefox, but it wouldnt open, then i clicked to open comodo, and it wouldnt open. task manager wouldnt open either, and the mouse froze. I then restarted the computer, and it said ‘‘updating your system’’.
I just now looked at comodo, and a bunch of things were blocked all at the time before i restarted the computer. here is a screenshot.
I’m curious if your Avast, Synaptics, and Malwarebytes programs are set to auto scan or auto update? Also, are those specific exe’s shown in the d± alert trusted applications in the file ratings section?
i thought synaptics was just the mouse, how would it update? I dont understand your second question? I dont have malwarebytes set to auto update, but avast autoupdates i think…it often updates virus definitions by itself. i actually uninstalled avast last night and installed CIS…but does it look like i was attacked? it was weird, my internet went off, then i signed back on, and my computer froze, task manager didnt work, and then i restarted my computer, and it said updating windows, and then everything worked fine, but that screenshot showed blocked intrusions.
The Hps was set to safe mode.
In the unrecognized file tab, i only had one item but it was from a month back, so isn’t the cause of this. It’s weird synaptics is always blocked too. it will randomly get blocked either one time or multiple times. IDk what happened though, I was on the internet for an hour or so, and then it got disconnected, i connected again, and then everything froze, and task manager didn’t work, and these intrusions showed up i then had to restart the computer, and it said ‘‘updating windows’’ although i dont see any history of an update. Do you think a hacker installed a virus outside of windows? is reformating my only option here?
You can try using a tool such as Advanced SystemCare or CCleaner to identify registry errors and / or also optimize performance.
PS: pay attention at installation time and look customize the installation to not install any bar or have some change in your browser.
are you suggesting what i described sounds like an infection? i did a scan with malwarebytes that found nothing. Regarding the update links, I wasnt worried there was a problem with an upload, i was more so concerned that maybe since the computer froze, and i restarted the computer AND THEN when i rebooted it said updating windows, that it was actually a hacker updating malware onto my operating system?
alright thanks. killswitch shows zero untrusted processes. When i ran comodo cleaning essentials, it didnt ask me to update the database. i remember it used to do that. how do i know if it’s working properly. one other weird thing is i turned it on, and left my computer, and i came back in 20 minutes and it was not running lol. i did a full scan, but it wasn’t running.
i follow your advice in normal mode not safe right?
When you use the option through the CIS, the CCE uses the current database.
See the Help> About.
For example on a machine that I do not have the CIS and downloaded the version of site:
Once started it checks for updates.
If I want to check manually I use the “Check for updates” option in the Tools menu.
I believe that you can use in normal mode, you also have the option of running a rescue disk to detect threats without using the current system.
For specific difficulties in CCE open a new topic here.
it says in my downloads that i downloaded tdss killer in april. if i submitted a file to comodo how would i know if im submitting the one that cce detected and not the safe anti root file?
can you explain more when you say false positive? do you mean that a lot of people are seeing false positives with the kaspersky tdss killer? If so that gives me hope.
btw, i had geekbuddy help me remotely, a few days ago, i dont know if that could cause it anyway.
‘‘Kaspersky TDSSKiller will scan your computer for some of the most common types of rootkits. I’ve found it to have relatively few false positives and a very high detection rate. By the way, some scanners, including Comodo Cleaning Essentials, may detect this file as a dangerous file. It is not. This is a safe download link. If it is flagged as dangerous you can safely ignore the detection. As with every program in this article, I recommend that you do not quarantine any files using this program. A false positive on the wrong file could destroy your computer, even if you’re not infected.’’
TDSSKiller is digitally signed. Check its signature. If the signature is valid it is the original file from Kaspersky. You can then safely assume CCE is giving a false positive.
It sometimes happens that av scanners see other scanners as potentially malicious. The fact that it is packed sometimes also adds suspicion by a scanner to the equation. It gets flagged with UPX in the malware name. UPX is an open source compression technology that also gets used by malware.