COMODO problem (1 Viewer)

Peewit · Jul 5, 2009

Hi there

I would like to ask a couple of questions about my Firewall. I am using Vista.

I have just uninstalled Zonealarm, and replaced it with COMODO Firewall.

A couple of days ago, I switched on my PC, and found an COMODO icon stating that it had found a ‘bug’ in my PC. I scanned my PC with Malicious Mail nothing. The same applies to AVG. It has not up picked anything malicious. So I still remain puzzled as to what this ‘bug’ is and where it is hiding in my hard-drive.

If I go into COMODO Firewall program and check my ‘Firewall Events Box’, there is a continual repeat of the same executable program running all of the time
The program clears itself each time, I switch my PC off the program goes away. When I turn it on it comes back in endless lines of repeating information, on and on…….repeating itself.

I had a look at my 'Firewall Events' listings and this is what I see

C:\Program files\AskBarDis\bar\bin\AdService.exe (just lines of this same file)
Action: Blocked
Source IP 0.0.0.0.
Destination: Just repeats the same lines of information
Date/time: Repeats the same lines of information

Can I ask for someone’s words of wisdom if this is a valid program or not. If it is, I will unblock it. If it is ‘the bug’, how do I know it is, and how do I get rid of it from COMODO.

I cannot see an area in COMODO to delete listed unwanted ‘spam’.

Can someone enlighten me about this matter, please. Still a novice with COMODO

Greatly appreciated in advance
Kathy
x

Howard_Hopkinso · Jul 5, 2009

C:\Program files\AskBarDis is an undesirable programme.

Please go to add remove programmes and uninstall it if you can.

Then, delete the following bold folder.

C:\Program files\AskBarDis

I also advise you to follow the instructions HERE and post the requested log files once done.

Peewit · Jul 5, 2009

Howard_Hopkinso said:
C:\Program files\AskBarDis is an undesirable programme.

Please go to add remove programmes and uninstall it if you can.

Then, delete the following bold folder.

C:\Program files\AskBarDis

I also advise you to follow the instructions HERE and post the requested log files once done.

Hi Howard

Thank you for your prompt answer

I have managed to go into my C: Drive and find the offending file.

I tried to delete it and this is what I get message wise:

'Desination folder Access denied'

So I cannot delete it - wonder why it tells me that - maybe because it is blocked via the Firewall.

What do I do next?

Howard_Hopkinso · Jul 5, 2009

Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.

Now see if you can delete the folder.

If you still can't delete it, please follow the instructions in the link I gave you.

Peewit · Jul 5, 2009

Hi Howaqrd

I also have had a look for Add/Remove programs and I cannot see the area.

Is it usually in the 'Control Panel' area? in Vista

Howard_Hopkinso · Jul 5, 2009

Maybe THIS will help.

Peewit · Jul 5, 2009

Howard_Hopkinso said:
Maybe THIS will help.

hi Howard

Right I have found where the Add/Remove Program listing is, knew this already. Just the way Vista sets up its fancy approach to programs/icons

No, it is not on the Program listing (unless it is under another name )

So it will be go into safe mode next?

Peewit · Jul 5, 2009

Hi howard

I have gone into safe mode, went into my own Program files in C

rive, and I got rid of this file and removed it from my recycle bin too

whew!.

I also advise you to follow the instructions HERE and post the requested log files once done.

So it wiill be this next to see if all signs oif the bug have been removed for log file output.

Howard_Hopkinso · Jul 5, 2009

That's good news, though I'd still like you to follow the instructions in the link I originally gave you and post the log files. That's because I'd like to check to make sure you don't have anything else lurking on your system that shouldn't be there.

Peewit · Jul 5, 2009

hi Howard

I had a look at your listing - I have a print out.

Can ask about the main programs I require that run along with the instructions - sounding a daah here?

As I have Vista. What are the most relevent ones to use. I have COMODO as you know and I see that there is a clean up tool that you mentioned.

Malewarebyes
COMODO (Firewall)
AVG (virus)

These are the main ones I have, though I have used the Hi-Jack program in the past too and have the icon on my desktop.

Is it safe to use Hi-Jackthis?

Are these programs enough for 'top notch' check of my system?

Kathy

Howard_Hopkinso · Jul 5, 2009

Since you already have Malwarebytes, just the RootkitBuser(checks for rootkits on windows vista), HJT and Ccleaner programmes are required. Ccleaner is a programme for getting rid of junk files off of your system and isn't an antimalware application.

HJT is perfectly safe, but you should make sure you follow the instructions for renaming it and make sure it's the latest version and it's located in the correct place.

The instructions tell you what to do and when to run each programme. At the end you will have two log files, a HJT log and a Mbam log.

Once I have seen those, I will be able to advise you further.

Peewit · Jul 5, 2009

Howard_Hopkinso said:
That's good news, though I'd still like you to follow the instructions in the link I originally gave you and post the log files. That's because I'd like to check to make sure you don't have anything else lurking on your system that shouldn't be there.

Hi Howard

Can i ask if it is worth running COMODO BO clean? What does this do?

Anyway, that is what I will do now, and I will send results via PM to yourself.

If i am stuck i will ask questions (knowing me

)

Howard_Hopkinso · Jul 5, 2009

COMODO BO clean is an antimalware scanner and by all means run it.

However, it's the Malwarebytes and the HJT logs I really want to see in addition to the results of the Rootkitbuster scan.

d.steeley · Jul 5, 2009

Hi Kathy can you post the log files on the forum as I and I suspect plenty of BF members will be following this thread with interest.

Dave

Peewit · Jul 5, 2009

Results.

Hi Dave

Great to hear from you. :t:

Howard I have posted my results here if that is all right with you. :t:

Yes, no worries, Dave. This is the Log file from Malwaresbytes. This was a full scan of all the associated 'ticked' drives (better to tick all) Scan took one hour 15 mins altogether.

Malwarebytes' Anti-Malware 1.38
Database version: 2X77
Windows XXXXXX Service Pack 2

05/07/2009 21:50:13
mbam-log-2009-07-05 (21-xx-13).txt

Scan type: Quick Scan
Objects scanned: 1
Time elapsed: 5 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

I have also got the result list for 'Hijackthis' is working, but it is refusing to download results onto Notepad at the moment.

Something else to sort out until I get it right.

I will get there in the end. Give it another try tomorrow.

:t::t:
Kathy

Peewit · Jul 5, 2009

hi Dave

I may not download the Hijack program logfile as there is too much 'private' information on it.

i will post to you as normal to you Howard instead.

I will see how I feel.

Howard_Hopkinso · Jul 6, 2009

A clean Mbam log if very encouraging.

I've seen thousands of HJT logs, so don't worry about info that's contained in it, I assure you there's nothing of any use to anyone else.

All a HJT log contains is the running processes etc. This helps to see exactly what you have running on your system and if anything is found that shouldn't be there, we can take steps to remove it.

Peewit · Jul 6, 2009

Howard_Hopkinso said:
A clean Mbam log if very encouraging.

I've seen thousands of HJT logs, so don't worry about info that's contained in it, I assure you there's nothing of any use to anyone else.

All a HJT log contains is the running processes etc. This helps to see exactly what you have running on your system and if anything is found that shouldn't be there, we can take steps to remove it.

Hi Howard

Thank you for your reply

Okay I will post HJT Log here also.

Pleased that the Mbam log is error free. It is sounding good at the moment. :t:

Will let you know about the other programs that are run when completed

:t::t::t:

Peewit · Jul 6, 2009

Hi Howard

I am a slight hiccup in HJT.

I am getting a message each time I try to download HJT Log file.

I have sent picture for you attention. Can you tell me what it means.

It is although it is something to do with administators access rights?

MMMM.................
.
Kathy
x

Howard_Hopkinso · Jul 6, 2009

That message is from HJT and simply means it can't change the content of the host file.

Just post the HJT log, then if we do need to alter the hosts file, I will show you how.

COMODO problem (1 Viewer)

Once a bird lover ... always a bird lover

Malware Removal

Once a bird lover ... always a bird lover

Malware Removal

Once a bird lover ... always a bird lover

Malware Removal

Once a bird lover ... always a bird lover

Once a bird lover ... always a bird lover

Malware Removal

Once a bird lover ... always a bird lover

Malware Removal

Once a bird lover ... always a bird lover

Malware Removal

Well-known member

Once a bird lover ... always a bird lover

Once a bird lover ... always a bird lover

Malware Removal

Once a bird lover ... always a bird lover

Once a bird lover ... always a bird lover

Attachments

Malware Removal

Similar threads

Users who are viewing this thread