Author Topic: action center in windows 7 (solved)  (Read 45166 times)

0 Members and 1 Guest are viewing this topic.

Offline Gamezertruth

  • Hero Member
  • *****
  • Join Date: Aug 2012
  • Posts: 1143
  • Karma: 4
    • View Profile
    • Gamezertruth
Re: action center in windows 7 (solved)
« Reply #50 on: August 30, 2015, 09:25:40 AM »
Compare that list with what is in Comodo's quarantine.

EDIT: Also, whatever scanner that was has detected UVK as a trojan.....What scanner is that which you have posted the results for above?

ok so Comodo have detected a Different items and quarantine it so I’m going now to deleted all quarantine’s items and re scanning my system as a test ! (I don't need to keep any file in quarantine )

and the scanner was zillya malware removal tool http://zillya.com/

from here http://zillya.com/zillya-scanner

Offline Gamezertruth

  • Hero Member
  • *****
  • Join Date: Aug 2012
  • Posts: 1143
  • Karma: 4
    • View Profile
    • Gamezertruth
Re: action center in windows 7 (solved)
« Reply #51 on: August 30, 2015, 09:31:02 AM »
I have a new problem with Comodo antivirus (some of program option not display ) it’s gone of the main GUI!

edit : add a screenshot
« Last Edit: August 30, 2015, 09:36:43 AM by Gamezertruth »

Offline Samson

  • Hero Member
  • *****
  • Join Date: Nov 2011
  • Posts: 915
  • Location: London
  • Karma: 38
    • View Profile
Re: action center in windows 7 (solved)
« Reply #52 on: August 30, 2015, 09:32:04 AM »
What if those files in quarantine are important or false positives? delete 'em and they are gone! In quarantine they are doing no harm and can be restored if important.

Why do you insist on using so many "Noname" random virus/ malware scanners? Don't tell me,, you Googled it?  :rolleyes:

VIRTUAL MACHINE! Again

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10181
  • Location: UK
  • Karma: 122
    • View Profile
Re: action center in windows 7 (solved)
« Reply #53 on: August 30, 2015, 09:36:44 AM »
Reinstall Comodo - could that scanner have removed part of Comodo to the point of breaking it ?

What exactly is missing from the GUI ?

The free version of MBAM is an adequate robust scanner - leave those obscure ones alone.
« Last Edit: August 30, 2015, 09:38:28 AM by Boggin »

Offline Gamezertruth

  • Hero Member
  • *****
  • Join Date: Aug 2012
  • Posts: 1143
  • Karma: 4
    • View Profile
    • Gamezertruth
Re: action center in windows 7 (solved)
« Reply #54 on: August 30, 2015, 09:42:03 AM »
no not important and I think it was a false positives

and this laptop is now protected ! i tell you that no more crap downloaded so that’s all

Offline Gamezertruth

  • Hero Member
  • *****
  • Join Date: Aug 2012
  • Posts: 1143
  • Karma: 4
    • View Profile
    • Gamezertruth
Re: action center in windows 7 (solved)
« Reply #55 on: August 30, 2015, 09:44:08 AM »
what is missing are a scan button and other options 

Offline Samson

  • Hero Member
  • *****
  • Join Date: Nov 2011
  • Posts: 915
  • Location: London
  • Karma: 38
    • View Profile
Re: action center in windows 7 (solved)
« Reply #56 on: August 30, 2015, 09:52:16 AM »
no not important and I think it was a false positives

How can you possibly know that. If they are false positives then you do not want to delete them. Do you understand the difference between "delete" and "restore". If you delete them from quarantine, they are gone. Possibly important files, gone!
« Last Edit: August 30, 2015, 10:10:58 AM by Samson, Reason: spelling »

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10181
  • Location: UK
  • Karma: 122
    • View Profile
Re: action center in windows 7 (solved)
« Reply #57 on: August 30, 2015, 09:52:54 AM »
Then reinstall Comodo and get rid of that scanner and install the free version of MBAM instead.

Offline Gamezertruth

  • Hero Member
  • *****
  • Join Date: Aug 2012
  • Posts: 1143
  • Karma: 4
    • View Profile
    • Gamezertruth
Re: action center in windows 7 (solved)
« Reply #58 on: August 30, 2015, 09:58:31 AM »
will do and I will check it again  :smiley: I’m searching for my topic at Mbam forum

Offline Gamezertruth

  • Hero Member
  • *****
  • Join Date: Aug 2012
  • Posts: 1143
  • Karma: 4
    • View Profile
    • Gamezertruth
Re: action center in windows 7 (solved)
« Reply #59 on: August 30, 2015, 10:42:33 AM »
aha wrong screenshot lol


Offline Gamezertruth

  • Hero Member
  • *****
  • Join Date: Aug 2012
  • Posts: 1143
  • Karma: 4
    • View Profile
    • Gamezertruth
Re: action center in windows 7 (solved)
« Reply #60 on: August 30, 2015, 12:24:10 PM »
cracktool ????  anyway I have reinstall Comodo and that seemed fix the problem and that have cleared out the quarantine ?

   
« Last Edit: August 30, 2015, 12:26:35 PM by Gamezertruth »

Offline Gamezertruth

  • Hero Member
  • *****
  • Join Date: Aug 2012
  • Posts: 1143
  • Karma: 4
    • View Profile
    • Gamezertruth
Re: action center in windows 7 (solved)
« Reply #61 on: August 30, 2015, 12:29:45 PM »
cracktool ????  anyway I have reinstall Comodo and that seemed fix the problem and that have cleared out the quarantine ?

 

ok other new reason to uninstall Mbam  :smiley: :cheesy: :angry: 
« Last Edit: August 30, 2015, 12:31:21 PM by Gamezertruth »

Offline Samson

  • Hero Member
  • *****
  • Join Date: Nov 2011
  • Posts: 915
  • Location: London
  • Karma: 38
    • View Profile
Re: action center in windows 7 (solved)
« Reply #62 on: August 30, 2015, 12:35:56 PM »
ok other new reason to uninstall Mbam  :smiley: :cheesy: :angry:

Why?

Offline Gamezertruth

  • Hero Member
  • *****
  • Join Date: Aug 2012
  • Posts: 1143
  • Karma: 4
    • View Profile
    • Gamezertruth
Re: action center in windows 7 (solved)
« Reply #63 on: August 30, 2015, 12:50:45 PM »
ok other new reason to uninstall Mbam  :smiley: :cheesy: :angry:

Why?

Because mbam have list this detection as "a cracktool" and that detection "avz temp" isn’t a cracktool yo!

Offline Samson

  • Hero Member
  • *****
  • Join Date: Nov 2011
  • Posts: 915
  • Location: London
  • Karma: 38
    • View Profile
Re: action center in windows 7 (solved)
« Reply #64 on: August 30, 2015, 12:54:25 PM »
What are those scan results from? MBAM and comodo? if the first is mbam and the second is comodo, then comodo also has quarantined the same file. CrackTool.Agent is a keylogger.
« Last Edit: August 30, 2015, 12:56:27 PM by Samson »

Offline Gamezertruth

  • Hero Member
  • *****
  • Join Date: Aug 2012
  • Posts: 1143
  • Karma: 4
    • View Profile
    • Gamezertruth
Re: action center in windows 7 (solved)
« Reply #65 on: August 30, 2015, 12:58:18 PM »
nope!  :smiley: do you even know what "avz" is ?  :wink:

Offline Samson

  • Hero Member
  • *****
  • Join Date: Nov 2011
  • Posts: 915
  • Location: London
  • Karma: 38
    • View Profile
Re: action center in windows 7 (solved)
« Reply #66 on: August 30, 2015, 01:00:57 PM »
nope!  :smiley: do you even know what "avz" is ?  :wink:

Do tell me. Another random program you have downloaded.

I'm sure that you are right and MBAM and Comodo know less about malware than you clearly do.  :rolleyes:

They have both detected it as malware and yet you chose to disagree with both.
« Last Edit: August 30, 2015, 01:11:32 PM by Samson »

Offline Gamezertruth

  • Hero Member
  • *****
  • Join Date: Aug 2012
  • Posts: 1143
  • Karma: 4
    • View Profile
    • Gamezertruth
Re: action center in windows 7 (solved)
« Reply #67 on: August 30, 2015, 01:07:10 PM »
nope!  :smiley: do you even know what "avz" is ?  :wink:

Do tell me.

I'm sure that you are right and MBAM and Comodo know less about malware than you clearly do.  :rolleyes:

hhmmm I’m a Kaspersky member form a long time and I know a lot of thing and a member of Kaspersky Behind his program http://www.z-oleg.com/secur/avz/

and If I’m wrong then correct my info  :smiley: https://support.kaspersky.com/common/service.aspx?el=1698

EDIT : Kaspersky link added
« Last Edit: August 30, 2015, 01:09:17 PM by Gamezertruth »

Offline Samson

  • Hero Member
  • *****
  • Join Date: Nov 2011
  • Posts: 915
  • Location: London
  • Karma: 38
    • View Profile
Re: action center in windows 7 (solved)
« Reply #68 on: August 30, 2015, 01:20:29 PM »
"The AVZ utility collects information about your computer"... So hardly suprising that MBAM and Comodo have flagged it as malware.

Offline Gamezertruth

  • Hero Member
  • *****
  • Join Date: Aug 2012
  • Posts: 1143
  • Karma: 4
    • View Profile
    • Gamezertruth
Re: action center in windows 7 (solved)
« Reply #69 on: August 30, 2015, 01:37:23 PM »
"The AVZ utility collects information about your computer"... So hardly suprising that MBAM and Comodo have flagged it as malware.

aha Now I'm confused! lol and could be a False positives by both mbam and Comodo ?
+
can someone submit it to mbam ?

Offline Samson

  • Hero Member
  • *****
  • Join Date: Nov 2011
  • Posts: 915
  • Location: London
  • Karma: 38
    • View Profile
Re: action center in windows 7 (solved)
« Reply #70 on: August 30, 2015, 01:51:34 PM »
Given that 2 independent programs, Comodo and MBAM both agree it is unlikely, follow their advice.

Offline Gamezertruth

  • Hero Member
  • *****
  • Join Date: Aug 2012
  • Posts: 1143
  • Karma: 4
    • View Profile
    • Gamezertruth
Re: action center in windows 7 (solved)
« Reply #71 on: August 30, 2015, 01:56:56 PM »
ok will do, will time to marks this topic as solved

edit lol topic already marks solved
« Last Edit: August 30, 2015, 01:58:28 PM by Gamezertruth »

Offline Gamezertruth

  • Hero Member
  • *****
  • Join Date: Aug 2012
  • Posts: 1143
  • Karma: 4
    • View Profile
    • Gamezertruth
Re: action center in windows 7 (solved)
« Reply #72 on: August 31, 2015, 02:28:52 AM »
will I’m going to uninstall Comodo antivirus due to a hiding registry keys was make it ! and I was thought I had a rootkits of all this time  :smiley:  and that can’t be removed even with Trend Micro RootkitBuster !  :smiley:

+----------------------------------------------------
| Trend Micro RootkitBuster
| Module version: 5.0.0.1180
| Computer Name: B-PC
| OS version: 6.1-7601
| User Name: b
+----------------------------------------------------


--== Dump malicious MBR ==--
No hidden MBR found.

--== Dump Hidden Files and Alternate Data Streams on C:\ ==--
No hidden files found.

--== Dump Hidden Registry Value on HKLM ==--
[HIDDEN_REGISTRY][Hidden Reg Value]:
   KeyPath   : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CmdAgent\Mode\Configurations
   Root      : 9a8b820
   SubKey    : Configurations
   ValueName : SymbolicLinkValue
   Data      : \Registry\MACHINE\SYSTEM\CurrentControlSet\services\CmdAgent\CisConfigs
   ValueType : 6
   AccessType: 0
   FullLength: 81
   DataSize  : 142
[HIDDEN_REGISTRY][Hidden Reg Value]:
   KeyPath   : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CmdAgent\Mode\Data
   Root      : 9a8b820
   SubKey    : Data
   ValueName : SymbolicLinkValue
   Data      : \Registry\MACHINE\SOFTWARE\COMODO\CIS\Data
   ValueType : 6
   AccessType: 0
   FullLength: 71
   DataSize  : 84
[HIDDEN_REGISTRY][Hidden Reg Value]:
   KeyPath   : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CmdAgent\Mode\Options
   Root      : 9a8b820
   SubKey    : Options
   ValueName : SymbolicLinkValue
   Data      : \Registry\MACHINE\SOFTWARE\COMODO\CIS\Options
   ValueType : 6
   AccessType: 0
   FullLength: 74
   DataSize  : 90
 3 hidden registry entries found.


--== Dump Hidden Process ==--
No hidden processes found.

--== Dump Hidden Driver ==--
No hidden drivers found.

--== Service Win32 API Hook List ==--
[HOOKED_SERVICE_API]:
   Service API     : ZwAdjustPrivilegesToken
   Image Path      : C:\Windows\system32\DRIVERS\cmdguard.sys
   OriginalHandler : 0x83099e37
   CurrentHandler  : 0x8bcdf50e
   ServiceNumber   : 0xc
   ModuleName      : cmdguard.sys
   SDTType         : 0x0
[HOOKED_SERVICE_API]:
   Service API     : ZwAlpcConnectPort
   Image Path      : C:\Windows\system32\DRIVERS\cmdguard.sys
   OriginalHandler : 0x8308a3fd
   CurrentHandler  : 0x8bcdf91a
   ServiceNumber   : 0x16
   ModuleName      : cmdguard.sys
   SDTType         : 0x0
[HOOKED_SERVICE_API]:
   Service API     : ZwAlpcCreatePort
   Image Path      : C:\Windows\system32\DRIVERS\cmdguard.sys
   OriginalHandler : 0x83008d50
   CurrentHandler  : 0x8bcdf8c8
   ServiceNumber   : 0x17
   ModuleName      : cmdguard.sys
   SDTType         : 0x0
[HOOKED_SERVICE_API]:
   Service API     : ZwConnectPort
   Image Path      : C:\Windows\system32\DRIVERS\cmdguard.sys
   OriginalHandler : 0x8308ceff
   CurrentHandler  : 0x8bcde754
   ServiceNumber   : 0x3b
   ModuleName      : cmdguard.sys
   SDTType         : 0x0
[HOOKED_SERVICE_API]:
   Service API     : ZwCreateEvent
   Image Path      : C:\Windows\system32\DRIVERS\cmdguard.sys
   OriginalHandler : 0x8305508e
   CurrentHandler  : 0x8bcdd82a
   ServiceNumber   : 0x40
   ModuleName      : cmdguard.sys
   SDTType         : 0x0
[HOOKED_SERVICE_API]:
   Service API     : ZwCreateEventPair
   Image Path      : C:\Windows\system32\DRIVERS\cmdguard.sys
   OriginalHandler : 0x83121054
   CurrentHandler  : 0x8bcdd882
   ServiceNumber   : 0x41
   ModuleName      : cmdguard.sys
   SDTType         : 0x0
[HOOKED_SERVICE_API]:
   Service API     : ZwCreateFile
   Image Path      : C:\Windows\system32\DRIVERS\cmdguard.sys
   OriginalHandler : 0x83063c66
   CurrentHandler  : 0x8bcdf13c
   ServiceNumber   : 0x42
   ModuleName      : cmdguard.sys
   SDTType         : 0x0
[HOOKED_SERVICE_API]:
   Service API     : ZwCreateMutant
   Image Path      : C:\Windows\system32\DRIVERS\cmdguard.sys
   OriginalHandler : 0x830248bb
   CurrentHandler  : 0x8bcdd7d4
   ServiceNumber   : 0x4a
   ModuleName      : cmdguard.sys
   SDTType         : 0x0
[HOOKED_SERVICE_API]:
   Service API     : ZwCreatePort
   Image Path      : C:\Windows\system32\DRIVERS\cmdguard.sys
   OriginalHandler : 0x83005838
   CurrentHandler  : 0x8bcdd77c
   ServiceNumber   : 0x4d
   ModuleName      : cmdguard.sys
   SDTType         : 0x0
[HOOKED_SERVICE_API]:
   Service API     : ZwCreateSection
   Image Path      : C:\Windows\system32\DRIVERS\cmdguard.sys
   OriginalHandler : 0x830376eb
   CurrentHandler  : 0x8bcdee58
   ServiceNumber   : 0x54
   ModuleName      : cmdguard.sys
   SDTType         : 0x0
[HOOKED_SERVICE_API]:
   Service API     : ZwCreateSemaphore
   Image Path      : C:\Windows\system32\DRIVERS\cmdguard.sys
   OriginalHandler : 0x83019b4e
   CurrentHandler  : 0x8bcdd8d4
   ServiceNumber   : 0x55
   ModuleName      : cmdguard.sys
   SDTType         : 0x0
[HOOKED_SERVICE_API]:
   Service API     : ZwCreateSymbolicLinkObject
   Image Path      : C:\Windows\system32\DRIVERS\cmdguard.sys
   OriginalHandler : 0x830159a0
   CurrentHandler  : 0x8bce07ac
   ServiceNumber   : 0x56
   ModuleName      : cmdguard.sys
   SDTType         : 0x0
[HOOKED_SERVICE_API]:
   Service API     : ZwCreateThread
   Image Path      : C:\Windows\system32\DRIVERS\cmdguard.sys
   OriginalHandler : 0x830f14a6
   CurrentHandler  : 0x8bcde0fe
   ServiceNumber   : 0x57
   ModuleName      : cmdguard.sys
   SDTType         : 0x0
[HOOKED_SERVICE_API]:
   Service API     : ZwCreateThreadEx
   Image Path      : C:\Windows\system32\DRIVERS\cmdguard.sys
   OriginalHandler : 0x83085307
   CurrentHandler  : 0x8bcdfb64
   ServiceNumber   : 0x58
   ModuleName      : cmdguard.sys
   SDTType         : 0x0
[HOOKED_SERVICE_API]:
   Service API     : ZwLoadDriver
   Image Path      : C:\Windows\system32\DRIVERS\cmdguard.sys
   OriginalHandler : 0x82fd9af1
   CurrentHandler  : 0x8bce01b2
   ServiceNumber   : 0x9b
   ModuleName      : cmdguard.sys
   SDTType         : 0x0
[HOOKED_SERVICE_API]:
   Service API     : ZwMakeTemporaryObject
   Image Path      : C:\Windows\system32\DRIVERS\cmdguard.sys
   OriginalHandler : 0x8301fa46
   CurrentHandler  : 0x8bcdea2c
   ServiceNumber   : 0xa4
   ModuleName      : cmdguard.sys
   SDTType         : 0x0
[HOOKED_SERVICE_API]:
   Service API     : ZwOpenFile
   Image Path      : C:\Windows\system32\DRIVERS\cmdguard.sys
   OriginalHandler : 0x8304646b
   CurrentHandler  : 0x8bcdf334
   ServiceNumber   : 0xb3
   ModuleName      : cmdguard.sys
   SDTType         : 0x0
[HOOKED_SERVICE_API]:
   Service API     : ZwOpenSection
   Image Path      : C:\Windows\system32\DRIVERS\cmdguard.sys
   OriginalHandler : 0x8307e27b
   CurrentHandler  : 0x8bcdece0
   ServiceNumber   : 0xc2
   ModuleName      : cmdguard.sys
   SDTType         : 0x0
[HOOKED_SERVICE_API]:
   Service API     : ZwSetInformationProcess
   Image Path      : C:\Windows\system32\DRIVERS\cmdguard.sys
   OriginalHandler : 0x8304d045
   CurrentHandler  : 0x8bcdf702
   ServiceNumber   : 0x14d
   ModuleName      : cmdguard.sys
   SDTType         : 0x0
[HOOKED_SERVICE_API]:
   Service API     : ZwSetSystemInformation
   Image Path      : C:\Windows\system32\DRIVERS\cmdguard.sys
   OriginalHandler : 0x83062b70
   CurrentHandler  : 0x8bce04b2
   ServiceNumber   : 0x15e
   ModuleName      : cmdguard.sys
   SDTType         : 0x0
[HOOKED_SERVICE_API]:
   Service API     : ZwShutdownSystem
   Image Path      : C:\Windows\system32\DRIVERS\cmdguard.sys
   OriginalHandler : 0x83119599
   CurrentHandler  : 0x8bcde9a2
   ServiceNumber   : 0x168
   ModuleName      : cmdguard.sys
   SDTType         : 0x0
[HOOKED_SERVICE_API]:
   Service API     : ZwSystemDebugControl
   Image Path      : C:\Windows\system32\DRIVERS\cmdguard.sys
   OriginalHandler : 0x8309a766
   CurrentHandler  : 0x8bcdebcc
   ServiceNumber   : 0x170
   ModuleName      : cmdguard.sys
   SDTType         : 0x0
[HOOKED_SERVICE_API]:
   Service API     : ZwTerminateProcess
   Image Path      : C:\Windows\system32\DRIVERS\cmdguard.sys
   OriginalHandler : 0x8306f5d1
   CurrentHandler  : 0x8bcde534
   ServiceNumber   : 0x172
   ModuleName      : cmdguard.sys
   SDTType         : 0x0
[HOOKED_SERVICE_API]:
   Service API     : ZwTerminateThread
   Image Path      : C:\Windows\system32\DRIVERS\cmdguard.sys
   OriginalHandler : 0x8308d52a
   CurrentHandler  : 0x8bcde302
   ServiceNumber   : 0x173
   ModuleName      : cmdguard.sys
   SDTType         : 0x0
No hidden operating system service hooks found.

--== Dump Hidden Port ==--
No hidden ports found.

--== Dump Kernel Code Patching ==--
No kernel code patching detected.

--== Dump Hidden Services ==--
No hidden services found.
« Last Edit: August 31, 2015, 02:34:18 AM by Gamezertruth »

Offline Samson

  • Hero Member
  • *****
  • Join Date: Nov 2011
  • Posts: 915
  • Location: London
  • Karma: 38
    • View Profile
Re: action center in windows 7 (solved)
« Reply #73 on: August 31, 2015, 04:00:34 AM »
Probably hidden to prevent modification by malware. Which AV have you selected to reject next?  :rolleyes:

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10181
  • Location: UK
  • Karma: 122
    • View Profile
Re: action center in windows 7 (solved)
« Reply #74 on: August 31, 2015, 04:15:22 AM »
Can you give us a list of all of the security programs that you have installed -

I have Norton 360, the free version of MBAM and the free version of SuperAntiSpyware but because Norton does such a good job of keeping the crap out, it's very rare that I run MBAM and have found SAS useful for clearing the tracking cookies as well as clearing the Temp folder.

I occasionally run AdwCleaner to see if any PuPs have crept in, but that tends not to find anything.