Any Ideas What this is??

Hi Guys

I am not sure where to post this so i figured her was ok...

About a day ago a little grey rectangle with a white mark in it appeared on my desktop.... I can left click and hold on it and move it around... it also sits over any program i have up (such as this site... See screen shot of this site.. should be pretty obvious)
I cannot right click on it or double left click on it, i can only move it around

Any ideas as to what it is or how to get rid of it...

Noticed it after i downloaded a video file

Cheers

Adam

 

Hi guys

Sorry about not posting my spec... just thought someone might recognise the pic i posted..

Thing is i noticed this icon on my dads computer today... it was in the exact same spot (bottom right hand corner)

I will have to run the Malware guide tomoz.....

My spec is:
Dell Inc. Inspiron N5010 A10
System Service Tag: 6XBC3N1 (support for this PC)
Chassis Serial Number: 6XBC3N1
Enclosure Type: Portable

Windows 7 Home Premium (x64) Service Pack 1 (build 7601)
Install Language: English (United States)
System Locale: English (United Kingdom)
Installed: 12/08/2011 11:04:13
Boot Mode: BIOS (Secure Boot not supported)

2.53 gigahertz Intel Core i3 M 380
64 kilobyte primary memory cache
256 kilobyte secondary memory cache
3072 kilobyte tertiary memory cache
64-bit ready
Multi-core (2 total)
Hyper-threaded (4 total)

Board: Dell Inc. 0YXXJJ A10
Serial Number: .6XBC3N1.CN7016612D00JU.
Bus Clock: 533 megahertz
BIOS: Dell Inc. A10 11/17/2010

304.24 Gigabytes Usable Hard Drive Capacity
46.40 Gigabytes Hard Drive Free Space
TSSTcorp DVD+-RW TS-L633J [Optical drive]
WDC WD3200BEVT-75ZCT2 [Hard drive] (320.07 GB) -- drive 0, s/n WD-WXG1AA0A5036, rev 11.01A11, SMART Status: Healthy

6008 Megabytes Usable Installed Memory
Slot 'DIMM_A' has 2048 MB (serial number 450AEC7B)
Slot 'DIMM_B' has 4096 MB (serial number 55250000)

 

Hey Guys

I updated the drivers, and its still there, thing is its not there when the comp is booting.

I load chrome up and it seems to appear from there so i think its 1 either a program that boots when the chrome is loaded or 2 chrome itself it loading it...

I am going to run the Malware guide now so will get back to you with the results

Cheers

 

ok i was going to ask about that... Cheers

 

Have you tried disabling the Comodo widget, because the white thing in the center of the rectangle is the C in the word Comodo from the widget.

 

When you say widget, Nick T, do you mean gadget?
If so MS advised people running Vista and 7 to disable them in 2012 because of security issues.
http://www.techspot.com/news/49351-...vista-7-users-to-disable-desktop-gadgets.html

 

Above statement is a pretty strong indicator that Kryptonite also has Comodo installed.

For the time being though, its a moot point for TheTick as he has an active thread in Malware Removal for this issue.

 

Yesterday I followed the advice to download Belarc software to determine what my computer is running. I was using the German version of Chrome. If I recall correctly Belarc suggested using IE so I switched over to IE to download the program. I left IronSW up and running as I was reading posts here on that browser.

Everything seemed to go well. I was amazed at how much information Belarc observed and recorded ( not sure that "recorded" is the proper term but I am sure everyone here knows what I mean. I copied and pasted the info in wordpad and planned on adding it to my post today.

Today after booting my Toshiba and walked out of the room to fix another cup of coffee I heard that familiar sound of Comodo firewall noticing changes being made to my system. There was far more beeps than I usually hear and this time my firewall didn't give me a choice or a chance to say yes or no to the changes. By the time I got to the laptop the changes were already made but the hourglass or whatever symbol is used these days to inform the user that things have settled down yet was still spinning.

Even though; I clicked the IE icon on the quick launch side of the taskbar. IE came up but it said IE could not connect to the internet. I checked my modem and router and launched Iron SW which came up as normal.

I hit the button that asked me if I wanted to fix or figure out why IE didn't launch. It cam back and said it could figure it out did I want to pursue other options. I closed the browser.

I'm using a different computer now to access the internet and will read the rest of this thread in closer detail and will read my thread to see if anything new has been figured out.

I doubt if Comodo is answering it's phones this week-end but I think I will attempt to look on their forum to see if anyone knows or noticed anything strange.

Isn't it beyond coincidental that The Tick and I noticed this with-in hours, maybe minutes of each other and posted such similar questions here about it's appearance on our desktops and in the same exact spot?

 

Tick,

I looked at your post in the malware forum and was going to ask you a question about this there but got this message:

"Kryptonite, you do not have permission to access this page. This could be due to one of several reasons:

Your user account may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.
Log Out Home "

So I decided to ask you here: first did you complete the task that K asked you to do and if so did the object disappear?

And 2 it seems that this appeared on your computer ( and maybe your Dad's computer ) around the same time as it appeared on mine. Can you confirm the approximate time that this object appeared?

and Last, did you read my post today about Comodo allowing numerous changes to be made to my computer without asking me first if I wanted to allow the changes? Have you noticed anything like that happening with your computer?

Thanks

 

I would open Task Manager and see what's running. Try shutting down things and see if this thing is nuked. Then go to MSCONFIG, or another startup tool, like CCleaner, and see if you can see something unusual. Try unchecking some things in order to isolate the culprit.

 

Hi Guys..

Sorry it has taken me so long to reply... i have been working on the Malware Removal section and enacting the suggestions that Kestrel made (hope you can see them)... I expect a final response off them soon..

As for the comodo issue Kryptonite.....

1) I assume the K is Kestrel (tho i am not sure) i did do what they said and unistalled comodo and the icon seems to have disappeared and has stayed away after 3 re-boots... I currently have no anti-V or firewall running at present, until Kestrel replies....

2) i first noticed the issue on my machine i think on Thursday night as i was watching a movie (roughly 11:30 pm london time) though it could have been there longer... the icon was hidden in the very bottom right corner of my desktop.. I only noticed as it overlapped the screen in the movie... As for my dads comp i noticed it the next day on the friday as i was looking out for it....

and 3) Comodo has not asked me to to make any changes to my computer... not heard from it in a while... the only issue i can think that was a little strange is the icon/widget that is on the desktop had moved a few inches to the left on the wed night so i just returned it to the top right... i can only think it moved cause i was downloading or watching a movie, i am totally baffled as i haven't done anything out of the ordinary on my computer for ages...


the uninstall seems to have worked at the min, but i am keeping an eye on in and may switch to a different firewall

Hope this helps

 

I think i might give another fire wall a try.... I like Comodo but it does get slightly annoying

 

The Tick...

Thumbs up for Private Firewall if you go that route. I use the manual settings for pop ups, which is way more demanding at first, when it comes to using the firewall. Fortunately, that tapers off after a week or so. There are still 5-8 pop ups for every program install.

PF monitors each process for 21 different behaviors, so this is why there are so many pop ups. Also, internet connections lead to pop ups. I will say that I have learned a good bit about the core functionality of Windows using PF. If you are into this sort of challenge, maybe it would work for you.

Oh, I almost forgot. PF is very light on system resources. It installs in 8-10 MB of hard disk space and uses very little RAM memory or processor bandwidth.

 

Hi Altbo

Cheers for the info... I shall give that a whirl... I tried outpost firewall and it annoyed me too much lol.. Just want one that is easy on sys resources and is simple to use..

Thanks again as i get confused as to which to use

 

The Tick...

If you run into questions with PF, let me know. It's really not too hard to use, once you learn where everything is located, and there are really only a couple of major things to know I would say...

 

Tick,

Yes, K was for Kestrel.

I will follow your efforts on the malware thread.

Thanks to the link from JoeRay on the Comodo site it is interesting to me that this seem to appear in the same spot around the same time on the same day in many different states and countries. That it seems to be hiding out it reminded me of a peeping tom hiding in a place where it can see everything but obscured enough that a number of people ( probably more people NOT noticing it than those of us who have noticed it ). For those of us who have noticed it it seems that there is a similar degree of paranoia from those of us who posted on both forums.

I didn't see any comments from Comodo employee's, tech's, or administrators.

If this is malware what is it doing besides annoying people and making some paranoid?

As mentioned I will follow your posts on the malware thread But my paranoia was written about in a letter than I sent to a local newspaper and my government representative mostly because I have noticed a few other things happening not just on my computer but in numerous other places where computer networks are of critical importance.

Maybe I will post my thoughts in The Lounge or another thread where we can ramble a little more freely that we can on threads that are meant to conform to the rules set up for obvious reasons. I'm pretty sure my thoughts will have it's detractors but I would like to hear what others think.

 

Hey JoeRay12

I didnt try the fix as by the time i had read about it i was dealing with Kestrel...
I did uninstall comodo and the icon instantly disappeared... I then installed Private firewall and as of yet that little icon has not appeared.. seems like it was deffo a comodo issue.. I wish i had seen your post properly so i could have tried that first.

Hope this helps

(FYI when running malware scans/disabling firewalls be careful of what you click on when surfing... I clicked on a dodgy link and got malware whilst checking for malware lol)

Surf Save peeps