Posted 26 June 2008 - 12:32 AM
Hi to everybody!
It seems that at least Comodo Personal Firewall's users are having a problem with Defense+ alerting that any kind of program is trying to install a hook, dwmapi.dl (NOT dll), on system32 directory. It may be IE, or WMP, or Firefox...
A guy have this problem whith WMP when he inserts his pendrive.
I just formatted all, and I should have (as I had not) "sheet" on my pc.
I not even had updated Vista.
Well, I had this message error. I said all the time "no", and nothing bad seemed to pass.
Finally, while I was installing SP1, and I had to put COmodo in Istalling mode, and I was no more able to block dwmapi.dl installing. It installed, but now it is dwmapi.dll, by Microsoft. So, very possibly it was a mistake (of COmodo? Of Vista?).
But a-squared found a low risk riskware in "program files\comodo\firewall\s1.tmp", called "Riskware.adtool.web32.mywebsearch.bn"
and avira found a trojan, "Spy.banker.vk.1", on 2 gif images in a offpage site I had downloaded. Anyway, the first can of course be involved, but the second was on another partition, and I had never opened it after the formatting...
Do you think that this dwmapi.dl (someone told that "dl" extensions can be Sub/ malware variant) was a malware, and it was related to this s1.tmp file on COmodo folder??? What would be, a temporary file? What is it for a temp file in a firewall???
AM I clean?
Uh, I do not wish to format all again!