Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possibly compromised system drivers, signatures, certificates, and CA's


  • Please log in to reply
1 reply to this topic

#1 NematodeSWAG

NematodeSWAG

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:02 PM

Posted 15 May 2013 - 02:18 AM

Make: HP

Model:  Pavillion dv6

OS: Windows 7 64-bit

Anti-virus: Webroot SecureAnywhere Complete

Anti-malware: Malwarebytes

 

I've had a slight hunch that my system files are compromised for a bit now. This is mainly based on the ridiculous amount of services and processes open at times while my laptop is running. And how this slew of processes/services have eery communication with the internet, open random TCP/UDP ports, some of the services don't even run how they are supposed to. I'll be honest when I say that I don't know for sure what services and proccesses are supposed to be running and doing what, so I figured that I'd check with the gang here at Bleeping Computer :)

 

My suspicion on the compromised system processes/services comes from past problems with valid or revoked certificates and certificate authorities. With that fact in mind I've never been 100% sure of downloads or installations from the internet. If I could be assisted in assessing this situation as well that would be grand.

 

There may also be the possible remnants of past installed anti-virus programs and tools that might be incompatible with my Webroot software.

Possible programs are:

  • All free COMODO programs, tools, etc.
  • Avast
  • Microsoft Security Essentials
  • Norton
  • Ad-ware Antivirus (Failed uninstallation, corrupt and the computer still thinks it is installed)

 

I'd also like to assess the possiblity of adware, bloatware, and spyware existing on my system as well. As for bloatware specifically, I'd like to have assistance for getting as many non-essential factory/OEM programs uninstalled and completely removed as possible.

 

The last request that I have is for help with figuring out where I might look to get help unmounting and completely remove the factory HP recovery partition, as it is a serious vulnerability.

 

 

I'll be more than thankful for any help that I can possibly get on these matters, so thank you in advance :)

 

James



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:02 PM

Posted 15 May 2013 - 10:16 AM

Hello, it would probably be faster to re ost this with a DDs log from the guide below. They can write a custom script to get it all off.

 

Do steps 6,7 and 8 ..

Preparation Guide


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users