Essexboy in his Addition.txt
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
No clue what it is, but doesn’t seem normal to me.

OpenAL (HKLM-x32.…\OpenAL) (Version: - )
Can be from Creative but there is also malware by that name.

ph (x32 Version: 1.0.0 - Your Company Name) Hidden
No clue what it is, but doesn’t seem normal to me.

PhotoScape (HKLM-x32.…\PhotoScape) (Version: - )
https://www.herdprotect.com/photoscape-3.6.5.exe-cd45d0259252e935d8e51d86bec01333d0677d2c.aspx

Perhaps running a specialized rootkit scanner is a idea.

OK lets try and see what happens

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint: bl (x32 Version: 1.0.0 - Your Company Name) Hidden ph (x32 Version: 1.0.0 - Your Company Name) Hidden

Save this as fixlist.txt, in the same location as FRST.exe

https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG

Run FRST and press Fix
On completion a log will be generated please post that

Then go to control panel > programmes and features and uninstall the following :

bl
ph

Hi essexboy,

On a side-note. What our friend Eddy kicks up in this thread, is a localhost address for a httpserver in Han Noi
with a certain linux-gnu nConnect issue. nServer mail issue, consuming 100% CPU?
Just passing this info for what it is worth.
Thanks to Eddy for that unconventional assist info,
would not have thought of looking there.

polonus

Ok followed the steps

ran the fix

uninstalled the bl and ph thing, what ever it was.

If it helps I’m currently living in Saigon (vietnam), our computers at work have been affected by viruses lately (earlier this year) which have now been fixed (I think)

I use my usb a lot (which I normally wouldn’t do, knowing this) Avast doesn’t flag anything, and I’ve assumed its been safe enough to continue.

I’ll probs just start using cloud now.

thanks for the chip in of help guys

I can recommend to get and use McShield.
It is especially for removable devices and a good addition to avast.
http://www.mcshield.net/

Still getting alerts

Do any other computers that use your router experience this ?

Could you disable sad panda

Sad Panda removed and also no not to my knowledge.

I live in an apartment with about 11 other apartments in this building,with up to 4 people using the same router at any time.

I believe there are about 3 routers, 1 for each floor

What are the dns settings in the router ?

No idea, is there anyway to check?

Open the routers settings page and look them up.

I don’t have access to the router, its managed by the apartment building manager

OK set your computer to use opendns https://support.opendns.com/forums/21618384 select the OS that you have and follow the instructions

Then let me know if that stops it

Ok, followed the instructions,

will keep you posted on results,

though one thing i noticed which seemed a bit odd is the amount of Ethernet connections i have :S

this isn’t normal is it

If you do not use the Ethernet connections then you can delete all bar one

Still happening guys

Could you fully uninstall Chrome and then see if the alerts cease

Ok uninstalled, using Microsoft Edge now, will keep you updated,

Also just has a multitude of alerts come from “Skype tool bars” even though I thought I uninstalled it

Happened about 20 minutes after I tried using my credit card too. Coincidence?

No, it is something deeply embedded, at this stage I would seriously consider re-installing windows

Ok I’ll follow your advice and do a fresh install, so far no alerts from using Microsoft Edge,

Any idea what the malware was doing? I haven’t had anything unusual happen on my computer yet, besides the alerts.