Multiple Pop up warnings

Viruses and worms
1

[b]Hi there, I have done some extensive reading of the board prior to posting. It appears I have a problem similar to that of many others that have been reporting over the last month. This is the multiple pop up warnings about detection of outbound attempts from the computer. I believe I have the logs required to take a look and will attach them. I appreciate any help you can offer. thank you!

Marty

2

I wanted to add some information that may or may not be helpful. I managed to write down a bunch of the blocked access items

Fa8072.com
195.2.240.171
db7093.com
190.2.240.79
31.184.194.39
95.215.1.57

In the past I have seen the F0fff0 thing and Blinkxcore things but I did not see them in the recent round of popups.

** just as a note some of those verification words are nearly impossible to read**

3
AV: Norton Internet Security (Disabled - Out of date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} AS: Norton Internet Security (Disabled - Out of date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66} FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} FW: Norton Internet Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
you have multiple AV / Firewall installed ..... never install more then one AV

Why Using Multiple Antivirus Programs is a Bad Idea http://blog.kaspersky.com/multiple-antivirus-programs-bad-idea/

General: Uninstalling a third-party antivirus software https://www.avast.com/en-eu/faq.php?article=AVKB11#artTitle

4

This should stop the alerts, could you let me know

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint: HKU\S-1-5-21-344847028-815513394-2266393663-1001\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml.dll,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf> (the data entry has 243 more characters). <==== Poweliks! CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path 2015-01-21 22:20 - 2015-01-21 22:20 - 00000000 __SHD () C:\Users\Martin\AppData\Local\EmieUserList 2015-01-21 22:20 - 2015-01-21 22:20 - 00000000 __SHD () C:\Users\Martin\AppData\Local\EmieSiteList 2015-01-21 22:20 - 2015-01-21 22:20 - 00000000 __SHD () C:\Users\Martin\AppData\Local\EmieBrowserModeList CustomCLSID: HKU\S-1-5-21-344847028-815513394-2266393663-1001_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml.dll,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf> (the data entry has 251 more characters). <==== Poweliks? EmptyTemp: CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe

https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG

Run FRST and press Fix
On completion a log will be generated please post that

5

I wanted to thank you guys who took the time to post answers. I will print out this thread , especially the helpful links to remove the other antivirus programs. It was all your information posted to many people that aided me in getting rid of this problem. As it turns out last night before I got any responses I used the poweliks cleaner program (by ESET) and that did the trick in like 10 seconds. The adwcleaner recommended here also removed junk prior to this process which probably helped contribute to the weakness poweliks exploited. I reset both browsers to default as well.

On the anti-virus stuff, windows of course comes with Windows defender, but in the brilliance of Microsoft it turns itself off if there is another AV on your system and you cannot toggle it. The laptop comes with Norton but I couldnt seem to delete it and that prevents Defender from running. In the past on other machines, I have used MS security essentials and malwarebytes because between the two of them Id grab everything and never, ever had a problem. The only active AV on this machine is Avast. I did not load windows defender, nor norton. But thanks for the info on safely removing things and for your time.

6

Our pleasure :slight_smile: