Login
▼
Register
Home
Help
Search
Login
Register
Adlice.com
Adlice forum
»
General Category
»
Malware removal help
»
Tr.Poweliks
« previous
next »
Print
Pages: [
1
]
Author
Topic: Tr.Poweliks (Read 6991 times)
0 Members and 1 Guest are viewing this topic.
October 30, 2014, 11:49:48 PM
manty
Guest
Tr.Poweliks
«
on:
October 30, 2014, 11:49:48 PM »
see original Poweliks detection log
A few days ago I came up with and infection opening dll.host files filling up memory HD etc.. Made several scans with Rogue and just about everything else I could think of and thought I had it all until today.
see Found and removed Today log
Today something else popped up and it was opening regsvr32.exe processes
Rogue found and killed that stuff but I still keep getting hits in rootkit area which leads me to believe something still exists.
see last logs from after Rouge and a GMER
Thank You for any help you can give and the time for looking at the logs. If nothing else ill just reinstall windows 7 and be done with it.
I think I picked up these infections on a freeware installation.
Update:
Another GMER scan after UnHackme and New Malwarebytes run. Plus several Antivirus scans.
«
Last Edit: October 31, 2014, 06:39:21 AM by manty
»
Logged
Reply #1
October 31, 2014, 08:52:57 AM
Tigzy
Administrator
Hero Member
Offline
955
Reputation:
91
Personal Text
Owner, Adlice Software
Re: Tr.Poweliks
«
Reply #1 on:
October 31, 2014, 08:52:57 AM »
Hello
I don't see any Poweliks now.. Looks like it downloaded several friends in the background.
What did Malwarebytes say?
Logged
Reply #2
October 31, 2014, 09:17:52 AM
manty
Guest
Re: Tr.Poweliks
«
Reply #2 on:
October 31, 2014, 09:17:52 AM »
Hi,
Thank you for looking at the logs and the response.
Malwarebytes hadn't reported anything since it first found it. The only thing it didn't remove the problem just some of the msiexec files it made.
The good thing it did for me was identify it or I wouldn't have found this site.
Logged
Reply #3
October 31, 2014, 07:15:39 PM
Tigzy
Administrator
Hero Member
Offline
955
Reputation:
91
Personal Text
Owner, Adlice Software
Re: Tr.Poweliks
«
Reply #3 on:
October 31, 2014, 07:15:39 PM »
Ok, so you noticed some strange behavior since then?
Logged
Reply #4
October 31, 2014, 08:59:19 PM
manty
Guest
Re: Tr.Poweliks
«
Reply #4 on:
October 31, 2014, 08:59:19 PM »
Yes,
Yesterday I had removed the few friends you had mentioned. This could of just been a random browser hijack off of a compromised website and a coincidence.
It was 5 days after the first detection and removal of poweliks. I was just assuming it was related which it may not have been. I guess I run a pretty tight pc I watch in and out going ips and have virtually nothing going in or out except ISP contacts and the occasional windows contact. So when I get bombarded by IPS I know somethings up.
I believe I made the mistake of downloading what looked like a legit video editing freeware and it was packed with that as shortly after my problems started.
So far the last 12 hours or so has been really quiet no ips no hits on any scans.
«
Last Edit: October 31, 2014, 09:02:02 PM by manty
»
Logged
Print
Pages: [
1
]
« previous
next »
Adlice forum
»
General Category
»
Malware removal help
»
Tr.Poweliks
Topic: Tr.Poweliks (Read 6991 times)
