dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Jun 27, 2015 19:44:48 GMT -8
First, did the Fixlist run produce a log file?
As to Akamai Net Sesssion, the choice is yours but don't be surprised if one of your software does not get updated automatically.
|
|
|
Post by matangiii on Jun 29, 2015 19:00:16 GMT -8
Oh, oops! Yes, it did create a fixlog. Here it is:
Fix result of Farbar Recovery Scan Tool (x64) Version:24-06-2015
Ran by Shannon at 2015-06-27 09:04:25 Run:3
Running from C:\Users\Shannon\Desktop
Loaded Profiles: UpdatusUser & Shannon & (Available Profiles: UpdatusUser & Shannon)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
C:\$Recycle.Bin\S-1-5-21-2477012217-3134730047-1527124483-1002\$RB7IWWE.exe
C:\$Recycle.Bin\S-1-5-21-2477012217-3134730047-1527124483-1002\$RKNRS1R.exe
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\AskToolbarInstaller-ARS-SPMED[1].7z
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
CMD: bitsadmin /reset /allusers
RemoveProxy:
EmptyTemp:
Reboot:
end
*****************
Restore point was successfully created.
Processes closed successfully.
C:\$Recycle.Bin\S-1-5-21-2477012217-3134730047-1527124483-1002\$RB7IWWE.exe => moved successfully.
C:\$Recycle.Bin\S-1-5-21-2477012217-3134730047-1527124483-1002\$RKNRS1R.exe => moved successfully.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\AskToolbarInstaller-ARS-SPMED[1].7z => moved successfully.
========= ipconfig /flushdns =========
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========= End of CMD: =========
========= netsh advfirewall reset =========
Ok.
========= End of CMD: =========
========= netsh advfirewall set allprofiles state on =========
Ok.
========= End of CMD: =========
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
The operation completed successfully.
========= End of Reg: =========
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
The operation completed successfully.
========= End of Reg: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
{E06CE639-339A-4432-A064-04C1CB1D270E} canceled.
{FB1CBAD7-A222-4AC7-A6B7-14433DC5C712} canceled.
{EDF2A598-986B-4433-AF5D-5557122F29BF} canceled.
3 out of 3 jobs canceled.
========= End of CMD: =========
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-2477012217-3134730047-1527124483-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-2477012217-3134730047-1527124483-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-2477012217-3134730047-1527124483-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-2477012217-3134730047-1527124483-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
========= End of RemoveProxy: =========
EmptyTemp: => 5.3 GB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 09:06:04 ====
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Jun 29, 2015 23:09:39 GMT -8
Cool! Thanks. If you did not do so at the end of its scan, please uninstall ESET Online Scanner at this time. You can use the Control Panel 'Add / Remove Programs' or 'Programs and Features' utility to uninstall it. Next, we need to remove the tools we've used during cleaning your machine. [/a] Ensure the following is ticked: - Activate UAC
- Remove disinfection tools
- Create registry backup
- Purge system restore
- Reset system settings
[/ul] Then click Run. The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply. Once you have the log file saved, please reboot your system to complete the clean up process. Your system looks clean and your logs are fine. Unless you want something else done, you are done and free to go.Final word from me: Surf safely, and watch when installing or letting anything add itself to your system. Remember, the best security is not on your system but in the chair in front of it. Take care and thanks for sticking with us in this rushed time.
|
|
|
Post by matangiii on Jul 2, 2015 17:45:10 GMT -8
Hey, thanks SO MUCH for helping me with this! There's no way I could have figured that out on my own. You are an awesome person. Per the instructions, here's the log. I hope life brings you nothing but roses! # DelFix v1.010 - Logfile created 02/07/2015 at 19:41:34 # Updated 26/04/2015 by Xplode # Username : Shannon - ADOREDELANO # Operating System : Windows 8.1 (64 bits) ~ Activating UAC ... OK ~ Removing disinfection tools ... Deleted : C:\FRST Deleted : C:\AdwCleaner Deleted : C:\Users\Shannon\Desktop\FRST-OlderVersion Deleted : C:\Users\Shannon\Desktop\Addition.txt Deleted : C:\Users\Shannon\Desktop\esetsmartinstaller_enu.exe Deleted : C:\Users\Shannon\Desktop\Fixlog.txt Deleted : C:\Users\Shannon\Desktop\FRST.txt Deleted : C:\Users\Shannon\Desktop\FRST64.exe Deleted : C:\Users\Shannon\Downloads\AdwCleaner.exe Deleted : HKLM\SOFTWARE\AdwCleaner ~ Creating registry backup ... OK ~ Cleaning system restore ... Deleted : RP #56 [Installed Evernote v. 5.8.8 | 06/24/2015 16:36:59] Deleted : RP #58 [Restore Point Created by FRST | 06/27/2015 15:04:27] New restore point created ! ~ Resetting system settings ... OK
|
|