shinn
New Helpee
Posts: 8
|
Post by shinn on Aug 9, 2015 17:53:15 GMT -8
Hello I have been getting alot of Outbound notifications from Norton about Fake Plugin activity 2 Im running on Firefox on Windows 10, I also ran Norton Power Eraser and it deleted 5 Programs but it still keeps prompting me about suspicious outbound traffic. Here are the URLs FRST.txt: pastebin.com/38e3R1paAddition: pastebin.com/3GHFH6dZ
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Aug 10, 2015 21:25:43 GMT -8
FIRST >>>>Please go to START (Windows Orb) >> Control Panel >> Uninstall a Program or Programs and Features and remove the following (if listed): Google ChromeTo do so, left clicking on the name once and then click Uninstall/Change at the bar above the list window. Follow the prompts of the uninstaller BUT please read carefully any questions it asks before answering; some uninstallers will try and deceive you into keeping the software. SECOND >>>>You may want to read carefully all of this message first before starting the steps. NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating systemDownload the Fixlist.exe file that is attached to your desktop. Please double click on the file to start the self extractor; select to place the file on the desktop. You can delete the Fixlist.exe file from your desktop once the Fixlist.txt file is on your desktop. DO NOT DRAG AND DROP to download the script, it won't work properly for FRST.The script tells FRST what to do. Start FRST that is on the desktop by right clicking on file and selecting "Run as Administrator..."When the tool opens click Yes to disclaimer. (if it still does) Allow the tool to check for an update; the tool will inform you when it is ready to use. Press the Fix button just once and wait. The script will be processed and your system restarted to complete the removal / breakage of the malware. The tool will make a log on the Desktop (Fixlog.txt) please post it to your reply (attach or paste) LAST >>>>Chrome -> The malware has changed the version of Chrome to a less secure type. The only way to fix this is to uninstall Chrome and re-install it. 64 bit: Reboot your machine and then go to here and download a fresh installer for Chrome. Double click on the downloaded file to install the latest version of Chrome. Your settings and extensions should be added automatically; please let me know if there are any errors with this. Also, please tell me how your system is running now. Thanks. Attachments:Fixlist.exe (187.68 KB)
|
|
shinn
New Helpee
Posts: 8
|
Post by shinn on Aug 11, 2015 4:22:35 GMT -8
Fixlog: pastebin.com/P1Qf8Hy3So far I have not received any notification of susipicious outbound traffic once I implimented the steps.
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Aug 11, 2015 20:52:57 GMT -8
Let us run a few checks to see if anything else is on the system ..... FIRST >>>>Junkware Removal ToolPlease download JRT from here to your desktop. Note: Temporarily disable/shut down your protection software now to avoid potential conflicts, how to do so can be read here.Double click the JRT.exe file to run the application. The application will open an Command Prompt window and run from there (this is normal for this program, so not to be alarmed). When it is asked, press any key to allow the program to continue / run. This will create a log on the desktop; please copy and paste the JRT.txt log text in your next post. Note: After the log file is created, please enable your protection software / reboot your system and verify your protection software is enabled.SECOND >>>>Read carefullyDownload Adwcleaner from here to your desktop and run a scan. You may have to right click adwcleaner.exe and choose "Run as Administrator" from the menu. (Click the Scan button to start the scanning). It will create a log after it is finished scanning. If not (or if it just asks for you to uncheck what you don't wanted deleted), there is a LogFile button in the middle of the main window; click that and it will make the log file. Once the report file is made, you can leave AdwCleaner running (but don't delete anything yet) or you can close it down (we can always get a fresh scan done before the deletions). ONE SCAN ONLY, PLEASEAttach or paste the log back here for review and further instructions. Thanks.
|
|
shinn
New Helpee
Posts: 8
|
Post by shinn on Aug 12, 2015 7:16:44 GMT -8
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Aug 12, 2015 17:23:56 GMT -8
FIRSTPlease run AdwCleaner again (if you don't have it running from the last scan) and a) Click the Scan Button and wait for the scan to finish, (If Adwcleaner has been left open at the finish of the scan this is already done). b) Make sure in your case all the items under each TAB are ticked / checked then. c) Click the Clean Button and Adwcleaner will process all the items ticked / checked and then may ask for the system to be restarted. d) It should create a new log afterwards (with S0 in the name). e) Please attach or copy the log into your reply here. SECONDMalwarebytes' Anti-MalwarePlease download the latest version of Malwarebytes' Anti-Malware from HereDouble Click on the mbam-setup.exe file to install the application. Do not check on the Trial of Professional version. Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. If an update is found, it will download and install the latest version. When the main screen opens, if the database is out of date, you can click on the Fix Now banner or the Update Now link Once the program has loaded and updated, select " Scan Now >>" to start the scan. The scan may take some time to finish, so please be patient. If any malware is found, you will be presented with a screen like the one below. Please click on the Save results > link in the bottom right hand corner and select the Text file(*.txt) from the dropdown list. I would suggest you save the file on your desktop (as we need the report attached here for review and it is easy to find on the desktop). After you have saved the report file, return to the Potential Threats Detected page and click on Cancel. You can close MBAM after that. Please attach the report file to a post here; I will review the file and script what needs to be removed.
|
|
shinn
New Helpee
Posts: 8
|
Post by shinn on Aug 13, 2015 9:39:40 GMT -8
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Aug 13, 2015 22:05:20 GMT -8
This next step may take a while (just to warn you) ..... ESET Online does not work with IE 11 (Internet Explorer) at the moment (a few weeks ago anyway) so if you have IE 11, Chrome or Firefox has to be used instead. ESET Online does work with IE 10 and earlier. You can leave Norton Enabled even though ESET may warn about it. just makes the scan take longer. The pictures below showing what to click may be blue instead of green on the ESET website now, but the procedure is still the same Please read carefully and Slowly, Notice all the settings listed below to check before starting the scan. Stop and ask if you have any questions.Take note of the NO tick in the Remove found threats setting below at it needs to have the tick removed.
Hold down Control key and click on the following link to open ESET OnlineScan in a new window. Link =>> ESET Online Scanner << Click the Run ESET Online Scanner located on the left side of the page (not the free trial). For browsers other than Internet Explorer only: (Microsoft Internet Explorer users can skip this step) Click on the esetsmartinstaller link in the popup window that opens. Save it to your desktop. Double click on the icon on your desktop. Check (accept) the Terms of Use. Click the START button. Accept any security warnings from your browser. Now in the Computer scan settings window that appears:- Make sure that the option Enable detection of potentially unwanted applications is selected. Now click on Advanced Settings and configure the options as follows: Remove found threats is Not checkedScan archives is checkedScan for potentially unsafe applications is checkedEnable Anti-Stealth Technology is checkedNow click on: StartESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time. When the scan is finished, if any threats are found you will see the screen below. Click to view the found threats. At the bottom of the listed threats, there is an option to save the results to a text file. Please do this so you can attach the results here for review and removal of the items that are not false positives (these will be scripted out so do not worry). Once the log text file is saved, return to the Scan Finished screen by clicking "<<Back", then click on the uninstall button and click Finish. Attach the saved log file in your next reply please. Thanks.
|
|
shinn
New Helpee
Posts: 8
|
Post by shinn on Aug 16, 2015 2:56:12 GMT -8
Sorry for not responding for a while things got busy on my end. But there seems to be a problem, whenever I run the ESET scanner it just seem to stop at this specific point puu.sh/jDtpe/ef66c64d12.pngI made sure to read the instructions thoroughly to see if I did anything wrong and it still stops at that point.
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Aug 17, 2015 22:26:31 GMT -8
Let's switch to a different scanner ... Uninstall the ESET Online Scanner by going to the START > Control Panel > Programs and Features, select ESET Online Scanner and click on uninstall. After that download and run the following scan: Go to Emsisoft and download the Emsisoft Free Emergency Kit from here.
|
|