[ti]SOLVED[/ti]deploy.static.akamaitechnologies.com

charbs
New Helpee

Posts: 4

[ti]SOLVED[/ti]deploy.static.akamaitechnologies.com Jul 27, 2017 14:31:12 GMT -8

Post by charbs on Jul 27, 2017 14:31:12 GMT -8

From what I can read deploy.static.akamaitechnologies.com is nasty browser hijacker virus. I've run netstat -fb and lucky me, its on my computer...Hell its even somehow gotten onto my cell phone. Netstat log below...I really am at the end of my rope with this ... its creating all types of performance issues ..CPU usage 99% etc...Please help

Netstat Log

Proto Local Address Foreign Address State

TCP 192.168.1.17:63831 msnbot-65-52-108-195.search.msn.com:https ESTABLISHED

ProfSvc

[svchost.exe]

TCP 192.168.1.17:63910 13.107.42.11:https ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64148 40.114.95.106:https ESTABLISHED

[N360.exe]

TCP 192.168.1.17:64204 a.tribalfusion.com:http ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64215 a.tribalfusion.com:http ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64216 a.tribalfusion.com:http ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64218 a184-84-243-191.deploy.static.akamaitechnologies.com:http ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64260 40.69.146.80:https ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64266 msnbot-65-52-108-76.search.msn.com:https ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64311 a184-84-243-202.deploy.static.akamaitechnologies.com:http ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64312 a184-84-243-202.deploy.static.akamaitechnologies.com:http ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64345 184.150.154.8:http ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64346 lga34s19-in-f19.1e100.net:https ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64347 184.150.154.8:http ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64363 8.43.72.32:http ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64372 104.16.121.223:https ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64387 m-prd-umpxl-adcom-mtc-b.evip.aol.com:https TIME_WAIT

TCP 192.168.1.17:64403 m-prd-req-adcom-mtc-c.evip.aol.com:https TIME_WAIT

TCP 192.168.1.17:64454 185.86.137.42:https TIME_WAIT

TCP 192.168.1.17:64516 lga25s63-in-f2.1e100.net:http CLOSE_WAIT

[chrome.exe]

TCP 192.168.1.17:64521 208.185.50.80.IPYX-063360-004-ZYO.zip.zayo.com:https TIME_WAIT

TCP 192.168.1.17:64526 74.121.142.164:https TIME_WAIT

TCP 192.168.1.17:64539 8.43.72.72:http ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64548 184.150.154.19:http ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64575 208.185.50.25.IPYX-063360-004-ZYO.zip.zayo.com:https ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64581 192.132.33.27:https ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64587 114.255.178.107.bc.googleusercontent.com:https TIME_WAIT

TCP 192.168.1.17:64632 74.121.142.164:http ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64633 m-prd-umpxl-shared-mr3-blue-a.evip.aol.com:http ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64638 184.150.154.8:http ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64641 a23-34-221-42.deploy.static.akamaitechnologies.com:https ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64643 151.101.20.166:https ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64680 lga34s19-in-f14.1e100.net:https ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64681 151.101.20.214:https ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64684 a-0001.a-msedge.net:https ESTABLISHED

[SearchUI.exe]

TCP 192.168.1.17:64685 a-0001.a-msedge.net:https ESTABLISHED

[SearchUI.exe]

TCP 192.168.1.17:64690 router.asus.com:43398 TIME_WAIT

TCP 192.168.1.17:64692 router.asus.com:43398 TIME_WAIT

TCP 192.168.1.17:64693 104.208.165.109:https ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64694 router.asus.com:43398 TIME_WAIT

TCP 192.168.1.17:64697 router.asus.com:43398 TIME_WAIT

TCP 192.168.1.17:64699 93.184.215.201:https ESTABLISHED

[chrome.exe]

TCP 192.168.1.17:64701 72.21.91.70:https ESTABLISHED

ProfSvc

[svchost.exe]

TCP 192.168.1.17:64702 a23-34-208-127.deploy.static.akamaitechnologies.com:https ESTABLISHED

WpnUserService_45827b

[svchost.exe]

TCP 192.168.1.17:64703 13.107.42.11:https ESTABLISHED

Last Edit: Jul 30, 2017 10:59:54 GMT -8 by dbrisen

charbs New Helpee Posts: 4	[ti]SOLVED[/ti]deploy.static.akamaitechnologies.com Jul 27, 2017 15:12:46 GMT -8 Select Post Deselect Post Link to Post Member Give Gift Back to Top Post by charbs on Jul 27, 2017 15:12:46 GMT -8 wikisend.com/download/708788/FRST.txt wikisend.com/download/301372/Addition.txt Sorry made the post before reading step 2. I am all ready.

dbrisen
Malware Removalists

Posts: 3,688

[ti]SOLVED[/ti]deploy.static.akamaitechnologies.com Jul 28, 2017 21:55:51 GMT -8

Post by dbrisen on Jul 28, 2017 21:55:51 GMT -8

Sorry for the late reply but my job gets in the way sometimes. I have examined your logs and do not see any obvious malware so let us get a second opinion AV scan please.

Go to Emsisoft and download the Emsisoft Free Emergency Kit from here.

Double click on the EmsisoftEmergencyKit.exe file and then click on Extract to unpack the files (the default directory of C:\EEK is fine).
Go to the new directory and right click on Start Emergency Kit Scanner.exe and choose 'Run as Administrator'.
Once the scanner loads, allow it check for updates.
When the updates are finished, click the BACK button to return to the main menu.
Click on the SCAN and select Malware Scan to start scanning your system. Please enable the PUP detection option, if it asks.
If the scan finds anything, it will open a scan finding window. Please click on View Report; copy this report and paste it here in reply post.
Please close the Emergency Kit Scanner program now.

I will not provide malware removal by PM; please post in your thread on the Malware Removal board.
My help is always free but if you would like to help encourage me or show your thanks -----> DONATE

charbs
New Helpee

Posts: 4

[ti]SOLVED[/ti]deploy.static.akamaitechnologies.com Jul 29, 2017 9:52:18 GMT -8

Post by charbs on Jul 29, 2017 9:52:18 GMT -8

Hello. I'm really sorry to have wasted your time and I really do appreciate knowing that my computer is free of Malware. The scan was none resulting. Here is the log. I think reading various strings on this deplay.static.akamaitechnologies indicating it was a browser highjacker etc...and seeing it on my computer and my phone VPN might have sent me into paranoia state. I misunderstood what I was looking at to begin with. AGAIN very sorry if I wasted your time and thanks again.

LOG

Emsisoft Emergency Kit - Version 2017.6
Last update: 2017-07-28 1:40:43 PM
User account: DESKTOP-L462U5F\Eric
Computer name: DESKTOP-L462U5F
OS version: Windows 10x64

Scan settings:

Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files

Detect PUPs: On
Scan archives: Off
Scan mail archives: Off
ADS Scan: On
File extension filter: Off
Direct disk access: Off

Scan start: 2017-07-28 1:42:24 PM

Scanned 73131
Found 0

Scan end: 2017-07-28 1:47:13 PM
Scan time: 0:04:49

dbrisen
Malware Removalists

Posts: 3,688

[ti]SOLVED[/ti]deploy.static.akamaitechnologies.com Jul 29, 2017 20:58:46 GMT -8

Post by dbrisen on Jul 29, 2017 20:58:46 GMT -8

You did not waste my time as all new information and learning experiences are worth everyone's effort. If you are satisfied with your system, you can delete FRST off your desktop and from C:\FRST on your harddrive.