77 threats found by Hitman Pro

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Gitch28, Apr 27, 2013.

  1. Gitch28

    Gitch28 Private E-2

    For the last 5 days or so i have had constant freezing and crashing of applications - primarily firefox (waterfox). I only became suspicious the other day and found one of the problems to be searchou.com which installed with 'Privitize VPN' which itself was installed because of my impatience. I have removed privitize and, whilst going through the malware removal thread, corrected the google/webhp issue. After completing the steps in thread the issue has not been resolved. Any anti-virus sites load indefinitely and on the 2 occasions i activated the KB enforcer it found that the site was being redirected to a version of edgecastdn.net - that was Chrome. No browser loads any program at the moment. Then as per title when i ran Hitman Pro, the results showed 9 items and 77 threats, it crashed/began hanging at 99% whilst on a location that had produced at least item. I cancelled it so it may not be a full representation, it looked to me like it wasn't going anywhere, the same item was scanned for just under 7/8 minutes. I ignored the 77 threats as instructed so i am unsure what to do next. Any help would be appreciated and i have likely missed something i should have posted.
    I am also unable to do any system restores if that is related.
    Additional to that - i am having to use a borrowed laptop as i am unable to do anything on my browser as i have mentioned so the logs are not for this device - just so you know.

    Another additional - i have only been unable to go online since i began acting against the malware today, it has worked for short periods recently with the frequent not responding.

    Thanks.
     

    Attached Files:

    Last edited: Apr 27, 2013
  2. thisisu

    thisisu Malware Consultant

    Hi, and welcome to MajorGeeks!

    Give me a moment to review your logs.

    So far I noticed this:

    While they weren't particularly required by the operating system, these were legitimate services. We'll see what we can do in order to restore them if you'd like.
     
  3. thisisu

    thisisu Malware Consultant

    The false threats detected by HitmanPro are typically caused when HitmanPro is running without an internet connection. All the files are legitimate though.

    This may be due to two anti-viruses having traces on the system.

    For the time being, can you please uninstall each of these programs:
    • avast! Free Antivirus
    • ZoneAlarm Free Firewall
    • Free File Viewer 2011
    • DriverIdentifier 4.2.3

    Next,

    [​IMG] Please download and run AVG Remover

    __

    Then,

    [​IMG] Please download and run Avast! Uninstall Utility
    This utility must be run from Safe Mode.

    __

    Finally,

    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Please save the work in your browsers before proceeding.
    • Shut down your protection software now (antivirus, antispyware...etc) to avoid possible conflicts.
    • Double-click JRT.exe to run (Vista/7 right-click and select Run as Administrator)
    • Press any to key to begin scanning.
    • Please be patient as this can take a while to complete.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Please attach JRT.txt to your next message. (How to attach)

    __

    [​IMG] Now run C:\MGtools\GetLogs.bat by right-mouse clicking it and then selecting Run as Administrator
    This updates all of the logs inside MGlogs.zip.
    When it is finished, attach C:\MGlogs.zip to your next message. (How to attach)

    Make sure to let me know how things are running once you have completed these steps!
     
    Last edited: Apr 29, 2013
  4. Gitch28

    Gitch28 Private E-2

    Ah, so nothing to worry about with the Hitman results. The connection issue was a network shield on avast, i should have checked before i posted. I definitely need the Junkware Removal Tool but other than that i think that is everything sorted now? Hope i haven't wasted your time, turned out to be a really minor issue. Although, i followed some advice to remove a Browser hijacker - the www.google.co.uk/webhp and just now webhp came up in the address bar within another site. I don't know what that is or whether it is an issue. One last thing; which software do you recommend i keep? Anyway thanks for your help, i'll try to repay your time somewhere else in the forum if i can.
     
    Last edited by a moderator: Apr 30, 2013
  5. thisisu

    thisisu Malware Consultant

    I'm not quite convinced that the "webhp" is a problem.

    Did you want help with restoring those quarantined files from TDSSKiller?

    If so, please do the following:

    Let's have a look at what TDSSKiller has previously removed:


    • Please download TDSS Qlook and save it to your desktop.
    • Extract the TDSSQlook.exe file onto your desktop and run it.
    • Type the letter A and press ENTER.
    • A logfile will open (TDSSQ.txt), please attach the contents of that logfile into your next reply.
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds