MajorGeeks Support Forums

Go Back   MajorGeeks Support Forums > ----------= PC, Desktop and Laptop Support =---------- > Malware Removal
Register FAQ Members List Calendar Casino Mark Forums Read

Malware Removal Malware removal forum. Please see the READ ME FIRST thread before you post. Forum is staffed by a small number of volunteers, please be patient.


Reply
 
Thread Tools Display Modes
  #1  
Old 04-27-13, 16:28
Gitch28 Gitch28 is offline
Private E-2
 
Join Date: Apr 2013
Posts: 3
Thanks: 2
Thanked 0 Times in 0 Posts
Default 77 threats found by Hitman Pro

For the last 5 days or so i have had constant freezing and crashing of applications - primarily firefox (waterfox). I only became suspicious the other day and found one of the problems to be searchou.com which installed with 'Privitize VPN' which itself was installed because of my impatience. I have removed privitize and, whilst going through the malware removal thread, corrected the google/webhp issue. After completing the steps in thread the issue has not been resolved. Any anti-virus sites load indefinitely and on the 2 occasions i activated the KB enforcer it found that the site was being redirected to a version of edgecastdn.net - that was Chrome. No browser loads any program at the moment. Then as per title when i ran Hitman Pro, the results showed 9 items and 77 threats, it crashed/began hanging at 99% whilst on a location that had produced at least item. I cancelled it so it may not be a full representation, it looked to me like it wasn't going anywhere, the same item was scanned for just under 7/8 minutes. I ignored the 77 threats as instructed so i am unsure what to do next. Any help would be appreciated and i have likely missed something i should have posted.
I am also unable to do any system restores if that is related.
Additional to that - i am having to use a borrowed laptop as i am unable to do anything on my browser as i have mentioned so the logs are not for this device - just so you know.

Another additional - i have only been unable to go online since i began acting against the malware today, it has worked for short periods recently with the frequent not responding.

Thanks.
Attached Files
File Type: txt AdwCleaner[R5].txt (3.8 KB, 3 views)
File Type: zip MGlogs.zip (791.3 KB, 3 views)
File Type: log HitmanPro_20130427_1956.log (30.7 KB, 6 views)
File Type: txt RKreport[1]_S_04272013_02d1850.txt (2.1 KB, 5 views)
File Type: txt TDSSKiller.2.8.16.0_27.04.2013_19.29.15_log.txt (145.9 KB, 2 views)

Last edited by Gitch28; 04-27-13 at 16:33.. Reason: Another additioanl
Reply With Quote
Sponsored links
  #2  
Old 04-29-13, 18:51
thisisu's Avatar
thisisu thisisu is offline
Malware Consultant
 
Join Date: Apr 2006
Location: Houston, TX
Posts: 8,179
Thanks: 270
Thanked 1,437 Times in 1,356 Posts
Default Re: 77 threats found by Hitman Pro

Hi, and welcome to MajorGeeks!

Give me a moment to review your logs.

So far I noticed this:

Quote:
16:48:22.0798 5700 Detected object count: 3
16:48:22.0798 5700 Actual detected object count: 3
16:48:40.0178 5700 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe - copied to quarantine
16:48:40.0191 5700 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
16:48:40.0442 5700 C:\Program Files\Soluto\SolutoRemoteService.exe - copied to quarantine
16:48:40.0471 5700 SolutoRemoteService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
16:48:40.0537 5700 C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - copied to quarantine
16:48:40.0553 5700 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
16:48:45.0182 5104 Deinitialize success
While they weren't particularly required by the operating system, these were legitimate services. We'll see what we can do in order to restore them if you'd like.
__________________
Facebook . Twitter . Blog . VirusTotal
Reply With Quote
The Following User Says Thank You to thisisu For This Useful Post:
Gitch28 (04-30-13)
  #3  
Old 04-29-13, 18:54
thisisu's Avatar
thisisu thisisu is offline
Malware Consultant
 
Join Date: Apr 2006
Location: Houston, TX
Posts: 8,179
Thanks: 270
Thanked 1,437 Times in 1,356 Posts
Default Re: 77 threats found by Hitman Pro

The false threats detected by HitmanPro are typically caused when HitmanPro is running without an internet connection. All the files are legitimate though.

Quote:
Cloud . . . . . . . . : No connection
This may be due to two anti-viruses having traces on the system.

For the time being, can you please uninstall each of these programs:
  • avast! Free Antivirus
  • ZoneAlarm Free Firewall
  • Free File Viewer 2011
  • DriverIdentifier 4.2.3

Next,

Please download and run AVG Remover

__

Then,

Please download and run Avast! Uninstall Utility
This utility must be run from Safe Mode.

__

Finally,

Please download Junkware Removal Tool to your desktop.
  • Please save the work in your browsers before proceeding.
  • Shut down your protection software now (antivirus, antispyware...etc) to avoid possible conflicts.
  • Double-click JRT.exe to run (Vista/7 right-click and select Run as Administrator)
  • Press any to key to begin scanning.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Please attach JRT.txt to your next message. (How to attach)

__

Now run C:\MGtools\GetLogs.bat by right-mouse clicking it and then selecting Run as Administrator
This updates all of the logs inside MGlogs.zip.
When it is finished, attach C:\MGlogs.zip to your next message. (How to attach)

Make sure to let me know how things are running once you have completed these steps!
__________________
Facebook . Twitter . Blog . VirusTotal

Last edited by thisisu; 04-29-13 at 19:03..
Reply With Quote
The Following User Says Thank You to thisisu For This Useful Post:
Gitch28 (04-30-13)
  #4  
Old 04-30-13, 17:54
Gitch28 Gitch28 is offline
Private E-2
 
Join Date: Apr 2013
Posts: 3
Thanks: 2
Thanked 0 Times in 0 Posts
Default Re: 77 threats found by Hitman Pro

Ah, so nothing to worry about with the Hitman results. The connection issue was a network shield on avast, i should have checked before i posted. I definitely need the Junkware Removal Tool but other than that i think that is everything sorted now? Hope i haven't wasted your time, turned out to be a really minor issue. Although, i followed some advice to remove a Browser hijacker - the www.google.co.uk/webhp and just now webhp came up in the address bar within another site. I don't know what that is or whether it is an issue. One last thing; which software do you recommend i keep? Anyway thanks for your help, i'll try to repay your time somewhere else in the forum if i can.

Last edited by TimW; 04-30-13 at 18:02..
Reply With Quote
  #5  
Old 05-01-13, 19:08
thisisu's Avatar
thisisu thisisu is offline
Malware Consultant
 
Join Date: Apr 2006
Location: Houston, TX
Posts: 8,179
Thanks: 270
Thanked 1,437 Times in 1,356 Posts
Default Re: 77 threats found by Hitman Pro

I'm not quite convinced that the "webhp" is a problem.

Did you want help with restoring those quarantined files from TDSSKiller?

If so, please do the following:

Let's have a look at what TDSSKiller has previously removed:

  • Please download TDSS Qlook and save it to your desktop.
  • Extract the TDSSQlook.exe file onto your desktop and run it.
  • Type the letter A and press ENTER.
  • A logfile will open (TDSSQ.txt), please attach the contents of that logfile into your next reply.
__________________
Facebook . Twitter . Blog . VirusTotal
Reply With Quote
Sponsored links
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Hitman & Rogue found some issues. MCxGT Malware Removal 5 04-06-13 22:33
No problems, but Hitman says it found PLSRemote.exe? ithryn Malware Removal 1 03-23-13 16:25
Hitman Pro found 10 threats....How to Remove? rubylouise Malware Removal 5 02-26-13 03:10
Hitman Pro found items all logs attached sssteve72 Malware Removal 3 09-03-12 16:14
Might have found some threats Slider5150 Malware Removal 2 02-26-10 15:49


All times are GMT -5. The time now is 02:42.

MajorGeeks.Com Menu

MajorGeeks.Com \ All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ NEW! PC Games \ System Tools \ Macintosh \ Demonews.Com \ Top Downloads

MajorGeeks.Com \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds


All content Copyright MajorGeeks.com source code Powered by vBulletin® Version 3.8.4
Copyright © 2009 vBulletin Solutions, Inc. All rights reserved.
Ad Management by RedTyger