Hitman Pro Support and Discussion Thread

Discussion in 'other anti-malware software' started by yashau, Mar 20, 2009.

  1. mrmohammed

    mrmohammed Registered Member

    Joined:
    Dec 16, 2015
    Posts:
    3
    How can i solve this problem
     
  2. Mops21

    Mops21 Registered Member

    Joined:
    Oct 5, 2010
    Posts:
    2,469
    Location:
    Germany
    Hi Erik and Hi Mark

    Can you check the 4 Files and whitelisted the 4 Files please. I use the FP function into the Programm to submit the File to you

    With best Regards
    Mops21
     

    Attached Files:

  3. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    HitmanPro 3.7.12 Build 255 BETA

    Changelog
    • Added credentials support to proxy pre-authentication
    • Added /proxycred command line switch
    • Updated raw registry parser
    Download
    http://www.hitmanpro.com/beta

    Please let me know how this version runs on your computer :thumb:
     
    Last edited: Jan 21, 2016
  4. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,462
    Location:
    Under a bushel ...
    Updated and ran fine. Win 8.1 64-bit.
     
  5. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    1,163
    No problems here.
     
  6. L10090

    L10090 Registered Member

    Joined:
    Feb 13, 2015
    Posts:
    302
    Location:
    Netherlands
    W7-x64 and HMP build 255 Beta runs fine, NO issues.
     
  7. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    1,538
    Hi Erik, I reported this problem a while ago and it's still a problem for me. BTW, if these reg entries are deleted, FDM will no longer work correctly. Some additional checking needs to be done to make sure HMP is talking about the correct program installed. See this thread
     
  8. SIR****TMG

    SIR****TMG Registered Member

    Joined:
    May 31, 2004
    Posts:
    833
    HMP build 255 Beta runs fine on windows7 64 bit pro
     
  9. hitman_user

    hitman_user Registered Member

    Joined:
    Nov 25, 2015
    Posts:
    18
    also on my pc (w7/x64) HitmanPro 3.1.12 Build 255 BETA works without any problems
     
  10. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,172
    Location:
    .
    HitmanPro 3.7.12 Build 255 BETA = 30sec scan.....?
    Scan date . . . . . . : 2016-01-17 10:25:34
    Scan mode . . . . . . : Normal
    Scan duration . . . . : 31s
    Disk access mode . . : Direct disk access (Default)
    Objects scanned . . . : 2,141,121
    Files scanned . . . . : 2,150
    Remnants scanned . . : 467,780 files / 1,671,191 keys
    ----------------------------------------------------
    Scan date . . . . . . : 2016-01-17 10:26:44
    Scan mode . . . . . . : Normal
    Scan duration . . . . : 6m 18s
    Disk access mode . . : Direct disk access (SRB)
    Objects scanned . . . : 2,227,608
    Files scanned . . . . : 51,349
    Remnants scanned . . : 467,804 files / 1,708,455 key
    -----------------------------------------------------
    Scan date . . . . . . : 2016-01-17 10:35:25
    Scan mode . . . . . . : Normal
    Scan duration . . . . : 5m 23s
    Disk access mode . . : Direct disk access (SRB)
    Objects scanned . . . : 2,227,626
    Files scanned . . . . : 51,355
    Remnants scanned . . : 467,815 files / 1,708,456 keys
     
    Last edited: Jan 18, 2016
  11. hitman_user

    hitman_user Registered Member

    Joined:
    Nov 25, 2015
    Posts:
    18
    Scan date . . . . . . : 2016-01-17 18:12:25
    Scan mode . . . . . . : EWS
    Scan duration . . . . : 46s
    Disk access mode . . : Direct disk access (SRB)
    Cloud . . . . . . . . : Internet
    Reboot . . . . . . . : No

    Objects scanned . . . : 1.169.197
    Files scanned . . . . : 21.535
    Remnants scanned . . : 250.697 files / 896.965 keys
     
  12. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,304
    Location:
    Kent. UK by the sea
    Hi erikoman

    I think you mean HitmanPro 3.7.12 Build 255 BETA :doubt:, and it runs fine on my system.

    With regards
    Take Care
    TheQuest :cool:
     
  13. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    7,015
    http://www.surfright.nl/en/hitmanpro/whatsnew#releasehistory

    HitmanPro Release History

    Build 256 (TBD)

    •Added credentials support to proxy pre-authentication.
    •Added /proxycred command line switch.
    •Added dual code signed signatures (Authenticode) on EXE, DLL and SYS files.
    •Added protection against DLL preloading attacks.
    •Updated raw registry parser.
     
  14. hopalonghoyt

    hopalonghoyt Registered Member

    Joined:
    Jan 21, 2016
    Posts:
    1
    Location:
    Houston, Texas
    I have a Dell Inspiron desktop about one year old. I use HitmanPro 3.7 for virus protection. Today I got this message and wondered if anyone could advise if this is harmful? I posted this on the Dell Forum but was referred to this Forum which I just joined today. From time to time I'm getting a display error warning but I do not know the exact warning. The cut and paste below is the "suspicious" alert received yesterday.

    C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
    Size . . . . . . . : 6,389,688 bytes
    Age . . . . . . . : 186.6 days (2015-07-17 23:36:32)
    Entropy . . . . . : 6.3
    SHA-256 . . . . . : BDE0D8A6420356435C8202D5BA2E376768F7D76FBA46D98F0C909A5BA60FE8C5
    Product . . . . . : Intel HD Graphics Drivers for Windows 8(R)
    Publisher . . . . : Intel Corporation
    Description . . . : Intel Graphics Kernel Mode Driver
    Version . . . . . : 10.18.15.4256
    Copyright . . . . : Copyright (c) 1998-2014 Intel Corporation.
    Service . . . . . : igfx
    LanguageID . . . . : 1033
    Fuzzy . . . . . . : 45.0
    The file is hidden from Windows API. This is typical for malware.
    The file is completely hidden from view and most antivirus products. It may belong to a rootkit.
    Starts automatically as a service during system bootup.
    The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
    The file is a device driver. Device drivers run as trusted (highly privileged) code.
    Startup
    HKLM\SYSTEM\CurrentControlSet\Services\igfx\

    I'm constantly getting error messages with the Edge Browser regarding display.



    [locked by: shesagordie at 7:49 PM (GMT -6) on 20 Jan 2016]
    [unlocked by: shesagordie at 7:49 PM (GMT -6) on 20 Jan 2016]
    [locked by: shesagordie at 7:50 PM (GMT -6) on 20 Jan 2016]
    [unlocked by: shesagordie at 7:51 PM (GMT -6) on 20 Jan 2016]
    [locked by: shesagordie at 7:52 PM (GMT -6) on 20 Jan 2016]
     
  15. JEAM

    JEAM Registered Member

    Joined:
    Feb 21, 2015
    Posts:
    502
    Can you upload the file to Virus Total and see what they say?

    (We're not allowed to post actual results from Virus Total here, but it might give you an idea what dozens of other security scanners think of that file.)
     
  16. Mops21

    Mops21 Registered Member

    Joined:
    Oct 5, 2010
    Posts:
    2,469
    Location:
    Germany
  17. Anguel

    Anguel Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    75
    Just contacted HitmanPro support: No HitmanPro.Alert available for business right now! They are waiting for Sophos to decide how much they want to charge businesses for it in second half of 2016 ... Too bad and a waste of time!

    Also there is no way to enter your company's VAT-ID to exclude VAT.

    Good products but no idea how to do business or maybe it's all because Sophos entered the game?
     
  18. Will Johnson

    Will Johnson Registered Member

    Joined:
    Jan 28, 2016
    Posts:
    4
    Just wondering if anyone could assist with this one.

    HitmanPro keeps reporting ieframe.dll as a potential threat. I am a experiencing slowness and browser hang-ups - latest Firefox.

    LOG -

    Code:
    HitmanPro 3.7.12.253
    www.hitmanpro.com
    
      Computer name . . . . : WORK
      Windows . . . . . . . : 6.0.2.6002.X86/2
      User name . . . . . . : WORK\User
      UAC . . . . . . . . . : Enabled
      License . . . . . . . : Free
    
      Scan date . . . . . . : 2016-01-27 00:51:27
      Scan mode . . . . . . : EWS
      Scan duration . . . . : 4m 7s
      Disk access mode  . . : Direct disk access (SRB)
      Cloud . . . . . . . . : No connection
      Reboot  . . . . . . . : No
    
      Threats . . . . . . . : 0
      Traces  . . . . . . . : 6
    
      Objects scanned . . . : 1,614,562
      Files scanned . . . . : 19,767
      Remnants scanned  . . : 188,077 files / 1,406,718 keys
    
    Early Warning Scoring _______________________________________________________
    
      C:\Windows\system32\ieframe.dll
      Size . . . . . . . : 9,753,088 bytes
      Age  . . . . . . . : 13.9 days (2016-01-13 02:41:52)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : A6566BD1F32BDD655426BDFB10B48666C95C4C217A141297A15A1F58D11AF886
      Product  . . . . . : Windows® Internet Explorer
      Publisher  . . . . : Microsoft Corporation
      Description  . . . : Internet Browser
      Version  . . . . . : 9.00.8112.16737
      Copyright  . . . . : © Microsoft Corporation. All rights reserved.
      LanguageID . . . . : 1033
      Fuzzy  . . . . . . : 7.0
      Program starts automatically without user intervention.
      The file is in use by one or more active processes.
      The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
      Time indicates that the file appeared recently on this computer.
      The file is protected by Windows File Protection (WFP). This is typical for critical Windows system files.
      Startup
      HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\UrlSearchHooks\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}
      HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\UrlSearchHooks\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}
      HKU\S-1-5-21-3049137190-2437671345-2331308866-1000\SOFTWARE\Microsoft\Internet Explorer\UrlSearchHooks\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}
      References
      HKLM\SOFTWARE\Classes\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\
    
    
    
    
    Is this a false positive? If not, should I delete the offending dll?
     
  19. 3x0gR13N

    3x0gR13N Registered Member

    Joined:
    May 1, 2008
    Posts:
    832
    It's because you used Early Warning Scoring scan, such results are expected. It's not a false positive due to the nature of such a scan, but you shouldn't delete the file.
     
  20. Will Johnson

    Will Johnson Registered Member

    Joined:
    Jan 28, 2016
    Posts:
    4
    Hi again,
    Many thanks for your response, although I am not quite sure what it means in terms of my being able to solve my problem.

    I have just done a clean via CCleaner and have saved the log thus -

    Code:
    Cleaning Complete - (111.823 secs)
    ------------------------------------------------------------------------------------------
    3.75 MB removed.
    Secure file deletion enabled - Very Complex Overwrite (35 passes)
    ------------------------------------------------------------------------------------------
    
    Details of files deleted
    ------------------------------------------------------------------------------------------
    Internet Explorer - Temporary Internet Files 181 KB 34 files 16.314 secs
    Internet Explorer - History 16 KB 1 files 2.134 secs
    Internet Explorer - Index.dat files 16 KB 1 files 0.470 secs
    Windows Explorer - Thumbnail Cache 1,029 KB 6 files 8.858 secs
    System - Temporary Files 266 KB 7 files 12.010 secs
    System - Windows Log Files 1,703 KB 2 files 26.762 secs
    System - Windows Error Reporting 4 KB 1 files 0.109 secs
    Firefox - Internet Cache 101 KB 49 files 29.689 secs
    Firefox - Cookies 0 KB 6 files 0.263 secs
    Firefox - Session 1 KB 1 files 0.232 secs
    Firefox - Site Preferences 320 KB 2 files 1.219 secs
    Firefox - Saved Form Information 192 KB 1 files 0.500 secs
    Utilities - Avast! Antivirus 17 KB 4 files 0.587 secs
    ------------------------------------------------------------------------------------------
    C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PWVYJXWM\dark-facebook-128[1].png 1 KB
    C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PWVYJXWM\pagerror[1] 2 KB
    C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFR289TM\open[1].gif 1 KB
    C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\834I77ZL\mailbomb[1] 1 KB
    C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\834I77ZL\dark-link-128[1].png 2 KB
    C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JE4CAZ3E\e44e6cc5-55b7-44cd-8a4b-905ee6e20051[1].jpg 152 KB
    C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JE4CAZ3E\dark-twitter-128[1].png 2 KB
    C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFR289TM\551e0834-de73-4fa2-9c2d-fa7750c56ea4[1].jpg 21 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JE4CAZ3E\oestyle[1] 1 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\834I77ZL\MC_MonkeyReward_08[1].png 3 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PWVYJXWM\CA0G3WBO 0 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PWVYJXWM\CA6D3EKL 0 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PWVYJXWM\CA9TAPIF 0 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PWVYJXWM\CAJM4D51 0 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PWVYJXWM\CAK9IO9I 0 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFR289TM\CA33C4P0 0 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFR289TM\CA3G6O0G 0 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFR289TM\CA52VALS 0 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFR289TM\CA7Q8I16 0 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFR289TM\CA8ZYH2F 0 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFR289TM\CA9AXNNG 0 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFR289TM\CABBZZGK 0 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFR289TM\CAGA2MA5 0 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFR289TM\CAHJXMM3 0 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFR289TM\CAI1UD73 0 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFR289TM\CAJHQUGB 0 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFR289TM\CAJNN5AI 0 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFR289TM\CAM9WY5L 0 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFR289TM\CAN11ROI 0 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFR289TM\CAS6QGDT 0 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFR289TM\CAYBQDOU 0 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFR289TM\CAYCVA75 0 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFR289TM\CAZO92S2 0 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFR289TM\CAZVIUHZ 0 KB
    C:\Users\Leisha\AppData\Roaming\Microsoft\Windows\IEDownloadHistory\index.dat 16 KB
    C:\Users\Leisha\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat 16 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1024.db 1 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db 1,024 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db 1 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db 1 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db 4 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db 1 KB
    C:\Windows\TEMP\GeoInfo.tmp 0 KB
    C:\Users\Leisha\AppData\Local\temp\avastBCLTMP\firefox\client@anonymox.net\icon48.png 2 KB
    C:\Users\Leisha\AppData\Local\temp\avastBCLTMP\firefox\jid1-e3wsqah5t1hqkp@jetpack\icon.png 5 KB
    C:\Users\Leisha\AppData\Local\temp\avastBCLTMP\firefox\vwof@drev.com\icon.png 5 KB
    C:\Users\Leisha\AppData\Local\temp\avastBCLTMP\firefox\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\icon.png 3 KB
    C:\Users\Leisha\AppData\Local\temp\avastBCLTMP\firefox\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}\icon32.png 5 KB
    C:\Users\Leisha\AppData\Local\temp\ppcrlui_5468_2 249 KB
    C:\Windows\Logs\CBS\CBS.log 1,690 KB
    C:\Windows\inf\setupapi.dev.log 13 KB
    C:\Users\Leisha\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report10650367\Report.wer 4 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\0049FA08195DA3AD284D133C6738CCDA5CAA6D3B 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\0260BDA992FD6F305323B6DBBC4F6DD8DC22753F 7 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\063A1D8657C232165DE51C8292D6A03AE8C917A0 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\0A36405A931A12BB11B7736CAA0A735034538B33 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\148A2D487097284FC146E927F0EB0044C80BF232 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\156A5CCBEF01C060EFFE6F1F2FE07786A115FBEA 3 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\1D6BACEDB14E2CD52BD6524F83CE2423C0418BD3 5 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\20F90C4A1CB5EE055EB156DE8EA166874F2B8548 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\2E79574441EBD5499144E476B4389B1D7DC50043 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\2F9FE11173FA4927FF2DAFB2BCBEA8DB12DD42B6 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\30DA458CA8C54EDFD9923F8AEC0EEC652C41B9E5 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\315F578BBF800DDBA3F5D3A362F4BFA5E955E067 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\31E53103DED2E3D1C2D3DBA2332CC819582769F2 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\3EB9C383693974D872BDE008117F0D1CF80B22E6 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\43ABD77A6B49E6C668D11CACBDF1BC7B71C72451 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\516872DA894063B4505E58FBA98DE7DB07A1A6C7 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\57B9FB1B4BE91BAECF702EF617B1B283F3483726 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\5FBEEA143B49A51E167F43F78E8111AB54E1B563 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\638FE5D78D1B7DBA31C56BC28D7FE8300737365B 14 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\676552162E05D80067ACC5D12E4BDD3F4A7E264B 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\6883EFA19535426DBE41BBA4C796C30284E14CE7 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\6C055252EF3EBFC1F88A9A3AFC52951C70EA5738 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\704C774B767EAF0B865B787373BF762E4C15FEFD 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\71F374FD39271B458646B43830AE1F119703E0FB 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\7F2175750A23DCAE59B5AAE929F9ACDA06135D8D 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\86416E9E3E0036944079AC17FEC93C37FFEF6945 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\8CA1752735CFD439647118B2F55C3A50E7E07D60 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\917D478D9E983B67DFFC6800F6773FE42290D629 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\926F0DA5CE8F05FF43B10D4AA886949EE9D206F9 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\9C1C99E7A753121A022056E3C9EE0CE4B20198ED 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\A0624854CE9AD89523804CECCBFF65FE74584A22 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\A44883A4274CD76E2998E3906E7A0E2BA16681D5 3 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\A748CF5C9CC5B0D7B5A96918BE3153AF30C3458C 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\B1BF484310B181937E88AFC02D2B2F23B1FBCC38 3 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\B78BCCCFB64EC8FD720D349103E09383C355C5BF 24 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\BCF35D03B29C2C5CD3E4FA84BC7B86994342DAD1 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\BF57F5F1FDA6BF8A975D7D111C647D5E0BCABDC4 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\C134867E8521CF81FF46CB62D59B73A2C609077E 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\C9723A08B1D5D98100EF75C5AC72E476FFC15D4E 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\CB9D1CC12E72233582D9FFE8B04E2472CA470E42 15 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\D8EC2C2288356DBEF11CAECB78059E6C5894AD12 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\E0EA1B424BCE5F7BC84A640C904A979AED2BE87F 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\E16CF7E57BF0BC504FFD4215D6E5286801EF594E 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\E9B156C8ACB1FF8D110D5E511B7414886D01B825 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\EF251C14FE0A17783C636B1E39D889957E85B723 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\EF37C15259D1973BE62E8245CFCCC6D15B49933F 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\F5D780B7135B5FEEEB8A480F3577BD1BB918E9FF 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\F796A1F6B9C4047889DAC7396609DCAB4B5A16D1 1 KB
    C:\Users\Leisha\AppData\Local\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\cache2\entries\FB18D508E8E45B2E46F0584405C2983A1732E110 1 KB
    Removed Cookie: services.addons.mozilla.org 0 KB
    Removed Cookie: blocklist.addons.mozilla.org 0 KB
    Removed Cookie: secure.informaction.com 0 KB
    Removed Cookie: easylist-downloads.adblockplus.org 0 KB
    Removed Cookie: notification.adblockplus.org 0 KB
    Removed Cookie: google.com 0 KB
    C:\Users\Leisha\AppData\Roaming\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\sessionCheckpoints.json 1 KB
    C:\Users\Leisha\AppData\Roaming\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\content-prefs.sqlite 224 KB
    C:\Users\Leisha\AppData\Roaming\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\permissions.sqlite 96 KB
    C:\Users\Leisha\AppData\Roaming\Mozilla\Firefox\Profiles\wycn6tyh.default-1421622288386\formhistory.sqlite 192 KB
    C:\ProgramData\AVAST Software\Avast\log\Avast-Browser-Cleanup-silent.log 2 KB
    C:\ProgramData\AVAST Software\Avast\log\BugReport.log 1 KB
    C:\ProgramData\AVAST Software\Avast\log\HtmlRemoteContent.log 16 KB
    C:\ProgramData\AVAST Software\Avast\log\Mail.log 1 KB
    I have tried Hitman, Malabytes, Junkware Removal Tool, Superspyware, TDSSKiller, Uncle Tom Cobley et al, and all to no avail.
    Oh, and Avast is about as useful as an ashtray on a motorcycle.
    I know I am infected but am damned if I can find any effective cure.


    Further comments ts welcome
     

    Attached Files:

    Last edited by a moderator: Jan 28, 2016
  21. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    What gives you the impression you are infected? ieframe is usually detected when running with EWS enabled so that is not the infection. What behavior do you see on your computer that makes you say: oh crap, computer is infected?
     
  22. Magic_The

    Magic_The Registered Member

    Joined:
    Jun 24, 2015
    Posts:
    39
  23. Will Johnson

    Will Johnson Registered Member

    Joined:
    Jan 28, 2016
    Posts:
    4
    Hi, only just managed to get connected again!

    Symptoms are:

    Browser slows, then hangs - all function buttons cease to work. This is accompanied by frantic hard disk activity which lasts for up to 5 minutes at a time.
    The only cure seems to be to disconnect the router cable from the pc, wait for the hard disk to stop writing/reading, then fire up ccleaner and run it a couple of times.

    Cache cleaning only seems to work for so long until the same symptoms begin to repeat themselves.

    I updated and ran Avast and Malwarebytes last night but neither found anything.

    Initially, I suspected that Windows or something else was auto-updating in the background, so I turned off all the auto-update options I could find but this has not made any difference.
    I also downloaded Trojanhunter but have not yet run a scan.

    I try to run Taskmanager to see if I cn spot anything untoward but I'm no computer software expert. What struck though is that I seem to have up to 15 svchost.exe files running when the problem happens.
     
  24. L10090

    L10090 Registered Member

    Joined:
    Feb 13, 2015
    Posts:
    302
    Location:
    Netherlands
    If you are 'not a computer software expert' I think you should disable EWS in the HitmanPro settings -> Advanced
    and run HitmanPro for a while with only the installation default/recommended settings!
     
    Last edited: Jan 31, 2016
  25. hjlbx

    hjlbx Guest

    @erikloman
    @markloman

    The Virus Total API key is no longer required since it is an embedded Public key... for at least a few years by now. Is this not correct ?
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.