Hitman Pro "delete failed" message after closing browers

truthling · Dec 30, 2014

I am getting multiple "delete failed" messages from Hitman Pro and getting "FlexibleShopper" ads even AFTER following the instructions in this thread: https://www.google.com/url?sa=t&rct...=l8yEwgGDkQ7DSIXbcUudvw&bvm=bv.82001339,d.cGU. I am also unable to manually delete folders which Hitman Pro identifies as malicious. I have successfully run Malwarebytes and CCleaner, which seem to be capable of deleting malware, but not the ones identified with Hitman Pro. Please help!

Here is the log from Hitman Pro:

Code:

HitmanPro 3.7.9.232
www.hitmanpro.com

   Computer name . . . . : PC
   Windows . . . . . . . : 6.3.0.9600.X64/2
   User name . . . . . . : PC\User
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Trial (6 days left)

   Scan date . . . . . . : 2014-12-29 17:39:16
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 13m 35s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 4
   Traces  . . . . . . . : 20

   Objects scanned . . . : 1,520,255
   Files scanned . . . . : 31,086
   Remnants scanned  . . : 357,013 files / 1,132,156 keys

Malware _____________________________________________________________________

   C:\Program Files (x86)\OffthePrice\CouponStore.dll -> DeleteFailed
      Size . . . . . . . : 4,140,544 bytes
      Age  . . . . . . . : 35.1 days (2014-11-24 14:11:18)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : 364B2D3CCF49D9E968A60E6A6F7360DB7EBE416E41882D91C78691A7E79B0974
    > Bitdefender  . . . : Gen:Variant.Adware.Graftor.164575
      Fuzzy  . . . . . . : 120.0

   C:\ProgramData\saaveitkeep\UKpahzdmEkZsUs.dll -> DeleteFailed
      Size . . . . . . . : 565,760 bytes
      Age  . . . . . . . : 6.2 days (2014-12-23 12:06:54)
      Entropy  . . . . . : 5.8
      SHA-256  . . . . . : 4833D63353B62302D786D9B39CF85EF79B181ADFAC1A07458C7B7964E172AFF5
      Product  . . . . . : use time the of market
      Publisher  . . . . : use time the of market
      Description  . . . : data DBMS system system as
      Version  . . . . . : databases
      Copyright  . . . . : Copyright (C) 2014
      Gossip . . . . . . : aveitkeep
      LanguageID . . . . : 1033
    > Bitdefender  . . . : Application.Generic.1014976
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 111.0
      Startup
         HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b1ec34b6-639d-4e44-9707-56d3fe4ba312}\
         HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b1ec34b6-639d-4e44-9707-56d3fe4ba312}\
      References
         HKLM\SOFTWARE\Wow6432Node\Classes\.9\
         HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{b1ec34b6-639d-4e44-9707-56d3fe4ba312}\
      Forensic Cluster
         -1.0s C:\ProgramData\saaveitkeep\
         -0.1s C:\ProgramData\saaveitkeep\UKpahzdmEkZsUs.dat
          0.0s C:\ProgramData\saaveitkeep\UKpahzdmEkZsUs.dll
          2.5s C:\ProgramData\saaveitkeep\UKpahzdmEkZsUs.tlb
          2.6s C:\ProgramData\saaveitkeep\UKpahzdmEkZsUs.x64.dll

   C:\ProgramData\SaverPPro\VxCk7jAu3CoRTj.dll -> DeleteFailed
      Size . . . . . . . : 565,760 bytes
      Age  . . . . . . . : 6.2 days (2014-12-23 12:09:41)
      Entropy  . . . . . : 5.8
      SHA-256  . . . . . : 4833D63353B62302D786D9B39CF85EF79B181ADFAC1A07458C7B7964E172AFF5
      Product  . . . . . : use time the of market
      Publisher  . . . . : use time the of market
      Description  . . . : data DBMS system system as
      Version  . . . . . : databases
      Copyright  . . . . : Copyright (C) 2014
      Gossip . . . . . . : verPPro
      LanguageID . . . . : 1033
    > Bitdefender  . . . : Application.Generic.1014976
    > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
      Fuzzy  . . . . . . : 111.0
      Startup
         HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13b11db0-5b43-4745-84e3-9f7c48a9f602}\
         HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13b11db0-5b43-4745-84e3-9f7c48a9f602}\
      References
         HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{13b11db0-5b43-4745-84e3-9f7c48a9f602}\
         HKLM\SOFTWARE\Wow6432Node\Classes\SaverPro.9\
      Forensic Cluster
         -21.5s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.donation-tools.org_0.localstorage
         -21.5s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.donation-tools.org_0.localstorage-journal
         -6.6s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001271
         -4.1s C:\ProgramData\SaverPPro\
         -2.2s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001272
         -2.1s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001273
         -0.7s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000131
         -0.5s C:\ProgramData\SaverPPro\VxCk7jAu3CoRTj.dat
          0.0s C:\ProgramData\SaverPPro\VxCk7jAu3CoRTj.dll
          0.8s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000132
          4.7s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000133
          6.4s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001274
          6.7s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001276
          6.8s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001277
          6.9s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001278
          7.2s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000134
          9.0s C:\ProgramData\SaverPPro\VxCk7jAu3CoRTj.tlb
          9.3s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001279
          9.5s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000135
          9.7s C:\ProgramData\SaverPPro\VxCk7jAu3CoRTj.x64.dll
         10.1s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00127a
         10.1s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00127b
         10.3s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000136
         12.0s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000137
         12.5s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00127c
         12.7s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000138
         12.8s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000139
         13.1s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{14A0793B-3B05-43A3-96F3-152BE98433F8}
         15.6s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.ushopcomp.com_0.localstorage
         15.6s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.ushopcomp.com_0.localstorage-journal
         16.1s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_00013a
         16.5s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_00013b
         18.2s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_00013c
         18.9s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_00013d
         19.4s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_00013e
         19.5s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_00013f
         19.8s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00127d
         19.8s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00127e
         19.9s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00127f
         20.0s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001280
         20.1s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000140
         20.2s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000141
         21.7s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000142
         23.7s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000143
         25.3s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001281
         25.8s C:\Users\User\AppData\Local\Temp\{13b11db0-5b43-4745-84e3-9f7c48a9f602}.dat
         26.6s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000144
         27.1s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000145
         28.3s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000146
         28.7s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000147
         29.1s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000148
         29.3s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001283
         29.6s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000149
         30.2s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_00014a
         30.4s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001284
         30.5s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_00014b
         30.9s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001285
         30.9s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_00014c
         31.5s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001286
         31.6s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_00014d
         31.9s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_00014e
         32.0s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_00014f
         32.0s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001287
         32.1s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000150
         32.5s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000151
         32.5s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001288
         32.8s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.com_0.indexeddb.leveldb\000161.ldb
         33.0s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.com_0.indexeddb.leveldb\000161.bak
         34.2s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000152
         34.6s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000153
         35.8s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001289
         35.8s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00128a
         35.9s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000154
         36.3s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000155
         36.5s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000156
         36.8s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000157
         37.2s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000158
         38.1s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000159
         38.6s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00128c
         38.8s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_00015a
         39.3s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_00015b
         40.5s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_00015c
         40.7s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_00015d
         41.0s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_00015e
         41.3s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_00015f
         43.9s C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache\f_000160
         45.3s C:\ProgramData\4e40bdbc73cb9a68\a79dd831ce9319a8fd09fc5f2317a701.ini

   C:\Windows\Temp\dn7FAD.tmp -> DeleteFailed
      Size . . . . . . . : 6,139,392 bytes
      Age  . . . . . . . : 35.1 days (2014-11-24 14:03:14)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : 44B3CFFC76DF649008504CF1D3A10C30CD3FF0574708688F49F7A55E5D4A9235
    > Bitdefender  . . . : Gen:Variant.Adware.Graftor.164575
      Fuzzy  . . . . . . : 113.0


Potential Unwanted Programs _________________________________________________

   HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}\ (PCOptimizerPro) -> DeleteFailed
   HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}\ (PriceChop) -> DeleteFailed
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}\ (PCOptimizerPro) -> DeleteFailed
   HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}\ (PriceChop) -> DeleteFailed
   HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\ (FLV Player) -> DeleteFailed
   HKU\S-1-5-18\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\ (FLV Player) -> DeleteFailed

Cookies _____________________________________________________________________

   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net

argus · Dec 30, 2014

Helllo,

Before we begin, please note the following:

I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
The logs can take some time to research, so please be patient with me.
Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
Instructions that I give are for your system only!
Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Search

Hitman Pro "delete failed" message after closing browers

truthling

New Member

argus

Former MalwareTips Staff

Similar threads