Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hitman Pro 3.7.14 Paid ver. Find/Issue


  • Please log in to reply
2 replies to this topic

#1 4B11TMR

4B11TMR

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:39 AM

Posted 26 June 2016 - 07:15 AM

Hey guy's just had a question. Woke up this morning and started the computer up hitman pro was doing a scan [ love this program ] and it found a file WAX175B.Tmp labeled as a Remnant so i chose to remove it, it wanted a reboot so i did. Upon reboot it loaded like the computer was brand new with no apps no saved programs or anything just like a fresh new computer would look like, this would be the 2nd time this has done it to me. The first time if caught a file called  StateRepository-machine.srd-shm also labeled as a Remnant. Both times it loaded like a new computer,so after both reloads i just did a reboot and the computer went back to normal as if nothing happened. Did a Google search and comes up with nothing, odd to me.

 

And i just seen i put this in the completely wrong part of the forum, im so sorry. If it can be moved please do so

 

This is the note from Hitman Pro.

 

WAX175B.Tmp - 

 

HitmanPro 3.7.14.265
www.hitmanpro.com
 
   Computer name . . . . : 4B11-PC
   Windows . . . . . . . : 10.0.0.10586.X64/8
   User name . . . . . . : 4B11-PC\4B11
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Paid (190 days left)
 
   Scan date . . . . . . : 2016-06-26 05:33:27
   Scan mode . . . . . . : Quick
   Scan duration . . . . : 3m 45s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : Yes
 
   Threats . . . . . . . : 0
   Traces  . . . . . . . : 2
 
   Objects scanned . . . : 4,590
   Files scanned . . . . : 4,590
   Remnants scanned  . . : 0 files / 0 keys
 
Suspicious files ____________________________________________________________
 
   C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\WAX175B.tmp -> PendingDelete
      Size . . . . . . . : 1,798,144 bytes
      Age  . . . . . . . : -0.0 days (2016-06-26 05:33:24)
      Entropy  . . . . . : 3.0
      SHA-256  . . . . . : 6DA45CF39FC4CAC9EC913F1B3B8DFD94EE40C45736DA0A44D83266192F447611
      Fuzzy  . . . . . . : 22.0
         Time indicates that the file appeared recently on this computer.
         The file name extension of this program is not common.
         Program is running but currently exposes no human-computer interface (GUI).
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         The file is in use by one or more active processes.
         The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
 
Hope this helps, I try and take every precaution but you know how that goes sometimes 

Edited by 4B11TMR, 26 June 2016 - 07:23 AM.


BC AdBot (Login to Remove)

 


#2 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:03:39 AM

Posted 27 June 2016 - 06:39 PM

I'd suggest posting over in the Am I Infected forum for some more expert advice about this.  http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/

FWIW - removing an infected file may damage the system if the infection has caused damage elsewhere in the OS.

For example, if the WAX175B.tmp file interferes with the logon, then the system will fail the logon (which might make it load a temp profile with not icons on the Desktop)

 


My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#3 4B11TMR

4B11TMR
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:39 AM

Posted 28 June 2016 - 07:02 AM

I'd suggest posting over in the Am I Infected forum for some more expert advice about this.  http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/

FWIW - removing an infected file may damage the system if the infection has caused damage elsewhere in the OS.

For example, if the WAX175B.tmp file interferes with the logon, then the system will fail the logon (which might make it load a temp profile with not icons on the Desktop)

 

Just posted it over there, again sorry for putting it in the wrong section 

 

Thanks for the info usasma






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users