Hitman Pro Support and Discussion Thread

thx for the consideration .....

 

As said by BoerenkoolMetWorst there is a tiny [x] at the top of the panel.

In build 135 (not yet released) we've enlarged the [X] and disabled the Next and Close button:


Hope this helps.

 

Thank you.

Thank you both. When I ran HitmanPro I only had a couple hours of sleep, so... for sure I would miss as many tiny [x]s as there would be.

 

Re: HitmanPro 3.6 Build 134 - Beta 2

Nice, thanks

 

Hi,

I have 2 questions about hitman pro.

I recently bought a license but have not activated it yet. When I chose to do so, the 1 Yr license will be running from activation date or from purchase date ? If it is activation date, have I to activate it within a certain delay ?

Second question : I use a small app (an autohotkey-based one) from DonationCoder.com, named lowtosleep.exe. It allows me to stop my PC hibernating again after being awaken from hibernation.

Hitman pro insists on finding it's a Trojan, and won't even let me report it as safe. How do I solve this false positive issue (I am 100% sure it is).

LowtoSleep.exe can be found at http://www.donationcoder.com/Software/Skrommel/index.html#LowToSleep

Thanks for your help.

 

What version do you use? Latest beta does not detect it, in my system at least

 

I have to check (using another PC right now). I downloaded the .exe 3 days ago from the main SurfRight website. And the update command said I had the latest version.

Edited : it's 3.5.9 build 131

 

I have some issues/suggestions with Hitmanpro product.

First of all the ignore system of files:

-If HitmanPro finds stuff and you put it on ignore and report them as safe. I have the idea, the files won't be sent to the cloudscanner nor the HitmanPro team to examine it. If I do a second scan, I won't get a file message again.

Upload system:

-I have Norton 2012 Internet security installed. Everytime HitmanPro finds one certain file from Norton and uploads it to HitmanPro. After a second scan, HitmanPro doesn't upload anything.

So far so good, you would say? Well no.

Go to regedit, click on computer and then search for HitmanPro. You will find a Hitmanpro folder. Delete that folder.

And start again Hitmanpro. Now you will get a message you have to accept the terms and rules from Hitmanpro. Do a scan with Hitmanpro, every issue I marked here, Hitmanpro repeats it. Also the files I ignored and the Norton files HitmanPro wants to upload it.

The Norton file goes for months now.

 

The hash is sent to the cloud (check with a tool like Fiddler). The cloud counts how many people have done this and decides to re-evaluate the file or whether the file should be white listed.

Locally the hash is added to the registry so that the file isn't shown in your the results.

See the red line above: if you delete the entry from the registry then it is listed again as the cloud still lists the file as malware (cloud did not resolve the FP).

Do you have an SHA-256 so we can check whether the file is indeed non-malicious?

I hope this makes sense now?

 

I apologize if this has been asked before, but it's 153 pages. I did a little search, but didn't find anything related to it.

Basically, I was trying to see if I could find a way to create a shortcut, or some other way I would come up with (maybe context menu), to scan specific folders, instead of right-click the folders I want to scan, considering one of these folders could be a sub-folder, and to the best of my knowledge HitmanPro doesn't scan recursively, right? It would also save a few seconds. lol

I couldn't find a command line parameter that would allow me that. I dowloaded a pdf file from SurfRight which contains a few parameters, but none seems to be what I'm looking for.

I don't know what you folks think of such a parameter? Some parameter like /scanfolder (and also more than one in queue? probably not, considering it would be bad for the clould. lol But, scanning a single folder (/scanfolder) would be nice)?

What do you think? Don't be too harsh on me... Anyway, just something that came to mind.

 

Hitman pro screwed up my computer. I'd really love to know how to fix it. I can't back up, go into normal mode without it going into bsod death with number 0x0000008E, can't system restore or repair. What is it I can do to fix this problem now?

 

I am sorry to hear this has happened. The problem is caused by a combination of the TDL4 (or variant) rootkit and the BCD (Boot Configuration Data) of Windows.

TDL4 infects the Master Boot Record and makes a small in-memory change to the BCD (part of the registry) so that it can load its unsigned drivers in Windows. On a very small percentage of systems this change gets somehow persisted to the disk. This persistence is not done by the rootkit so it was very hard to reproduce the root of the problem. If you run your infected system for weeks and when Windows itself needs to make some small change to the BCD then the in-memory change (made by the rootkit) gets persisted along with Windows its alteration.

As long as TDL4 is on the system the persistence of the BCD value isn't a problem as TDL4 makes sure Windows is loaded properly. But once TDL4 is removed by HitmanPro (or several other anti-malware applications) then this BCD value is causing the mentioned BSOD during boot.

In HitmanPro 3.6 (beta versions available in this thread) we added the repair of the BCD -before- removing the TDL4 and its many variants.

Luckily the problem can be easily fixed. Please email me (erik@surfright.com) so that we can repair this (of course for free).

I am very sorry for the inconvenience.

 

HitmanPro36.exe "C:\filetoscan.exe" "C:\foldertoscan\"

The above command line scans the specified file and specified folder.

In 3.5 make sure you end folders with a backslash. In 3.6 (build 135 or newer) this is no longer needed as HitmanPro will find out if it is a folder.

Is this what you needed?

 

Thanks makes sense now. How do I make a Hash file from those files?

Is it a file in the regedit? Or do I need to use a program to make them as Hash files. Well I did try that, but I can't Norton uses does files. And in Safe Mode I can't either.

I would love to send you a PM, since I am new member here, I can' sent PM's Message system is unavailable....

http://www.imagebam.com/image/af0f1c164790401

In that folder there are two files:

cltLMS1.dat
cltLMS2.dat

 

You can also email me erik@surfright.com.

For the SHA-256 of the file:
Either run Hitman Pro 3.6 Beta 2 from this post. And choose More Information from the drop down at the end of the row of the file in question.

Or you can use this tool called HashTab.
http://implbits.com/HashTab/HashTabWindows.aspx

When installed, right-click on the file in Windows Explorer and go the the tab File Hashes.

 

Downloaded the tool. There are no HASH info at all. Other files work great, not on these ones.

I will try HitmanPro again, but I first have to wait for a while. The file is already in the cloud. I can't do this in a row, Hitmanpro doesn't upload anything now.

If you want, I can send you the files by e-mail too?

 

I think Norton protects the files from being read. If this is true then sending the files to me will not work either.

But nonetheless, you can try sending them to me by email or use this service: www.wetransfer.com and specify my email erik@surfright.com.

 

Norton blocks it. I've tried it now in safemode.

Here are the hashes from both files. cltLMS2.dat is the one Hitmanpro always scans. Made from both files, a screenshot:

http://www.imagebam.com/gallery/vx36ri9xhlpt7eas78h20i2dek96zual/

Is this good enough?

 

Hi,
Sorry to barge in again, but is there anyone with an answer about my post :https://www.wilderssecurity.com/showpost.php?p=1988712&postcount=3810
related to activation & start of license validity ?
Thanks.

 

A license start upon activation date (not from purchase date).

I am unable to reproduce your findings. Do you have a SHA-256 of the file being listed in HitmanPro?

 

are we having a new release soon?

 

HitmanPro 3.6.0 Beta 3

HitmanPro 3.6.0 Beta 3

Changelog (compared to beta 2)

• Restored scan speed (on par with 3.5)
• Added Shell Extension.
  Remove beta3 from the filename to be able to install the shell extension.
• Added /clean command line option
• Various GUI improvements
• Lots of internal improvements
• Updated internal white lists
• ...

Downloads
32-bit: http://dl.surfright.nl/HitmanPro36beta3.exe
64-bit: http://dl.surfright.nl/HitmanPro36beta3_x64.exe

 

just install HitmanPro 3.6.0 Beta 3 and it is

 

Thanks for Beta3. I heard you guys also working on to detect and remove "SuperCookies" is that right, or is it already included?

 

Yes it is on 3.6 feature list but not in 3.6.0. It'll be in a later build as its not yet ready for release.