Hitman Pro Support and Discussion Thread

White listed. Thanks.

 

Build 174 belongs to the 3.6 branch. If you want to try Kickstart, uninstall 3.6 and install 3.7. Otherwise, keep 174 installed. It will be updated before the end of the week.

 

A Side-kick CD is in the works. Probably will be released at the end of this week. The Side-kick CD works in conjunction with the USB flash drive (you have to use both).

 

Hi Erik

Thank you very much

And what is with the tmp file

 

Thanks!

 

On my system, booting from Kickstart USB flash drive v3.7.0.183 no longer resulted in blinking cursor.

 

HitmanPro.Sidekick 1.1 Beta Available (ISO)

HitmanPro.Sidekick is the HitmanPro.Kickstart companion CD-ROM for computers that are unable to boot from USB.

Some old computers lack the ability to boot from USB. With the Sidekick CD-ROM, these older computers can now boot into their ransomed Windows environment were Kickstart starts HitmanPro.

In order to use Sidekick you also need a Kickstart USB flash drive.

How to use Sidekick

1. Burn the ISO to a CD-R (use for example ImgBurn).
2. Create a HitmanPro.Kickstart USB flash drive (see www.surfright.nl/kickstart#create).
3. Power off the ransomed computer.
4. Put both the CD-R and the Kickstart USB flash drive into the ransomed computer.
5. Power on the ransomed computer and boot it from the CD-R.
6. During boot you should see the HitmanPro.Sidekick 1.1 bootstrap loader.
7. Press 1 (or 2) to continue booting (same like Kickstart).
8. Let the computer boot and wait until Kickstart starts HitmanPro.

Note: If HitmanPro is not starting, reset the computer and boot again from CD-R. Some systems have trouble recognizing a new USB flash drive.

The ISO also has all Kickstart documentation (in three languages) and a how-to-use Sidekick text file (English only).

Again, you only need Sidekick when your computer is unable to boot from USB.

Download
http://dl.surfright.nl/beta/KickstartSidekick.rar

Please let me know how Sidekick is Kickstarting your system

 

HitmanPro 3.7.0 Build 184 Released

Changelog

• ADDED: Upgrade from version 3.6 to version 3.7.

All existing users are now automatically updated to build 184, including the 3.6 branch.

 

Brand new day...brand new scan.

 

Odd. Will have a look at that RegWatcher classification.

 

Made a typo causing this problem. Build 185 imminent.

 

Flagged as Suspicious. I pretty sure it's an FP. I've had this program for years.

Al

 

There will be an update later today addressing the incorrect flagging of files as Suspicious. Made a typo on my behalf.

 

okay, thanks Erik. I wasn't sure if this case related to the previous posts, so I thought it would not hurt to post a screenshot to be on the safe side.

Al

 

HitmanPro 3.7.0 Build 185 Released

Changelog

• FIXED: Some applications were incorrectly classified as Suspicious.
• UPDATED: Embedded white lists.

Existing 3.6 and 3.7 users are automatically updated.

Thanks to Tarnak and Adric for reporting the problem.

Merry X-mas and a Happy New Year!

 

Hi Erik

Can you update your Download Site for Build 185

http://www.surfright.nl/en/downloads/

Thank you very much

 

Different snapshot...new scan, and back to normal, I think.

 

What are those AS* files?

 

I don't follow...

 

Sorry I mean't those A00* files that are listed by HitmanPro.

 

This is the last log:


View attachment HitmanPro_20121222_0004.log

 

Just completed a fresh scan...all clear.



And now it is time to get some sleep.

 

Hi Erik

I have another one FP see my picture into the red circle

SHA256: 55c8c9d096769fee4e0f0cff30d3df36546e08f868388374e9cef34549549655
SHA1: 341f0910844081d5ad66effb6b8f851dd35a49dd
MD5: 9473f8dfbceae9d065f44d6d30a023a7
File size: 282.2 KB ( 288974 bytes )
File name: Au_.exe
File type: Win32 EXE
Detection ratio: 0 / 46
Analysis date: 2012-12-22 15:59:03 UTC ( 0 Minuten ago )

 

Can you show the details? I think the file's certificate is invalid.

 

Here are the details from it

Properties
Name Au_.exe
Location C:\Users\Alexander Robrecht\AppData\Local\Temp\~nsu.tmp
Size 282 KB
Time 19.1 days ago (2012-12-03 13:57:29)
Needs Elevation Yes
Entropy 7.8
SHA-256 55C8C9D096769FEE4E0F0CFF30D3DF36546E08F868388374E9CEF34549549655

Scoring (23.0)
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.

References
HKU\S-1-5-21-911542882-2029379874-2294310465-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\ALEXAN~1\AppData\Local\Temp\~nsu.tmp\Au_.exe