HitMan Pro Software--where can I complain??

Thanks hopefully the mods will close this thread

 

Well that's funny, seeing as I've been helping them through PMs and they've done everything I've asked (from burning a Linux DVD to finding the log files, to copying over the USB files)

I think their Windows Registry is still missing a few things, so I told Margaret to run a "SFC /scannow", as mentioned above too.

edit

If you guys truly think someone went through the hassle of purposely deleting their USB files with HitmanPro just to make a thread to complain...

Come on, use your heads.

 

I think perhaps Windows Security has laboured his opinion enough!

I have doubts the op is a troll, why would they post a link leading to a log of the Hitman pro logs and perhaps mistakenly their licence?.....The proof is there to show the problem she spoke is real enough, device drivers were removed...Thank goodness for people like veeshush on Wilders who try to help rather than worry if people are trolls or not

 

Btw, memes are regularly used by trolls!

 

And I'll add that with all my contact with Margaret through PMs, I've never once seen anything but a person who was more than warranted in their frustration, and very willing to learn how to fix their computer and get back to their Photoshop work.

I also add that when I first posted on these forums, people thought I was a "paid advertiser" because my first post was praising CounterMail, see: https://www.wilderssecurity.com/threads/about-countermail.357796/page-2#post-2353779

I get with this being a security forum, there might be some paranoia of people's intentions. But, till you have some evidence or facts, it's pretty counterproductive to go ASSUME things.

But, anyway, I'm going to continue helping them get their Windows 7 machine running again. Any ideas or help torwards that goal would be much more welcomed! I'm just waiting to hear how the src scan went.

 

So have you tried the "Last known good configuration" tactic yet? To my experience it works better than system restore (which hardly ever works period for that matter). That last known good config. has saved me a few times, back before I used imaging & virtualization. Worked every time if memory serves. So it's almost like having an integrated boot menu imaging option... like say Macrium Reflect Standard. Only you don't have multiple images to pick from, just the last one that worked. But really, that's what's wanted 90+% of the time anyway.

I'd recommend adding imaging software to your repertoire from now on too.

Also... after doing that "last known good config." thing, if your mouse STILL won't move, try unplugging it for 2 minutes then plugging it back in. And if it's still not working it might after rebooting your computer.

 

Oh, and I also agree that nobody should use the EWS unless they're experts... just as it tells you right there beside the box to tick it. Because they use very thorough methods to detect tricky malware, it will inevitably come with a lot of FP's too. It's much like GMER in that regard. It will flag a ton of perfectly harmless things... the only harm coming if you delete them without knowing what they really are. Nobody should be using these scans unless they know what they're doing.

Also, in the settings for PUP's, I'd set it to ignore. With this, then all things should default as "ignore"... everything I've ever seen has. So you must have knowingly changed it from ignore to delete, without knowing exactly what it was you were deleting. So I personally don't see the blame in this regard lying with Surfright... although I do find fault in how unprompt they were in getting back to you. You have every right to be upset about that.

 

NOTE: Using Hitman Pro 32-bit version. (Might be the same in 64-bit?)
There is a default action that is set to [delete] under (PUPs) in the Settings tab.
Hitman Pro default settings does not show EWS scan in next tab.
Had to manually select the EWS box under advanced in order to run a EWS scan.
In 32-bit version I do see [delete] as one of the options available in EWS scan results.
Option also available to upload to Virustotal.

I have found that I get different results when running the default scan (recommended) and
the EWS scan. So far the recommended scan has found nothing, but running EWS scan has shown
one Microsoft file in system32 folder which I'm pretty sure is a false positive.

NOTE: I to wouldn't recommend using the EWS scan...like it says "UNLESS YOUR AN EXPERT" and/or you
have reliable backup/recovery already in place.


Preventive Measures:

1.Do not mess with Hitman Pro settings unless you know exactly what your doing.
Note: You could set (PUPs) to [ignore] as another Wilders member has indicated.(the default is delete)
2.Have reliable image backups of OS and all important files on different media types. (mentioned already)
3.Could run in a "virtualized isolated system" so you can revert back in case
something like this happens. (Free and paid programs available)

Restore Points: You can use them, but I wouldn't entirely rely on system restore points. They can sometimes
fail. QUESTION: Can't system restore points become infected?

Now I to would like to know how this could happen and what the solution is.

 

you know, I paid to get a second opinion anti-virus named HitMan Pro. It isn't on this laptop, so I don't remember much about the program, or a check box. I do think this. I did not knowingly sabotage my computer--there should be huge warnings NOT TO USE THIS PROGRAM UNLESS YOU HAVE WAY MORE TECH KNOWLEDGE THAN AN ORDINARY PC USER !! The initial email was sent to surfrit....and they sent back an email that I should contact Hitman Pro.. In fact, I got no real response from them until I happened on this forum and Mark saw my post. I haven't heard from him, since the day he 1st posted. You obviously have knowledge way above mine, and I know more than any of my friends do.. ..so those are the people this program is going out to. I have YET to get an email from Surfright since I first posted...

I am not here to place blame---. my computer is still down. One person did try to help me, but obviously I don't have the knowledge to follow through with those procedures. All I know is the scan came up to delete, but I didn't do that..thinking at least if I quarantined them, I could let them back out.

You can laugh that it was my fault because I checked the wrong box...but the fact is , I was using the program, and my dell was disabled because of it !!! None of the things I have done worked--except burning a live Linux dvd so I can retrieve all of those Gs of stuff I don't want to have deleted off the hard drive.......

 

I was reading a small overview of how the systems evolved, and my question is --- if these files are so protected, then how can they be deleted by a scan, anyway ?? Why does a ordinary user have to spend so much time on the tech part--and no time to do the things they have a computer for in the first place.....

 

I guess you know how to boot from a linux live cd now. I'm not exactly sure if this will work but you can give it a shot if you like.
1-Boot into linux
2-Navigate to C:\Windows\System32\DriverStore\FileRepository
3-Locate and copy the most recent version (date modified) of

Code:

usbccgp.sys

4- Paste the file into C:\Windows\system32\DRIVERS\
5-Repeat steps 3 and 4 for the files listed below

Code:

usbehci.sys
usbhub.sys
usbohci.sys
usbuhci.sys

6-Try booting into windows now.

NOTE: I don't know if Hitman just quarantined the files or removed the startup points as well. If it is the latter, you'll also need to restore the startup points.

 

Image backup is my future goal.. Right now, I need to be saving whatever I can.... And no more Hitman Pro..
I am obviously not knowledgeable enough to do that...

 

To those that know more than me, would Active@ Boot Disk (demo) version help Margaret?...I have a full version that I converted to use on a USB...This I know will easily access her hard drive, she can get all her files and even add the missing drivers.


Plus its small, 200mbs or so.

 

Some advice after reading how much you know about computers, and the fact that you even ignored explicit warnings given to you in the Advanced Settings under HitmanPro.

To make Image Backups is dead easy but to restore them can sometimes be very difficult. (Start reading about MBR for example)

My advice would be, buy a external Hard drive (they are not that expensive and 500 GB is more then enough) and save your documents both on your computer and on the external hard drive, in that case you already have a backup.

Ps: @HitmanPro, Maybe a good idea if you add another BIG RED Pop Up warning when a user chooses to enable EWS.

 

I'd say keep HitmanPro, its a top notch product. Just disable EWS and leave it at its default settings. You should be fine.

 

@ Margaret Pyron

Have tried Post #88 1 - 6 by phalanaxus ? I would !

 

WARNING: IMAGE BACKUP SHOULD NOT BE A FUTURE GOAL. This should be done right away and if your
not knowledgeable enough in this area please find someone who is. I realize the damage has already
been done to your machine. This is to prevent future problems once you get everything saved and in
working order.

I would either try using Windows 7 built-in backup utility and/or install a reliable 3rd-party imaging program.
That would include a bootable cd/dvd/usb type program. Some use cloud backup services as well.
NOTE ON BACKUP: This takes in account your reasonably sure your machine is clean.

Whatever backup program you decide to use do a full system image backup and save it to
for example an external hard drive or USB. (Name and date your backup) "VERIFY" your backup also.
NOTE: Can use & backup to several different type mediums.

Later you can do more backups as needed such as when you install updates or make changes in
programs. The important thing to remember is to have some sort of reliable recovery program in place
to fall back on when stuff like this happens.

As far as Hitman Pro goes I can understand you saying "And no more Hitman Pro". I still use it, but
only if it continues to work unproblematic with my setup. So far it has.

 

Nah, that didn't work- I sent her those files a few days ago. I'm still guessing the Registry is still broken. Still trying to get a src scan going.

 

I will return to this when ? This computer problem has taken a life of it's own in my life !! I did try the W7 back-up, but I don't recall the problem there (quite awhile ago). I know, this action of mine was dumb, dumb and dumber -- not backing up this much is really a bad thing. So whatever I do, I must immediately do a SYSTEM IMAGE BACKUP ...IS THAT THE CORRECT THING TO DO FIRST??

Thank you.

 

Just to let you know, I don't, right now have a clue where the EWS is--been so long since I have been on that computer. I realize you cannot believe this, but whatever I "disabled on purpose" , I wasn't aware it would cause so much trouble for me down the line....If it ever gets back up--there is going to be a major clean-up, too. If I don't use a program most everyday--then it will be gone..

 

I do not see a date of when this was posted, but I do wonder about your motive for continually trying to present me as someone who ignores BIG RED FLAGS It doesn't matter to me, but I am quite curious if it is because I made a mistake, I am a women, I am not a Computer Tech and don't have YOUR knowledge, or you are the "bully" that likes to "badger" the "little person"...OR WHAT Why don't your tell Mike L. to get an emblem of a Big Red Flag and put it right beside the box, so "dumb blondes" like me, will see it?? Actually I think a Pop-Up would be a good idea also--I am not the only PC user in the world..and I know I am not the only one who has made a mistakes unknowingly.......

 

I don't know if anyone answered this question or not. I would like to know if it would help me too.. Just reading about it sounds great. Get back in touch me--by email if needed...It is in my profile. The problem right now is, I don't even have the "mini-top", and have to use the Linux live dvd to get on the internet at all....

 

Hi Margaret,
1- Did you guys try running safe mode after copying the files I listed?
2- We can edit registry from Hiren's Boot Disk and check/add the load points for the drivers. (Ative@ Boot Disk would help to do same thing but it asks for a registration key before usage if my memory serves me right). Hiren's is a bootable windows cd (similar to the linux disc you are using now) and can be obtained from the internet for free, it is about 600 mbs.

 

Did you do a recent AV scan and/or any other type of computer update before using Hitman Pro?

Before I would do any system image backup I would have to be reasonably sure I'm not infected
and my OS is properly functioning.
I would continue like your doing copying and backing up all important files and getting rid
of any programs that you feel you don't need.

Always remember the more stuff you have installed on your computer the greater your "attack
surface" becomes and also one could run into compatibility issues.

Have you tried the following if you can knowing you have mouse & keyboard issues?
(Note: Looks like some or all of these have been posted already by Wilders members)

1.Run Last Known Good Configuration
2.Run src /scannow
3.Run Check Disk (chkdsk) from drive properties page.
4.Open Device Manager to see any yellow marks and click on them for info.
5.Boot into Safe Mode if not able to perform these functions.
(NOTE: Don't know if booting into Safe Mode would give you the necessary functions
you may need to perform these tasks)

Hope you can get your computer up & running smoothly again.