Hitman Pro Support and Discussion Thread

Discussion in 'other anti-malware software' started by yashau, Mar 20, 2009.

  1. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    I got that, too, with the last beta version...I just ignored all the detections. Saw no point in reporting!
     
  2. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Can you send me a log where these are detected?
     
  3. the mul

    the mul Registered Member

    Joined:
    Jul 31, 2003
    Posts:
    1,704
    Location:
    scotland
     
  4. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    I am not in that snapshot where those detections were made....but, I am in another snapshot where Slimcleaner is installed, but I hadn't run the latest beta version of HMP, yet.

    I will run one now, then let you know the result, soon.
     
  5. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    I just found that I did run scan with the new beta, on June 3, but no detections for Slimcleaner.

    Code:
    HitmanPro 3.7.9.242
    www.hitmanpro.com
    
       Computer name . . . . : ***Removed***
       Windows . . . . . . . : 5.1.3.2600.X86/4
       User name . . . . . . : ***Identifying details removed***
       License . . . . . . . : Paid (181 days left)
    
       Scan date . . . . . . : 2015-06-03 19:38:46
       Scan mode . . . . . . : Normal
       Scan duration . . . . : 9m 12s
       Disk access mode  . . : Direct disk access (SRB)
       Cloud . . . . . . . . : Internet
       Reboot  . . . . . . . : No
    
       Threats . . . . . . . : 0
       Traces  . . . . . . . : 0
    
       Objects scanned . . . : 1,197,219
       Files scanned . . . . : 44,758
       Remnants scanned  . . : 551,466 files / 600,995 keys
    
    
    
    However, after running a fresh scan just now, I got detections, this time around. Since, I would have to make edits, to remove personal details, I will email this latest log. Might be a little while.
     
  6. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    1,383
    HitmanPro just deleted Applian Technologies Replay Media Catcher 6 as a PUP...

    Huh?
     
  7. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    1,134
    Potential Unwanted Programs _________________________________________________

    C:\Program Files (x86)\SlimCleaner\ (SlimCleaner)
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner\ (SlimCleaner)
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner\SlimCleaner.lnk (SlimCleaner)
    C:\\AppData\Local\SlimWare Utilities Inc\SlimCleaner\ (SlimCleaner)
    HKLM\SOFTWARE\Wow6432Node\SlimWare Utilities, Inc.\SlimCleaner\ (SlimCleaner)
    HKU\S-1-5-21-428228955-3328968670-1134592267-1001\Software\SlimWare Utilities Inc\SlimCleaner\ (SlimCleaner)
     
  8. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    Details sent by e-mail a short time ago.
     
  9. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Got it! We'll fix it shortly.

    EDIT: Fixed.
     
    Last edited: Jun 13, 2015
  10. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    Confirmed. ;)
     
  11. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Whitelisted.
     
  12. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
  13. LagerX

    LagerX Registered Member

    Joined:
    Apr 16, 2008
    Posts:
    565
    Running fine. Could you whitelist Punkbuster files? They are marked as suspicious.
    SHA-256:
    90861A95E52E6BC140708207E9801808B03E274AD3C429162AE8A47EE4BEE42F
    90861A95E52E6BC140708207E9801808B03E274AD3C429162AE8A47EE4BEE42F
    90861A95E52E6BC140708207E9801808B03E274AD3C429162AE8A47EE4BEE42F
    90861A95E52E6BC140708207E9801808B03E274AD3C429162AE8A47EE4BEE42F
    6F8152645DA016CF9598B01B1FC5456EA420E9496D994B29BB2CA2178BD9A9CF
     
  14. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Done.
     
  15. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    324
    Code:
    HitmanPro 3.7.9.242
    www.hitmanpro.com
    
      Computer name . . . . : MIKLOS-PC
      Windows . . . . . . . : 6.1.1.7601.X64/4
      User name . . . . . . : Miklos-PC\Miklos
      UAC . . . . . . . . . : Disabled
      License . . . . . . . : Paid (839 days left)
    
      Scan date . . . . . . : 2015-06-17 06:54:45
      Scan mode . . . . . . : Normal (cancelled by user)
      Scan duration . . . . : 15m 57s
      Disk access mode  . . : Direct disk access (SRB)
      Cloud . . . . . . . . : Internet
      Reboot  . . . . . . . : No
    
      Threats . . . . . . . : 0
      Traces  . . . . . . . : 0
    
      Objects scanned . . . : 1 814 699
      Files scanned . . . . : 80 518
      Remnants scanned  . . : 458 684 files / 1 275 497 keys
    
    Why such a long time to scan? I can not wait! This is too much! :(
     

    Attached Files:

  16. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Try disable scan for remnants.
     
  17. ropchain

    ropchain Registered Member

    Joined:
    Mar 26, 2015
    Posts:
    335
    I encountered also encountered this problem several times with older builds on a previous Windows 8.1 installation.
    The scan would hang after having scanned around 1.2M / 1.3M registry keys. In the mean time CPU usage would increase quite a lot.
     
  18. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    324
    As I wrote earlier, the use, it is OK, it is good. But so I do not use the full function of the software.
     
  19. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    324
    What is the solution? I use it regularly: Wise Registry Cleaner and CCleaner.
     
  20. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    There is a forensic clustering component which might take a while to complete. In the end it will. The forensic clustering is timespan specific so the slow down might be over in a few days.
     
  21. ropchain

    ropchain Registered Member

    Joined:
    Mar 26, 2015
    Posts:
    335
    This issue was not consistent and I didn't encounter it anymore after some time
     
  22. Mops21

    Mops21 Registered Member

    Joined:
    Oct 5, 2010
    Posts:
    2,731
    Location:
    Germany
    Hi Erik and Hi Mark

    Can you check the 1 File and whitelisted the 1 File please. I use the FP function into the Programm to submit the File to you

    With best Regards
    Mops21
     

    Attached Files:

  23. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    Noticed that it detects MiPony, which isn't malicious by itself (although bundles adware that I've deselected). There's this hide option, does that whitelist it permanently? I've ignored it for now since there is no report option.
     
  24. kantry123

    kantry123 Registered Member

    Joined:
    Apr 11, 2015
    Posts:
    22
    Last edited by a moderator: Jun 20, 2015
  25. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    Presently in my HMPA snapshot since earlier this morning, and I got the following result of a scan at boot...I know about SoftonicDownloader and Speedbit

    However, I was surprised to get the other two detections...So, I though I would let you know...

    Code:
    [code]
    HitmanPro 3.7.9.242
    www.hitmanpro.com
    
       Computer name . . . . : ***Private***
       Windows . . . . . . . : 5.1.3.2600.X86/4
       User name . . . . . . : ***Private***
       License . . . . . . . : Paid (164 days left)
    
       Scan date . . . . . . : 2015-06-20 09:39:00
       Scan mode . . . . . . : Normal
       Scan duration . . . . : 11m 58s
       Disk access mode  . . : Direct disk access (SRB)
       Cloud . . . . . . . . : Internet
       Reboot  . . . . . . . : No
    
       Threats . . . . . . . : 1
       Traces  . . . . . . . : 11
    
       Objects scanned . . . : 1,108,599
       Files scanned . . . . : 50,023
       Remnants scanned  . . : 556,411 files / 502,165 keys
    
    Malware _____________________________________________________________________
    
       C:\Documents and Settings\<MyName>\Desktop\SoftonicDownloader_for_avg-linkscanner.exe
          Size . . . . . . . : 367,448 bytes
          Age  . . . . . . . : 49.4 days (2015-05-01 23:47:51)
          Entropy  . . . . . : 8.0
          SHA-256  . . . . . : ADE05A6339574BDA85571AE62ABF52C7A08FAF9FD1C109662E1A01BBEFF1C646
          Product  . . . . . : Application Installer
          Publisher
          Description  . . . : Application Installer
          Version  . . . . . : 1.41.6.11
          RSA Key Size . . . : 2048
          LanguageID . . . . : 3082
          Authenticode . . . : Valid
        > Kaspersky  . . . . : not-a-virus:Downloader.Win32.Agent.bxib
          Fuzzy  . . . . . . : 104.0
    
    
    Suspicious files ____________________________________________________________
    
       c:\program files\emsisoft internet security\a2guard.exe
          Size . . . . . . . : 4,923,832 bytes
          Age  . . . . . . . : 284.0 days (2014-09-09 09:53:01)
          Entropy  . . . . . : 6.7
          SHA-256  . . . . . : 2009DF76EF8356BCC1CA530CE8E1687B02C779CA51BCFDDFD7372E2E4CD19470
          Product  . . . . . : Emsisoft Anti-Malware
          Publisher  . . . . : Emsisoft Ltd
          Description  . . . : Emsisoft Real-Time Protection
          Version  . . . . . : 10.0.0.5409
          Copyright  . . . . : (C) 2003-2015 Emsisoft Ltd
          RSA Key Size . . . : 2048
          LanguageID . . . . : 1033
          Authenticode . . . : Valid
          Fuzzy  . . . . . . : 11.0
             This file's reboot survivability is vigorously protected. This is typical to malware.
             Uses the Windows Registry to run each time the user logs on.
             Program starts automatically without user intervention.
             Program is code signed with a valid Authenticode certificate.
             The file appears to be part of an installation package or setup program. This is typical for most programs.
          Startup
             HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\emsisoft anti-malware
          References
             HKU\S-1-5-21-1417001333-2049760794-725345543-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache\C:\program files\emsisoft internet security\a2guard.exe
    
       C:\Program Files\Hard Disk Sentinel\HDSentinel.exe
          Size . . . . . . . : 4,554,392 bytes
          Age  . . . . . . . : 129.7 days (2015-02-10 16:59:26)
          Entropy  . . . . . : 6.6
          SHA-256  . . . . . : 471A37A1AF214ED9E7EC74A96E90BA4937D9F540320125C0C2E39F7C2AD484D1
          Product  . . . . . : Hard Disk Sentinel
          Publisher  . . . . : H.D.S. Hungary
          Description  . . . : Hard Disk Sentinel Engine
          Version  . . . . . : 4.60.0.0
          Copyright  . . . . : Copyright © 2015 H.D.S. Hungary
          RSA Key Size . . . : 2048
          LanguageID . . . . : 1033
          Authenticode . . . : Valid
          Fuzzy  . . . . . . : 11.0
             This file's reboot survivability is vigorously protected. This is typical to malware.
             Uses the Windows Registry to run each time the user logs on.
             Program starts automatically without user intervention.
             Program is code signed with a valid Authenticode certificate.
             The file appears to be part of an installation package or setup program. This is typical for most programs.
          Startup
             HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Hard Disk Sentinel
          References
             C:\Documents and Settings\All Users\Start Menu\Programs\Hard Disk Sentinel\Hard Disk Sentinel.lnk
             C:\Documents and Settings\<MyName>\Desktop\Hard Disk Sentinel.lnk
             HKU\S-1-5-21-1417001333-2049760794-725345543-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache\C:\Program Files\Hard Disk Sentinel\HDSentinel.exe
    
       C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP53\A0031313.exe
          Size . . . . . . . : 309,544 bytes
          Age  . . . . . . . : 3.0 days (2015-06-17 10:29:43)
          Entropy  . . . . . : 6.4
          SHA-256  . . . . . : A9C877BA63E5C83A82319538F7FB8549D11385F48DEB7C24795EEB03CCF4EF79
          Product  . . . . . : Process Lasso
          Publisher  . . . . : Bitsum LLC
          Description  . . . : CPUEater ProBalance Demo
          Version  . . . . . : 8.1.0.7
          Copyright  . . . . : Copyright (C) 2015 Bitsum LLC
          RSA Key Size . . . : 2048
          LanguageID . . . . : 1033
          Authenticode . . . : Invalid
          Fuzzy  . . . . . . : 22.0
             Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
             Time indicates that the file appeared recently on this computer.
    
    
    Potential Unwanted Programs _________________________________________________
    
       HKLM\SOFTWARE\SpeedBit\ (SpeedBit)
    
    
    
    [/CODE]
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.