Hitman Pro Support and Discussion Thread

Discussion in 'other anti-malware software' started by yashau, Mar 20, 2009.

  1. MerleOne

    MerleOne Registered Member

    Joined:
    Mar 6, 2006
    Posts:
    1,336
    Location:
    France
    Do you have Askbar installed on your PC, visible in IE for instance or present in Add/Remove Programs ?
     
  2. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    324
    Why? That is the question! If "Scan for Malware Remnants" option off? For me it helped.
     
  3. niki

    niki Registered Member

    Joined:
    Jun 9, 2010
    Posts:
    365
    No, no Askbar anywhere as far as I can see.
     
  4. MerleOne

    MerleOne Registered Member

    Joined:
    Mar 6, 2006
    Posts:
    1,336
    Location:
    France
    Then I would leave these entries as "Ignored". I guess.
     
  5. niki

    niki Registered Member

    Joined:
    Jun 9, 2010
    Posts:
    365
    MerleOne, I better wait for Erik to see what he has to say. Thanks.
     
  6. niki

    niki Registered Member

    Joined:
    Jun 9, 2010
    Posts:
    365
    Well, I took the plunge and deleted those 2 traces after I googled for info on them. Had no idea why after removing these traces the computer wouldn't work anymore so had the scare of my life. So then I rebooted and after that all was fine. Seems no harm was done in removing them. First time that I found traces (threats) on my PC.
     
  7. MerleOne

    MerleOne Registered Member

    Joined:
    Mar 6, 2006
    Posts:
    1,336
    Location:
    France
    Hmm, sometimes side effects can be seen a long time after changes on your PC, for instance your scanner refusing to work, etc. So it's always a good idea to have an image backup of your system before playing with unknown parameters. Macrium is excellent, AOMEI Backupper very nice too and free...
     
  8. niki

    niki Registered Member

    Joined:
    Jun 9, 2010
    Posts:
    365
    MerleOne, Just to let you know that I made a Macrium Reflect image just a few days ago. So far all seem to go okay. Thanks for your concern and advice.
     
  9. MerleOne

    MerleOne Registered Member

    Joined:
    Mar 6, 2006
    Posts:
    1,336
    Location:
    France
    You're welcome. I think HP keeps removed item in quarantine so I guess you can roll them back if necessary. Also, as an added and simple precaution, you may perform a backup of the registry using Tweaking.com Windows Repair All (Step 5 I think).

    The items that HP removed were probably remnants of Ask Toolbar that was partially uninstalled. This happens all the time.
     
  10. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Correct, we are adding remnants constantly. The mentioned remnant belongs to AskBar.
     
  11. niki

    niki Registered Member

    Joined:
    Jun 9, 2010
    Posts:
    365
    Thanks so much Erik. To my knowledge I never saw an Ask Toolbar on my PC and thus am very surprised (and yet very relieved) to know that these 2 traces were from that Toolbar that I read so much about. I am always extremely careful to avoid all toolbars and junk that installs with software. In addition I never uninstalled an Ask Toolbar.

    I had HitmanPro always scanning the quick scan since I purchased HitmanPro and it never found it. Decided to do a default scan and then these 2 to my surprise showed up.

    @MerleOne, thanks so much for all your help.
     
  12. 93036

    93036 Registered Member

    Joined:
    Sep 22, 2011
    Posts:
    110
    excalibur.db-shm; is it legitimate? I asked on the HitmanPro.Alert page, but it was suggested that I post it here.
     

    Attached Files:

  13. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    The filename belongs to HitmanPro.Alert. Though the properties displayed in the image are NOT from the mentioned file. Are you running RollbackRX or other filesystem virtualization software?
     
  14. 93036

    93036 Registered Member

    Joined:
    Sep 22, 2011
    Posts:
    110
    No. Standard W7HP-64 with HMPA 3.0.41 build 187, Avast Business and MBAM. It was the 1st time it's been flagged. I'll see if it repeats the next time I reboot.
     
  15. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,839
    Location:
    the Netherlands
    Oops, my fault. In the HitmanPro.Alert thread I noticed 93036's HitmanPro screenshot, and I said it would probably be better to post in the HitmanPro thread, instead of the HitmanPro.Alert thread, but I hadn't noticed HitmanPro.Alert was mentioned in the HitmanPro scan results!
    Sorry for that!
     
  16. the mul

    the mul Registered Member

    Joined:
    Jul 31, 2003
    Posts:
    1,704
    Location:
    scotland

    I know how you feel but it seems no one wants to help or give us an answer it just seems to get ignored.

    HitmanPro 3.7.9.241
    www.hitmanpro.com


    Windows . . . . . . . : 6.1.1.7601.X64/4
    UAC . . . . . . . . . : Enabled
    License . . . . . . . : Free

    Scan date . . . . . . : 2015-05-19 03:26:57
    Scan mode . . . . . . : Normal (cancelled by user)
    Scan duration . . . . : 9m 15s
    Disk access mode . . : Direct disk access (SRB)
    Cloud . . . . . . . . : Internet
    Reboot . . . . . . . : No

    Threats . . . . . . . : 0
    Traces . . . . . . . : 0

    Objects scanned . . . : 1,301,264
    Files scanned . . . . : 27,156
    Remnants scanned . . : 234,147 files / 1,039,961 keys


    Untick [Scan for Malware Remnants] and at least the scan speed return to normal but this is not really a solution.

    HitmanPro 3.7.9.241
    www.hitmanpro.com


    Windows . . . . . . . : 6.1.1.7601.X64/4
    UAC . . . . . . . . . : Enabled
    License . . . . . . . : Free

    Scan date . . . . . . : 2015-05-19 03:41:27
    Scan mode . . . . . . : Normal
    Scan duration . . . . : 1m 6s
    Disk access mode . . : Direct disk access (SRB)
    Cloud . . . . . . . . : Internet
    Reboot . . . . . . . : No

    Threats . . . . . . . : 0
    Traces . . . . . . . : 0

    Objects scanned . . . : 27,272
    Files scanned . . . . : 27,272
    Remnants scanned . . : 0 files / 0 keys


    Can someone please find a solution to this issue and as you can see I am not alone and others are suffering from the same problem.
    I am also running Windows 7 64bit with version 3.7.9 Build 241 64bit.
     
  17. lucien_phoenix

    lucien_phoenix Registered Member

    Joined:
    Oct 20, 2012
    Posts:
    134
    Location:
    Germany
    for 2 days i bought a new 1 year licens for Hitman Pro
    via the Webshop from Surfright.Today my Birthday i
    have activated the Licens.Why there is not 19.05.16
    the expired Date i wonder why.An why there is a the
    Name: Sun Gard.I use a 10% valid Coupon Code and
    the Surfright Webshop.

    So it apperars:

    Name: SunGard

    Type: Komerzielle Lizens

    Ablaufdatum: 2016-05-18

    I hope you can help me with a view infos about this.
     
  18. Mops21

    Mops21 Registered Member

    Joined:
    Oct 5, 2010
    Posts:
    2,729
    Location:
    Germany
    Hi Erik and Hi Mark

    Can you check the 1 File and whitelisted the 1 File please. I use the FP function into the Programm to submit the File to you

    With best Regards
    Mops21
     

    Attached Files:

  19. Space Ghost

    Space Ghost Registered Member

    Joined:
    Apr 21, 2011
    Posts:
    190
    Location:
    Poland
    some FP's
    Code:
    Properties
    Name    1Password-4.3.0.556.exe
    Location    C:\Users\xxx\AppData\Local\Temp
    Size    9.9 MB
    Time    54.6 days ago (2015-03-26 04:36:43)
    Authenticode    Self-signed
    Entropy    8.0
    Product    1Password                                                  
    Publisher    AgileBits                                                  
    Description    1Password Setup                                            
    Version    4.3.0.556
    RSA Key Size    2048
    LanguageID    0
    SHA-256    498BA02B18799249A62C9E029F472D5BF16B7D7FCCF029FA7B86BB8384C85EE1
    
    Detection Names
    Kaspersky    not-a-virus:RiskTool.Win32.Deleter.p
    
    Scoring (106.0)
    One or more antivirus vendors have indicated that the file is malicious.
    Program is code self-signed.
    Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
    Code:
    Properties
    Name    1Password-4.5.0.572.exe
    Location    C:\Users\xxx\AppData\Local\Temp
    Size    10.2 MB
    Time    0.7 days ago (2015-05-19 01:49:04)
    Authenticode    Self-signed
    Entropy    8.0
    Product    1Password                                                  
    Publisher    AgileBits                                                  
    Description    1Password Setup                                            
    Version    4.5.0.572
    RSA Key Size    2048
    LanguageID    0
    SHA-256    FC1E49FC49ED311CF4359E484C0751FAB5F6B2A328BA4F657C095D29FEB39D6B
    
    Detection Names
    Kaspersky    not-a-virus:RiskTool.Win32.Deleter.p
    
    Scoring (108.0)
    One or more antivirus vendors have indicated that the file is malicious.
    Program is code self-signed.
    Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
    Time indicates that the file appeared recently on this computer.
    
    Forensic Cluster
    *    C:\Users\xxx\AppData\Local\Temp\1Password-4.5.0.572.exe
    2.2s    C:\Users\xxx\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B90B117906B8A74C79D1BC450C2B94B1_A54F26A8A41DE52C237D54D67F12793F
    2.2s    C:\Users\xxx\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B90B117906B8A74C79D1BC450C2B94B1_A54F26A8A41DE52C237D54D67F12793F
    4.4s    C:\Users\xxx\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F4D9C889B7AEBCF4E1A2DAABC5C3628A_BA3F50AB6A8DECDE8CF8CFA31B2EAF1F
    4.4s    C:\Users\xxx\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F4D9C889B7AEBCF4E1A2DAABC5C3628A_BA3F50AB6A8DECDE8CF8CFA31B2EAF1F
    
    
     
  20. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    324
    My license not free! My license type is commercial. Expiration date: 2017-10-03. And yet... At least they would say something.
     
  21. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Whitelisted. Thanks for reporting :thumb:
     
  22. pb1

    pb1 Registered Member

    Joined:
    Apr 4, 2014
    Posts:
    1,268
    Location:
    sweden
    Hi

    Today i read in a sales campaign about Hitman pro having 5 antivirus skanners but as far as i know there is only 2 , Kaspersky and Bitdefender , so which are the other 3 and when did they get added ?

    I downloaded HMP and the front Gui still says Ks and Bd .

    Anyone ?
     
  23. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,741
    Location:
    UK
    This is correct. HitmanPro currently only uses two engines. It used to use up to 5 engines, but the other three were removed some time ago.
     
  24. pb1

    pb1 Registered Member

    Joined:
    Apr 4, 2014
    Posts:
    1,268
    Location:
    sweden
    Yeah i know , thats my point , and thats why i am wondering why they advertise it as a program with 5 vendors in an ongoing campaign - http://www.tipradar.com/surfright-hitmanpro-3-discount-coupon-code.html

    The above is just one site of several from today .

    Are you saying that you KNOW that it has not changed ?
     
  25. Stupendous Man

    Stupendous Man Registered Member

    Joined:
    Aug 1, 2010
    Posts:
    2,839
    Location:
    the Netherlands
    The site you refer to is not SurfRight's site, of course, but it's a third party site.
    Probably they are simply copying SurfRight's HMP information, which seems out of date, as it mentions "using the anti virus programs of 5 different vendors".
    Looks like a job for Mark and Erik and colleagues, but I guess most if not all time is spent working on HMP and HMP.A.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.