Hitman Pro Support and Discussion Thread

Discussion in 'other anti-malware software' started by yashau, Mar 20, 2009.

  1. malware1

    malware1 Registered Member

    Joined:
    May 26, 2014
    Posts:
    133
    What HitmanPro refers to by 'Remnant file objects scanned' and 'Remnant Registry objects scanned'? I don't understand how it can scan remnants. Did you mean 'Scan for remnants'?
     
  2. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    7,983
    https://hitmanpro.wordpress.com/2011/12/23/hitmanpro-3-6/
    December 23, 2011
     
  3. Mops21

    Mops21 Registered Member

    Joined:
    Oct 5, 2010
    Posts:
    2,731
    Location:
    Germany
    Hi Erik and Hi Mark

    Can you check the 1 File and whitelisted the 1 File please. I use the FP function into the Programm to submit the File to you

    With best Regards
    Mops21
     

    Attached Files:

  4. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Great suggestion. Will have a look at how to implement this.
     
  5. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,868
    Location:
    Outer space
    Nice! :)
     
  6. Mops21

    Mops21 Registered Member

    Joined:
    Oct 5, 2010
    Posts:
    2,731
    Location:
    Germany
    Hi Erik and Hi Mark

    Can you check the 4 Files and whitelisted the 4 Files please. I use the FP function into the Programm to submit the File to you

    With best Regards
    Mops21
     

    Attached Files:

  7. Hitman Pro started scanning Nvidia Geforce experience Files "198" of them total, compressing and uploading to the cloud,took an hour and 10 minutes, at the end, found no infections, i closed it and waited a few minutes and reran the scan, and it did the same thing, compressing and uploading them taking a very long time doing so.

    I just downloaded it freshly, and ran it again, so i could screen shot this. It is still scanning the same files. This is a freshly released version of experience, just released today, updated through its own updater.

     
  8. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Thanks for reporting! We had a glitch in the backend. Should be solved now. Can you perform another scan?
     
  9. Thank you for responding so quickly, i downloaded it and ran the scan again this morning, and all is well again. Hitman is generally my number one go to on demand, and fast response like this makes it even more so.
     
  10. CB13

    CB13 Registered Member

    Joined:
    Dec 26, 2013
    Posts:
    10
    Location:
    USA
    DriverRestore??

    Is this malware? A false positive?

    With every scan, HitmanPro lists DriverRestore (DrvAgent64.SYS) but seems unable to delete it. What is it, should it be deleted, and if so, how??

    (Log and screen grabs attached.)


    Thank you in advance for any help!

    DriverRestore.jpg DriverRestore-1.jpg
     

    Attached Files:

    Last edited: Oct 20, 2015
  11. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
    I also have that question ... btw your log shows something else?
     
  12. CB13

    CB13 Registered Member

    Joined:
    Dec 26, 2013
    Posts:
    10
    Location:
    USA
    Yes, after posting I realized that DriverRestore isn't even showing in the log, so I've edited to attach after-scan and after-deletion screen grabs.
    DriverRestore remains after deletion of the other items, but if there are no other items found, it shows for a moment, than HitmanPro quickly changes to the "No threats found" screen.
     
  13. malexous

    malexous Registered Member

    Joined:
    Jun 18, 2010
    Posts:
    830
    Location:
    Ireland
    If you set HitmanPro to scan on a weekly schedule from the inbuilt schedular and it does not scan because the computer was turned off or a fullscreen program was running, will it wait another week before it tries to scan again?
     
  14. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,210
    Location:
    Among the gum trees
    I have HMP scheduled to scan daily and if a scan is missed it scans after next boot, unless it is close to the next days scan time.
     
  15. SOG

    SOG Registered Member

    Joined:
    Mar 9, 2009
    Posts:
    33
    I'm looking for help with scheduled scans - I can't manage to get the process to run, at least I don't see a log entry. I've got AppGuard and WebrootSA with HP set as a Power Ap in AG: Win 8.1. Can anyone suggest what I'm doing to prevent this operation?
     
  16. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    1,761
    I found that if you missed a scan ( i.e. daily), you had to wait for the next interval. I disabled scheduling in HMPA settings and use the built-in Windows scheduler, which IMO does a better job and is more consistent running the scans. You also have more options.
     
    Last edited: Oct 21, 2015
  17. metmichallica

    metmichallica Registered Member

    Joined:
    Mar 16, 2005
    Posts:
    183
    I downloaded Hitman Pro to see if my other programs missed anything and was amazed you now need a license to delete tracking cookies.
     
  18. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    7,983
    Run HMP v3.7.10-Build 250 (x64) few minutes ago.
    I don't need a license to delete tracking cookies.
     
  19. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Correct, no license is needed to remove cookies.
     
  20. metmichallica

    metmichallica Registered Member

    Joined:
    Mar 16, 2005
    Posts:
    183
    i found out the problem. It seems I have some registry keys that my security tools failed to pick up. Hitman tells me I have 0 threats, but it is seeing those keys in the registry and not letting me delete. Can only registry keys hurt your computer?
     
  21. Mops21

    Mops21 Registered Member

    Joined:
    Oct 5, 2010
    Posts:
    2,731
    Location:
    Germany
    Hi Erik and Hi Mark

    Can you check the 1 File and whitelisted the 1 File please. I use the FP function into the Programm to submit the File to you

    With best Regards
    Mops21
     

    Attached Files:

  22. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    1,761
    HitmanPro flagging HMPA file.:D
    Code:
    Name   excalibur.db-shm
    Location   C:\ProgramData\HitmanPro.Alert
    Size   32.0 KB
    Time   0.0 days ago (2015-10-25 10:04:53)
    Entropy   6.3
    Product   HitmanPro 3.7
    LanguageID   0
    SHA-256   9D6CB53513F33BD65C8ABD9AE6F340B02A8686AD324C5D66A01FE98C39C3F05E
    
    Scoring (58.0)
    The file is hidden from Windows API. This is typical for malware.
    The file is completely hidden from view and most antivirus products. It may belong to a rootkit.
    The file name extension of this program is not common.
    Program is running but currently exposes no human-computer interface (GUI).
    Authors name is missing in version info. This is not common to most programs.
    Version control is missing. This file is probably created by an individual. This is not typical for most programs.
    Time indicates that the file appeared recently on this computer.
    The file is in use by one or more active processes.
    The file is a device driver. Device drivers run as trusted (highly privileged) code.
    
    Forensic Cluster
    -8.5s   C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl
    -8.5s   C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl
    -5.0s   C:\Windows\Logs\MeasuredBoot\0000000066-0000000000.log
    0.0s   C:\ProgramData\HitmanPro.Alert\excalibur.db-wal
    *   C:\ProgramData\HitmanPro.Alert\excalibur.db-shm
    0.6s   C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    0.6s   C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    2.5s   C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTMuroc System Trace.etl
    
     
  23. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    This can happen when the filesystem has not yet flushed memory to the disk.
     
  24. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Whitelisted.
     
  25. Mops21

    Mops21 Registered Member

    Joined:
    Oct 5, 2010
    Posts:
    2,731
    Location:
    Germany
    Okay thank you very much for your info

    With best Regards
    Mops21
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.