Hitman Pro Support and Discussion Thread

Discussion in 'other anti-malware software' started by yashau, Mar 20, 2009.

  1. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,045
    Location:
    Ontario, Canada
    It has been said many times that HMP does not update there database as fast as Prevx does that's why you would see that! ;)

    TH
     
  2. pabrate

    pabrate Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    685
    I didn't pay attention before , okay, thanks for the information :)
     
  3. malexous

    malexous Registered Member

    Joined:
    Jun 18, 2010
    Posts:
    830
    Location:
    Ireland
    When using /quiet or /scanonly, why does Hitman Pro pop-up as the scan starts?
     
    Last edited: Nov 4, 2010
  4. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    The /quiet shows a balloon when the scan starts and the /scanonly should not show anything until something is detected.

    Can you tell me the entire command line you are using?
     
  5. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    The Hitman Pro Scan Cloud uses the same PrevxClassifier as VirusTotal does.

    The PrevxClassifier is a command line tool that consults the cloud of Prevx when scanning a file. The PrevxClassifier is something completely different than the Prevx 3.0 application (the latter uses additional on access heuristics). Note though that Prevx 3.0 and the PrevxClassifier consult the same cloud. There is only one Prevx cloud.

    About the FP:
    Hitman Pro keeps rescanning a file for TWO months to resolve False Negatives and False Positives. If the file is older than TWO months the file keeps its classification (Unknown, Bad, Good) indefinitely ... until Hitman Pro users start flagging it as an FP then the file is re-uploaded to Hitman Pro Scan Cloud and the TWO months start over.

    If you can provide the SHA-256 hash of the file I can see what happened.

    Hope this helps.
     
  6. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Hitman Pro should work on XP SP1.
     
  7. pabrate

    pabrate Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    685
    That's interesting regarding VT , however it shows 0/40 for that file , I scanned it again just now with Hitman and it found it again :

    1.JPG

    MD5 : 5d3183eee9062d2ff4dca7fbcd457e9f
    SHA1 : 0a5020b7dc73c69e98f220ff064d7cd26a1c9588
    SHA256: 7f87fd8add3fac5bd40b1a619cf1c34ca4e6da536a7cb0a8e536a57f3e489477
     
  8. Kernelwars

    Kernelwars Registered Member

    Joined:
    Aug 12, 2010
    Posts:
    2,155
    Location:
    TX
    its not showing which engine detected it thougho_O
     
  9. pabrate

    pabrate Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    685
    It doesn't show when you scan just one folder , but it showed prevx engine when I scanned all files.

    Anyways, it seems it's fixed now , quick response :thumb:
     
  10. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    We are indeed small, but not that small.

    Note this though: we have made an entirely unique product by combining a behavioral scan, a low-level sector reader and file system interpreter attached to a multi-vendor cloud and a very capable malware removal engine. How many AVs can actually find-and-remove 32-bit and 64-bit TDL3?

    All made by just a few people.

    Our current portfolio:
    • Caretaker Antispam (for desktops)
    • Caretaker Antispam for Exchange Server
    • Caretaker Email Security Appliance (ESA)
    • Hitman Pro 3.5
    • Hitman Pro Endpoint Security
    Hitman Pro Endpoint Security was introduced yesterday at InfoSecurity 2010 in The Netherlands. It essentially is Hitman Pro for businesses and enterprise markets. It is meant as a second opinion to run regulary on-demand side-by-side existing AVs. Hitman Pro Endpoint Security provides insight in an organisation where an AV is failing. It does so by providing alerts and management information like which computers are infected and where did the outbreak start (timeline). And of course you can use Hitman Pro to clean those end points.

    About Hitman Pro realtime component: no comment
     
  11. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    You might struck a bug. I will have a look into this tomorrow.
     
  12. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    that is a comment my friend. Lol

    You know, HP was my prediction for surprise software of the year in 2010 and it has proven to be true.

    No one has ever been nominated or shared that honor 2 straight years in a row. But those "no comment" posts, means it is still possible.
     
  13. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,979
    @ erikloman

    Please reply to Post # 2552 TIA

    Like your cheeky Spam post for Antispam etc :D
     
  14. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,045
    Location:
    Ontario, Canada
    I only see a total of 2539 including this one so how can he reply to # 2552 :eek:

    TH
     
  15. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,979
    Hi TH, well that's a bit wierd ? this is what i see

    2552.gif

    Maybe it's your BETA of Prevx 4 that's causing it :D Or you need glasses :D
     
  16. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,045
    Location:
    Ontario, Canada
    Very strange!

    Capture04-11-2010-7.48.02 PM.jpg
     
  17. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,979
    Yes isn't it ?

    Maybe Admins or Mods can explain ;)
     
  18. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,045
    Location:
    Ontario, Canada
    And when I log out o_O But I see this post as 2543 when logged in!

    TH

    Capture04-11-2010-7.59.46 PM.jpg
     
  19. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    it simply rocks;)
     
  20. malexous

    malexous Registered Member

    Joined:
    Jun 18, 2010
    Posts:
    830
    Location:
    Ireland
    In the target for the desktop shortcut:

    Code:
    "C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe" \scanonly
    In cmd.exe:

    Code:
    cd C:\Program Files\Hitman Pro 3.5
    
    HitmanPro35.exe \scanonly
    That behaviour was on Windows XP SP3.

    Now, on Windows XP SP2, it pop-ups immediately, checks for updates, initiates and appears to end the scan without scanning anything (it reports it scanned one file).
     
    Last edited: Nov 4, 2010
  21. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,979
    Re Post 2552

    It turns out that the reason Triple Helix & myself are seeing different things is because we have uncovered a vBulletin bug !

    LowWaterMark has confirmed this, & is looking to getting it fixed soon :thumb:

    Not sure how i'm going to spend my share of the bug reward $ yet :D = Joke ;)
     
  22. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    or a free 1 year licence key will do the job;)
     
  23. Kernelwars

    Kernelwars Registered Member

    Joined:
    Aug 12, 2010
    Posts:
    2,155
    Location:
    TX
    indeed:D
     
  24. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
  25. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    You should use slash FORWARD. That should help :)
     
    Last edited: Nov 5, 2010
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.