Hitman Pro Support and Discussion Thread

Discussion in 'other anti-malware software' started by yashau, Mar 20, 2009.

  1. kupo

    kupo Registered Member

    Joined:
    Jan 25, 2011
    Posts:
    1,121
    Questions regarding HitmanPro
    1.) I've noticed that during the start of scan HitmanPro will create a service regarding a driver and at the end of scanning HitmanPro will delete it? Is it normal? (I've noticed it with the help of Process Hacker and it's notification regarding created and deleted service)
    2.) Does scheduled scan work in Standard User Account?
    EDIT: I've set the scheduled scan at start-up but nothing is appearing, is it suppose to be like that?
     
    Last edited: Apr 22, 2012
  2. Mops21

    Mops21 Registered Member

    Joined:
    Oct 5, 2010
    Posts:
    2,731
    Location:
    Germany
    Hi Erik

    Have you a result for me from my Files i have send
     
  3. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    1) Yes. This is normal. HitmanPro is an on-demand scanner so the support driver is also deployed on-demand.

    2) No. HitmanPro does not run under Standard User Account. HitmanPro does elevate but when the user has not enough rights (after elevation) then HitmanPro does not run.
     
  4. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    The files are corrupt and too short (less than 1000 bytes). I will try to incorporate an exclude for these files.
     
  5. Mops21

    Mops21 Registered Member

    Joined:
    Oct 5, 2010
    Posts:
    2,731
    Location:
    Germany
    Thank you very much for the Info about it.

    And what can i do
     
  6. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    You can delete them as they are just partially downloaded files (corrupt).
     
  7. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    eirik, can you check your PM box, thank you.
     
  8. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    :thumb: :thumb: it finds alot of stuff new or old :) the best scaner ever good job erik and mark:thumb: :thumb:
     
  9. Mops21

    Mops21 Registered Member

    Joined:
    Oct 5, 2010
    Posts:
    2,731
    Location:
    Germany

    Thank you very much i will delete them

    When can i wait for the exclude
     
  10. Function

    Function Registered Member

    Joined:
    Feb 5, 2012
    Posts:
    76
    Location:
    UK
    I have noticed, unlike other scanners, Hitman Pro scans take around 3-4 minutes. Also I have no way to choose which drives its scans.

    What files/folder does HMP scan and is there a way to do full drive scans using HMP?
     
  11. kupo

    kupo Registered Member

    Joined:
    Jan 25, 2011
    Posts:
    1,121
    There is no way to do full drive scan using HMP.
     
  12. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    False positives today,apparently Faronics Anti-excutable drivers are malicious.Anyways repoted them as safe.
     
  13. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    They are reported as Suspicious (not Malicious).

    Upon closer inspection Faronics Anti-Executable is doing something peculiar with its drivers files. When you try to view the properties (e.g. right click on AeFilter.sys in Windows Explorer) there are no properties to view (tabs are missing). Also copying the driver file is not possible o_O

    Faronics Anti-Executable is preventing read access to the driver files, which is rootkit-like behavior. Rootkits block access to their drivers to prevent their content to be inspected by AVs. Of course, this is not a problem for HitmanPro because HitmanPro is reading the file contents sector-by-sector from disk.
    It is the behavioral part of HitmanPro that sees rootkit properties in Faronics Anti-Executable's driver files.

    I can white list the suspicious driver but when Faronics updates the drivers then they will be listed again.

    I really find it odd why Faronics blocks READ access. Why not only block DELETE access? Now a normal Windows user cannot see what kind of driver he's having on his system, for example view the digital signature. It might be a rootkit for all you know.

    I will discuss with the team how we can address this.

    Hope this helps.
     
  14. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Yes your correct they where suspicioius an not malicious,Sorry about that I miss spoke.Everything makes sense as long as I remember not to delete them no harm done.Nice to see the program doing it's job though.:thumb:
     
  15. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
  16. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    1,761
    My scheduler problem on Vista was caused by a leftover hitmanpro35.sys in system32/drivers. After I deleted it, the scanning after every boot/logon stopped and HMP now only scans once a day according to the settings. Win7 is okay too.

    Al
     
  17. remco8264

    remco8264 Registered Member

    Joined:
    Apr 25, 2012
    Posts:
    29
    Hitman Pro looks interesting, and I'm thinking about purchasing a license. But I'm wondering about licenses. I regulary do a clean install of Windows, and I've often experienced programs where I couldn't activate the product again. Sometimes, even support didn't want to revoke the license or grant another license. Does anyone have experience with how Hitman Pro support handles this? Is there an option to revoke a license and free the slot up?

    Thanks in advance,
     
  18. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    You are allowed to reintall. But you may run into the "maximum number of activations reached" message after a few reactivations. If you contact our support (support@hitmanpro.com) we can scrub an existing activation. But we only allow that for a few times.

    You only need a license if your system has malware. Scanning with HitmanPro is always free.
     
  19. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    I was to post about this quite sometime ago, but never remembered about it.

    Take a look at the screenshot. You'll see it sayst the hosts file is compromised, with 9 traces. Apparently, HitmanPro thinks Google's domains are being blocked, but none of them belong to Google.

    It happens with any scan type.
     

    Attached Files:

  20. Hugger

    Hugger Registered Member

    Joined:
    Oct 27, 2007
    Posts:
    1,003
    Location:
    Hackensack, USA
    XI'm running into a perplexing problem.
    I changed the admin password.
    Everything works properly except HMP.
    opened HMP and it changed my screen resolution.
    I've uninstalled and installed HMP a few times and get the same results.
    What can I do to fix this.
    Hugger
     
  21. carat

    carat Guest

    You are right, Hitman Pro doesn't remove malware for free :( You could try Malwarebytes AM ... ;)
     
  22. desertjon

    desertjon Registered Member

    Joined:
    Mar 7, 2012
    Posts:
    81
    Location:
    Philippines
    I installed Hitman Pro and it found 16 tracking cookie traces but will not remove them unless I purchase the program...I then ran a full scan with Malwarebytes Pro and it found nothing
     
  23. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    It removes malware for 30 days (time starts upon fist removal). Scanning is free.
     
  24. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Cookies are removed without license/purchase.
     
  25. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    There is a check in HitmanPro that when the screen resolution is smaller than 800x600 it resizes to 800x600.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.