Hitman Pro Support and Discussion Thread

Discussion in 'other anti-malware software' started by yashau, Mar 20, 2009.

  1. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,682
    I did the scan...but? :D

    Code:
    HitmanPro 3.7.5.196
    www.hitmanpro.com
    
       Computer name . . . . : XXXYYY
       Windows . . . . . . . : 5.1.3.2600.X86/4
       User name . . . . . . : ***Private information***
       License . . . . . . . : Paid (927 days left)
    
       Scan date . . . . . . : 2013-05-18 08:09:07
       Scan mode . . . . . . : Normal
       Scan duration . . . . : 11m 35s
       Disk access mode  . . : Direct disk access (SRB)
       Cloud . . . . . . . . : Internet
       Reboot  . . . . . . . : No
    
       Threats . . . . . . . : 0
       Traces  . . . . . . . : 10
    
       Objects scanned . . . : 1,984,929
       Files scanned . . . . : 45,707
       Remnants scanned  . . : 1,413,355 files / 525,867 keys
    
    Suspicious files ____________________________________________________________
    
       C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336531.exe
          Size . . . . . . . : 121,104 bytes
          Age  . . . . . . . : 3.0 days (2013-05-15 09:17:27)
          Entropy  . . . . . : 6.2
          SHA-256  . . . . . : 0BAD78488EA45FBB337C7355EEE385A315CDECF63EC1A13ADA0B4DCD30C6D47C
          Product  . . . . . : CPUEater Application
          Publisher  . . . . : Bitsum
          Description  . . . : CPUEater Application
          Version  . . . . . : 6.0.3.19
          Copyright  . . . . : Copyright (C) 2010-2013 Bitsum Technologies
          RSA Key Size . . . : 2048
          Authenticode . . . : Invalid
          Fuzzy  . . . . . . : 22.0
             Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
             Time indicates that the file appeared recently on this computer.
          Forensic Cluster
             -0.0s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336530.exe
              0.0s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336531.exe
              0.0s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336532.exe
              0.2s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336533.exe
              0.3s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336534.exe
              0.3s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336535.exe
              0.4s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336536.exe
              0.5s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336537.exe
              0.6s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336538.exe
              0.7s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336539.exe
              0.8s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336540.exe
              0.8s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336541.exe
              0.9s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336542.dll
              1.0s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336543.dll
              1.0s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336544.dll
              1.1s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336545.dll
              1.3s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336546.dll
              1.3s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336547.dll
              1.4s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336548.dll
              1.6s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336549.dll
              1.7s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336550.dll
              1.8s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336551.dll
              1.8s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336552.dll
              1.9s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336553.dll
              2.1s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336554.dll
              2.1s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336555.dll
              2.2s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336556.dll
              2.3s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336557.dll
              8.5s C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336558.exe
    
    
    
    
    BTW, I have since deleted C:\System Volume Information\_restore{EAF808E9-A451-4F6F-ACB7-2EE5AF7CB4E6}\RP278\A0336531.exe
     
  2. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,147
    Location:
    Outer space
    Beta working fine here, got a strange detection today from a scheduled scan with build 193 though:
    Name healthreport.sqlite-shm
    Location C:\Users\Username\AppData\Roaming\Mozilla\Firefox\Profiles\1t5j3ivs.default
    Size 32.0 KB
    Time 0.2 days ago (2013-05-18 10:23:23)
    Entropy 6.2
    Product HitmanPro 3.7
    Description HitmanPro 3.7 Support Driver
    Version 1.3.7.6
    Copyright © 2012 SurfRight B.V.
    SHA-256 DFE35D9DF11BD68AD2767C01CD49B859EF5D4A220F589D45A146190DE6693D7E

    Scoring (49.0)
    The file is hidden from Windows API. This is typical for malware.
    The file is completely hidden from view and most antivirus products. It may belong to a rootkit.
    The file name extension of this program is not common.
    Time indicates that the file appeared recently on this computer.
    The file is in use by one or more active processes.
    Authors name is missing in version info. This is not common to most programs.
    The file is a device driver. Device drivers run as trusted (highly privileged) code.
     
  3. lucien_phoenix

    lucien_phoenix Registered Member

    Joined:
    Oct 20, 2012
    Posts:
    130
    Location:
    Germany
    i'm still using Hitman Pro (Year Licens Renewel),a view week ago,after a standard
    Hitman Scan, i got the Same Message from Hitman (was a old
    3 Match casual Game).And i push the Button (Repair),and i got an sweet
    BSOD(i never had some before)maybe there a old traces from the game
    i dont know,people say it was the restof this game that causes this bsod.
    whats right whats wrong.?
    --------
    Stop:

    0x0000007E (0x0000005,0x00000000,0x8E98BC00,0x8E98B7E0)
    --------

    i never hat problems with HitmanPro on my Windows 7 Machine,i love
    HitmanPro.

    Greets

    Lucien :rolleyes:

    PS*sorry for my broken English :cool:
     
  4. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Can you send the minidump from c:\windows\minidumps\ folder?
     
  5. THESAWISFAMILY2005

    THESAWISFAMILY2005 Registered Member

    Joined:
    Aug 10, 2012
    Posts:
    198
    Location:
    SACRAMENTO CALIFORNIA
    love the program wish they would come out with a free version and not just a trial
     
  6. lucien_phoenix

    lucien_phoenix Registered Member

    Joined:
    Oct 20, 2012
    Posts:
    130
    Location:
    Germany
    Sorry for being a fool bro,this was a old Install,and i forgot to backup this
    Minidump,than view days later i made a new install on my machine.Ok i have
    to wait hoping that Mess not happens again,and i swear,will this happens
    again(i hope not),i will do that Backup.So i said basically i dont have any
    Problems with Hitman Pro never,so there is a good Chance that this Mess
    not happens again,it might be possible that this BSOD causes from a
    very unlucky Situation an Configuration at this Time.Will this in some Way
    happens again,i made this Backup,you can count on me.:thumb: :cool:

    Greets

    Lucien
     
  7. mattdocs12345

    mattdocs12345 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    1,879
    Location:
    US
    Yes it is very good. Looks very promising. Lol, Im sorry but I couldn't help myself. This thread is so old. HMP should get its own forum section....
     
  8. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    1,122
    Erik,

    Did you get a chance to look at this?

    Al
     
  9. Space Ghost

    Space Ghost Registered Member

    Joined:
    Apr 21, 2011
    Posts:
    62
    Location:
    Poland
    HitmenPro on x64 system does not update to a newer version. This isn't the first time!
     
  10. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Solved it. Thanks :thumb:
     
  11. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,538
    Location:
    Sweden
    Ikarus is the father of all false positives (I know, I'm exaggerating a bit). It could cause more harm than good for Hitman in the long run, even though it does have excellent detection rates.
     
  12. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    HitmanPro 3.7.5 Build 197 RELEASED

    HitmanPro 3.7.5 Build 197 RELEASED

    Changelog
    • ADDED: Java exploit drive-by-download detection through forensic clustering.
    • ADDED: Bootkit Gapz removal via Kickstart.
    • IMPROVED: Detection of zero-day ransomware through forensic clustering.
    • IMPROVED: Detection and removal of malware starting via Command Processor (cmd.exe).
    • IMPROVED: Remnant scanner.
    • IMPROVED: Forensic clustering.
    • FIXED: On some computers keyboard was unresponsive in Kickstart BIOS Boot Menu
    • UPDATED: Kickstart 2.2
    Existing users are being updated as we speak.

    Please let us know how this version runs on your system :thumb:
     
    Last edited: May 23, 2013
  13. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,147
    Location:
    Outer space
    Erik, do you have more info why the Firefox file was detected as HitmanPro driver? The detection is now gone btw.

    Build 197 running fine here :) (w7x64)
     
  14. c2d

    c2d Registered Member

    Joined:
    Sep 26, 2007
    Posts:
    571
    Location:
    Bosnia
    Works great here :thumb:

    Win 8 64bit
     
  15. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    HitmanPro 3.7.5 Build 198 BETA

    Changelog
    • ADDED: Repair of Reparse Points / Junctions placed by malware on Antivirus programs.

    Description
    The latest variant of ZeroAccess/Sirefef disables Microsoft Security Essentials and Windows Defender by placing a Reparse Point (Junction/Symbolic Link) on the files of these products. The result is that these antivirus products are disabled by the malware! More info can be found here at KernelMode.info.

    This BETA release of HitmanPro now detects and removes these Reparse Points so that the mentioned AV products will function again.

    Here a screenshot of how HitmanPro offers to repair the reparse points:

    ReparsePoints198Beta.png

    Download
    http://www.surfright.nl/downloads/beta

    Please let us know how this version runs on your computer :thumb:
     
  16. Fad

    Fad Registered Member

    Joined:
    Feb 25, 2009
    Posts:
    428
    Location:
    England
    No issues here with 198 :thumb:
     
  17. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,538
    Location:
    Sweden
    Wow! Hitman Pro suddenly becomes drastically improved with an increased amount of updates! I'm glad I own several licenses and I'm positive I'll renew them in August when they expire.

    Great job Erik!
     
  18. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    More new and useful features in version 3.8 which is slated for release on July 1st.
     
  19. lucien_phoenix

    lucien_phoenix Registered Member

    Joined:
    Oct 20, 2012
    Posts:
    130
    Location:
    Germany
    Build 197 Release runs fine here
    Build 198 Beta runs fine here

    Greets

    Lucien:thumb:
     
  20. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,466
    Location:
    Italy
    XP SP 3:

    Immagine.JPG
    1.JPG

    All scans.
     
    Last edited: May 23, 2013
  21. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    5,272
    Location:
    North Carolina, USA
    Hello,

    I have had to remove HMP for the time being. I have started getting a BSOD every time I scan with HMP. I start HMP and the scan, it progresses normally for a bit, then during the scan everything freezes. A bit after the freeze, my system BSOD's. I get a screen where Windows says it is gathering info and will then reboot. On the reboot, it stops on the Windows booting screen before the login screen. After a moment or two, all disk activity stops. I have to do a hard reset but am always given the Windows maintenance screen when windows is booting giving me the option to do a repair or proceed to Windows. If I chose repair, if fails. If I try to continue to Windows, it stops again with no disk activity. The only way to proceed is a hard reset again. This is a never-ending loop. I have to restore an image from my back-ups to get back to Windows. This is reproducible even after an uninstall and reinstall of HMP as it happens every time. Since my Windows is somehow becoming unbootable and I have to restore an image, I have no logs left to try to troubleshoot or forward to SurfRight. I am on Win 8 Pro x64 and since I see no one else having this problem, I am assuming it must be something unique to my system.
     
  22. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,538
    Location:
    Sweden
    Have you considered hosting an official, dedicated forum here at Wilders instead of this thread? :)

    I'm excited to hear about the new features when time is right! :)
     
  23. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    I think it MIGHT be related to your AX64 Time Machine software. If you set HitmanPro to Compatible Mode I think the issue should be resolved.

    Did you have issues with previous builds of HitmanPro?
     
  24. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
  25. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    5,272
    Location:
    North Carolina, USA
    Hi erik,

    I will install again and change the mode before I try a scan.

    Before now, I did see an occasional BSOD (maybe 1 in 25 scans) and probably 2 0ut of 3 of those were the first scan after HMP did an update. In these cases, it never rendered my system unbootable.

    Does Compatible Mode reduce the detection any?
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.