Hitman Pro Support and Discussion Thread

Great to hear that Kickstart worked

You can restore your USB flash drive by going back to the Kickstart dialog in HitmanPro and right-click your USB flash drive and choose "Erase USB flash drive" from the popup menu:

 

Thank you so much. Worked a treat.

And thank you gerardwil for the advise too

 

Hitman Pro detected my firefox profile as suspicious. After deleting the file Firefox was dead. I had to reinstall Firefox, not nice Hitman.

 

You can go to quarantine and press Restore.

 

btw erikloman i have a ? about hitman pro

 

Write either a PM or send me an email erik[at)surfright.com

 

And also check this:

http://support.mozilla.org/en-US/kb...from an old profile?esab=a&s=profile&r=1&as=s

 

Thank you buddies.

 

Hi Erik

Can you check my Files and whitelisted please

Properties
Name ikeext.dll
Location C:\Windows\System32
Size 435 KB
Time 8.0 days ago (2013-11-15 16:50:11)
Entropy 5.8
Product Microsoft® Windows® Operating System
Publisher Microsoft Corporation
Description IKE extension
Version 6.0.6002.18960
Copyright © Microsoft Corporation. All rights reserved.
Service IKEEXT
SHA-256 FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3

Scoring (10.0)
Starts automatically as a service during system bootup.
Program starts automatically without user intervention.
The file is in use by one or more active processes.
The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
Time indicates that the file appeared recently on this computer.
The file is protected by Windows File Protection (WFP). This is typical for critical Windows system files.

Startup
HKLM\SYSTEM\CurrentControlSet\Services\IKEEXT\


SHA256: fa8ebed2778d9f7560adc1b563954eef98aae651c0553f2803372b37b122aeb3
Dateiname: IKEEXT.DLL
Erkennungsrate: 0 / 46
Analyse-Datum: 2013-11-23 15:10:04 UTC ( vor 0 Minuten )


Properties
Name ieframe.dll
Location C:\Windows\System32
Size 10.6 MB
Time 8.0 days ago (2013-11-15 16:50:33)
Entropy 6.4
Product Windows® Internet Explorer
Publisher Microsoft Corporation
Description Internet Explorer
Version 8.00.6001.19483
Copyright © Microsoft Corporation. All rights reserved.
SHA-256 29F6396757A91D156935820C0AA38A5A9AFC4F7F714F1DEAF7D4BCC44935729E

Scoring (7.0)
Program starts automatically without user intervention.
The file is in use by one or more active processes.
The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
Time indicates that the file appeared recently on this computer.
The file is protected by Windows File Protection (WFP). This is typical for critical Windows system files.

Startup
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\UrlSearchHooks\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\UrlSearchHooks\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}
HKU\S-1-5-21-911542882-2029379874-2294310465-1000\SOFTWARE\Microsoft\Internet Explorer\UrlSearchHooks\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}

References
HKLM\SOFTWARE\Classes\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\
HKU\S-1-5-21-911542882-2029379874-2294310465-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\

SHA256: 29f6396757a91d156935820c0aa38a5a9afc4f7f714f1deaf7d4bcc44935729e
Dateiname: ieframe.dll
Erkennungsrate: 0 / 46
Analyse-Datum: 2013-11-23 15:13:09 UTC ( vor 0 Minuten )


Properties
Name ie4uinit.exe
Location C:\Windows\system32
Size 170 KB
Time 8.0 days ago (2013-11-15 16:50:31)
Entropy 7.3
Product Windows® Internet Explorer
Publisher Microsoft Corporation
Description IE Per-User Initialization Utility
Version 8.00.6001.19483
Copyright © Microsoft Corporation. All rights reserved.
SHA-256 10873000A8A4C02622C15FBB40D0DAEDFB3929808FDF585B6624D8F9168C75E5

Scoring (10.0)
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Program starts automatically without user intervention.
The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
Time indicates that the file appeared recently on this computer.
The file is protected by Windows File Protection (WFP). This is typical for critical Windows system files.

Startup
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}\
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\

SHA256: 10873000a8a4c02622c15fbb40d0daedfb3929808fdf585b6624d8f9168c75e5
Dateiname: ie4uinit.exe
Erkennungsrate: 0 / 46
Analyse-Datum: 2013-11-23 15:15:38 UTC ( vor 0 Minuten )

 

Erik, I can't remember....When does the new license start to count?
At time of purchase or when I activate it?

Thanks.

 

When you activate it.

 

Nice, I was about to ask the same question !

 

Thanks again ...Just bought another 1 year license for HitmanPro for 12.50$. (Black Friday promotion).

 

When I start scan (Direct Disk Access) I'm getting error in event viewer amd_sata Reset to device, \Device\RaidPort0, was issued Evend ID 129, but when I put on compatible Disk Access everything working normal, no event 129.
My motherboard is ASUS M5A97 r2.0, AMD 970/950 Chipset/SB, Windows 7 x64, tried all AHCI drivers from AMD and same error. This is just a feedback, now I'm using Compatible Disk Access so this is great software for cleaning malware.

 

Ill get one too.
Finally a good HMP discount, i wish there was a 2-3 year license on discount.

 

Just want to say that I too have just bought a license for £8.25 for Hitman Pro. I don't think I will ever need it - but I love the support that I have seen Erik give day after day throughout the year. Not to mention the fact that the program is just amazing at cleaning up the hard to reach malware that others have a problem with.

Just one question - as I understand it the license does not activate till I tell to it activate, but will it ever expire. Say if 3 years down the line, would it have expired? ie if I don't use it at all for 3 years and dont activate it, then all of a sudden in 2016 decide to activate it. Or it should be fine and if it is not fine I can just email you guys and get it activated.

Many thanks for this great program!

 

Wondering the same thing, how much time do we have to activate the license after purchase?

 

Erik, can you answer to the question(s) above?

 

The clock starts upon activation. You can start the activation even 3 or 10 years from now.

 

Could use a little help...

I've been a HitmanPro user (paid) for several years and have rarely had a problem on my XP machine. However, two days ago, I ran into a situation that I can't seem to resolve. Unfortunately I offer a lot of details because I've now uninstalled it along with all of the Log files.

The bottom line is that when I start a HMP scan, I started getting a Blue Screen with a memory dump. I ran several other AV/malware scans, but nothing showed up. Thinking that HMP might have possibly become corrupted, I totally uninstalled and re-installed it, but still had the same problem.

The only thing I had done (differently) prior to encountering this problem was the day before all of this started, I installed EMET 4.1. However, I uninstalled shortly thereafter because I wasn't sure it was for me. I don't know if the HMP problem is at all related to the EMET install, but it's the only thing I can think of that might have caused it.

I'm a big HMP fan and feel sort of lost without it. I also have two years+ remaining on a 3-year subscription.

If anyone has any thoughts or suggestions, I'd love to hear them.

 

it will be nice to have a feature that hitmanpro to automaticly eat the cookies after every reboot

 

Wouldn't that require that HMP constantly run as a process in the background? I would prefer it for me just to be an on demand scanner. Anything they add I would like it to run as an option and if not selected nothing is running in the background.

 

+1

Deleting cookies every reboot can probably done easily through other programs or tweaks. Should the fabled upcoming v4 perhaps feature real-time protection, then it could be implemented, but it would be a waste to have something extra running in the background just to clean cookies imo.

 

i have a feeling they will add two av engines and i think one of them is Ikarus

 

Erik, can you check this out?


Name WPDShextAutoplay.exe
Location C:\WINDOWS\SysWOW64
Size 55.0 KB
Time 1151.8 days ago (2010-10-19 22:34:26)
Entropy 6.4
Product Intel(R) Management Engine Interface
Publisher Intel Corporation
Description Intel(R) Management Engine Interface
Version 7.0.0.1144
Copyright Copyright © 2006-2010, Intel Corporation. All rights reserved.
SHA-256 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC

Scoring (49.0)
The file is hidden from Windows API. This is typical for malware.
The file is completely hidden from view and most antivirus products. It may belong to a rootkit.
Program is impersonating a common Windows system file. This is typical for malware.
The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
The file is a device driver. Device drivers run as trusted (highly privileged) code.
The file is protected by Windows File Protection (WFP). This is typical for critical Windows system files.

Thanks.