Hitman Pro Support and Discussion Thread

Thanks and good to know!

Cheers,

Daniel

 

Question. Tonight I cleaned a computer for someone.I ran TDSSKiller, and it found 2 Windows.Patched rootkits or something like that. It removed them, and didn't find anything after another scan, nor did Malwarebytes, yet HitmanPro found 4 ZeroAccess rootkits. However, 3 of them were in $Recycler.RecycleBin or something like that. Another was in the Windows Installer folder, yet manually looking for the folder turned up nothing. So my question is are the rootkits there, or is HitmanPro just detecting the already-deleted files that are just waiting to be written over, or what?

 

ZeroAccess folders are derived from per-computer specific info. HitmanPro uses that exact same scheme to detect these folders and can therefor provide a much better cleanup.

Note that ZeroAccess is notoriously known for hiding stuff in the recyclebin:
https://nakedsecurity.sophos.com/20...lware-revisited-new-version-yet-more-devious/

Hope this helps.

 

I just got around to running the latest beta. No problems. This in another snapshot in which I don't have HMP.A...

Spoiler: screenshots

 

Well crud. Guess he'll have to get a license for HMP since neither TDSSKiller nor Norton's TDSS removal tool detected them.

 

Talking about TDSSKiller, I just scanned the with latest version a short time ago...and I changed the scan parameters within, so to verify file signatures, which I don't bother with, usually.

This time it came with [some] detections, because I did that change...but, all is good. I know what they are about, so no problem. Edit: one word was duplicated

Spoiler: screenhots

 

I can't make any sense of this one. Erik?

 

https://www.google.nl/search?q=softonic "hklm/software/classes/s"
The key is created by Softonic. HitmanPro detects and removes the key via its remnants scan.

 

Hi Erik and Hi Mark

Any Infos for my post 6318

With Best Regards
Mops21

 

You are aware that the EWS mode largely lists the files that arrived recently on the system? (it puts more weight on the a file's timestamp)
EWS is only needed if you suspect the computer to be infected.
It is highly unrecommended to continuously running in EWS. That is why you must be expert to know which files belong to Windows and which ones could be malware.

That said, I've whitelisted the files.

 

Hi Erik

Thank you very much for your informations

With Best Regards
Mops21

 

HitmanPro 3.7.9 Build 233 Released

Changelog

• IMPROVED: Detection and removal of new variant of Reveton ransomware.
• FIXED: Issue with the Internet Explorer cookie enumerator causing the scan to never finish.
• FIXED: Issue causing HitmanPro to stop working.

Existing users are automatically updated.

Please report any issues, if any. Thanks

 

Though automatic update is working fine,could you please update the download links with the latest build version?Thank you

 

My computer was just automatically updated to build 233, but it keeps crashing. Always at four seconds after the scan starts there is a Windows error "HitmanPro 3.7 stopped working" ("HitmanPro 3.7 werkt niet meer"). A computer restart does not solve the issue. The previous build worked perfectly.

I am using Vista Ultimate 64-bit.

 

No issues on Win7 Ult. (64)

 

Can you run HitmanPro from the command line:

C:\Program Files\HitmanPro\HitmanPro.exe /debug:full

And let it crash. Send me the dump erik@surfright.com via www.wetransfer.com

 

The dump is now being sent. You will receive it shortly.

 

I've found the issue (thanks to your dump ).

Build 234 is going out now as we speak. Sorry for the inconvenience.

 

I can confirm that the issue has been resolved in build 234. Thanks for fixing it this quickly!

 

Hi all

HitmanPro 3.7.9 Build 234 Released

FIXED: Problem introduced in build 233 causing HitmanPro to stop working.

http://www.surfright.nl/en/whatsnew

http://www.surfright.nl/en/downloads/

 

Wow, thank you so much for the notice. I wouldn't have guessed by erikloman's and pimjoosten's posts that there was a new version out.

 

Build 234 crashes when I download the hitmanpro.exe to desktop en run the file. When I put this file in
C:\Program Files\HitmanPro it runs without a problem (Vista 32 bits).

 

WERFBAE.tmp.mdmp sent by mail.

 

Uninstalled HitmanPro.Alert build 131 (conflict with Sandboxie and Vista 32 bits), restarted the computer and now HitmanPro build 234 works fine.

 

Hi erikloman

Many thanks to all the team at SurfRight.
Build 234 working with no problems here.

Take Care
TheQuest