Hitman Pro Support and Discussion Thread

Discussion in 'other anti-malware software' started by yashau, Mar 20, 2009.

  1. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    We are experiencing some lag on the backend. We are working on it. Sorry for the inconvenience.
     
  2. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,247
    Thank you, I was so worried this problem was with my Windows, but thank goodness it it not.
     
  3. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    It should be normal now. Can you verify?
     
  4. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    1,071
    Normal now.
     
  5. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Thanks :thumb:
     
  6. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,247
    I can't verify this in my case, whenever it starts to scan malware remnants it takes too much time to scan it all.
    So. basically, first it scans files, than when it finishes it scans malware remnants, but for some reason every time it scans system volume information (malware remnants) the scan significantly slows down-sorry, but I just can't wait for scanning for so long!

    What I'm trying to say is that it does finish scanning files and folders very fast, but, after that when it starts to scan malware remnants and when it starts to scan malware remnants in system volume information (RP9), the scan itself drastically slows down-I can't really say what could be the reason if exactly 2 days scans were normally, extremely fast with malware remnants and with system volume information (RP9) as well.
     
    Last edited: Feb 27, 2015
  7. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Is you System Volume FAT32 or NTFS?
    You can disable the remnant scan under Settings.
     
  8. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,247
    Eriklo, I'm a bit shamed, how do you see this if it's my system fat32 or ntfs?
     
  9. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    FATorNTFS.png
     
  10. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,247
    All right, Erikloman, big thanks for your help, I can now see that my system volume is NTFS!
     
  11. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Strange. Can't explain why the scan is slow. PM if you want me to have a remote look at the possible cause of the slowdown.
     
  12. Aquila

    Aquila Registered Member

    Joined:
    Feb 19, 2015
    Posts:
    5
    Two issues found with HMP 3.7.9 build 238 on running scan on my Windows XP, IE8 and Chrome 40
    1 Choppy sound and lagging video on playing Adobe Flash Player version 16,0,0,305 during scan.
    2 Chrome totally crashed after finishing deletion of some tracing cookies and on exit.
    No details of the crash was made on the XP event viewer.
     
  13. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    I posted about this on another thread. I think this may be a false positive. It's possible I have an extension writing this file, but nothing detects it as ASK other than HMP.

    VT hash is 0d055ba6095b1437a49e2f977c82d639e0337cb8395f84dcb9107a4993b9ae96
    Comes up clean. Also have run 4 other on-demand full scans that came up clean. The machine is well protected, behind multiple security layers. So if this is dirty, then it's an inside job.

    The file is very small, 50k, and I can provide that if necessary, the data is in SQLite 3. If it is not a FP, I would like to find out where it is coming from, and expose the source. The last time I found something like this it was generated by PasswordBox Password Manager. This file re-appears everyday even with HMP deleting it.

    The most worrying thing I can find in the file is;

    fpathC:\fakepath\Web Datac:\fakepath\web dataTó9FTó9F
     

    Attached Files:

  14. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    More information on this;

    1) It comes back each time Chrome is launched.
    2) Disabled Extensions, it comes back.
    3) Reset Chrome it comes back.
    4) Uninstalled Chrome w/Revo, manually removed directory. Reinstalled Chrome from scratch and it comes back.
    5) Checked CLEAN server, just setup a few days ago, same file is there.
    6) Checked a test machine here with Windows 10 Preview installed 8 hours ago, and nothing else but Chrome on it - same file exists.

    I think given all of that we can pretty much be assured this is a false positive, right?

    To satiate my OCD, I performed the following;

    1) Started up my work notebook at home, same file exists. This notepad has never connected to my home network, and sits behind 500K worth of security appliances/scanners.
    2) VPN'd into a work system in the lab, same file exists.

    Now what? Either there is some gross compromise I am missing or a FP. Given it appears on a brand new Windows 10 Preview machine when Google Chrome is installed, I think that's a pretty good indicator? I am tempted to create a VM with a fresh Windows 8, and see what happens, but I do not want to devote too much time to this. I've caught some very embedded malware in the past so I tend to explore until I am sure. For example I caught a transparent proxy tagged onto Chrome a few months ago that was plaguing someone and it evaded all scanners.
     
    Last edited: Mar 1, 2015
  15. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    Further data;

    If I go to that directory, and create the following files;

    Web Data
    Web Data-journal

    Create them as text files in the same directory, set them to hidden+read only, then try to launch Chrome I get the error on the attached picture. So these appear to be integrated within Chrome, and any method to stop them breaks Chrome functionality itself. (even on a clean box)
     

    Attached Files:

  16. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Try AdwCleaner. It will pick it up as well.
     
  17. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    So it's a false positive then? I've duplicated this on 11 machines already, including a freshly installed Windows 10 one, and also within a VM with a fresh Win 8.1.
     
  18. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    5,755
    Location:
    DC Metro Area
    Hello :)

    I am curious about one thing about HitMan Pro.

    I use CC Cleaner. As you must know, CC Cleaner allows the user to "protect" from being deleted by CC Cleaner certain cookies he/she desires that they remain on his/her system.

    If by accident, oversight, or for some other stupid reason I placed a tracking cooking in CC Cleaner's protected cookie status, would HitMan Pro still be able to detect that tracking cookie? I suspect not, but would like a definitive answer please.
     
  19. SLE

    SLE Registered Member

    Joined:
    Jun 30, 2011
    Posts:
    361
    Of course HMP can detect and deletet those. No other program cares for CCleaners exlusion list (which is just a textfile for CCleaner).
     
  20. Charles85

    Charles85 Registered Member

    Joined:
    Mar 2, 2015
    Posts:
    2
    I ran HitmanPro and it detected three questionable .exe files. There was nothing wrong with these programs. I used the quarantine option and it caused a lot of problems for my operating system. Does anyone know how to undo this quarantine process?
    I tried calling a support number, but it was not a working number.
     
  21. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Start HitmanPro, goto Settings, click History.

    Did you perform an EWS scan?
     
  22. Charles85

    Charles85 Registered Member

    Joined:
    Mar 2, 2015
    Posts:
    2
    Your directions worked just fine. Thank you for good advice. I had searched for an answer many places and nothing described my problem or how to undo my mistake.
     
  23. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,247
    Erikloman, I have to report, that my problems are solved regarding HitmanPro slow scans, I reinstalled everything from scratch/ground zero updated to service pack 3 latest, and HitmanPro even with malware remnants scan scans everything in details below 90 seconds.
     
  24. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Wonderful to hear! Thanks for letting us know.
     
  25. bluze55

    bluze55 Registered Member

    Joined:
    Jan 1, 2013
    Posts:
    2
    Location:
    United States
    Hello, I did a scan of my computer this morning, and HMP identified this file from Zoner Photo Studio 17 as a trojan: ZPS14_Update_Build100.exe, per Kaspersky . . . . : HEUR:Trojan-Downloader.Win32.Generic
    HMP2.jpg

    I was interested in knowing if this a false positive or really a threat.

    I am running Windows 7 64 Home Premium
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.