Hitman Pro Support and Discussion Thread

Discussion in 'other anti-malware software' started by yashau, Mar 20, 2009.

  1. Romagnolo1973

    Romagnolo1973 Registered Member

    Joined:
    Feb 17, 2009
    Posts:
    565
    Location:
    Italy - Ravenna
    Same for me, it was working on Win10 till today that i face the same isse, it stay 99% forever analyzing a sysWOW64 dll (not always the same)
     
  2. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    6,854
    ..... and radio silence from Erikloman & Markloman. :thumbd:
     
  3. Romagnolo1973

    Romagnolo1973 Registered Member

    Joined:
    Feb 17, 2009
    Posts:
    565
    Location:
    Italy - Ravenna
    probably they are in vacation here in Italy ... sun, beach and disco :D
     
  4. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    I've sent you a PM. Sorry for the delay.
     
  5. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    This happened in my vacation. There has been a hick-up in the cloud. The issue was addressed by my colleagues. Thank you for posting :thumb:
     
  6. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    These entries are shown during EWS only. I've whitelisted these in the cloud.
     
  7. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    It is highly recommended to let HitmanPro scan with enough rights (administrator rights). Running with less rights affects detection and cleaning capabilities.
     
  8. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,360
    Location:
    Among the gum trees
    @erikloman , I'm seeing this on manually initiated scans too. Scheduled scans appear to complete as normal.
     
  9. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    1,511
    I understand that removal may need admin rights, but I'm only interested in the scan results. Under what circumstances would scanning need admin? If it did, would that not result in an error during the scanning process?
     
    Last edited: Aug 25, 2015
  10. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    HitmanPro uses a driver to scan the hard drive sector by sector. If you do not have administrator privileges it cannot install the driver (temporarily) and perform this deep scan to reveal rootkits.
     
  11. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    1,511
    If it can't install the driver (hitmanpro36.sys?), shouldn't I get an error? Can you suggest a test I could try where the scan would fail?
     
  12. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    HitmanPro will automatically scan the computer without the driver (= do not bother user).
     
  13. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    1,511
    That's good to know and somewhat disappointing, but I guess it's better than no scan at all. Would be nice if HMP did not have this restriction for doing a full scan as compared with other AV/Malware scanners. BTW, I sent you an e-mail regarding the other HMP problem I'm having with Win8.
     
  14. SeaTea

    SeaTea Registered Member

    Joined:
    Aug 10, 2015
    Posts:
    4
    @erikloman :
    Could you have a look at my earlier question ?
    I see the same report on svchost.exe after every scan.

     
  15. Andra

    Andra Registered Member

    Joined:
    Jul 17, 2015
    Posts:
    13
    http://i.imgur.com/F8IIxzF.jpg

    I was scanning today and it HitmanPro found this..

    Is this safe?

    I mean I have Windows Live Mail installed..

    Is it a false positive?
     
  16. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    HitmanPro 3.7.9 Build 245 BETA

    Changelog
    • Improved Windows 10 support
    • Updated embedded whitelists
    Download
    http://www.hitmanpro.com/beta

    Please let me know how this version runs on your computer :thumb:
     
  17. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    1,052
    No problems with build 245 beta (W10 64 bits).
     
  18. Mops21

    Mops21 Registered Member

    Joined:
    Oct 5, 2010
    Posts:
    2,412
    Location:
    Germany
    Hi Erik and Hi Mark

    Can you check the 2 Files and whitelisted the 2 Files please. I use the FP function into the Programm to submit the File to you

    With best Regards
    Mops21
     

    Attached Files:

  19. Mops21

    Mops21 Registered Member

    Joined:
    Oct 5, 2010
    Posts:
    2,412
    Location:
    Germany
    Thank you very much for your info

    With best Regards
    Mops21
     
  20. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,360
    Location:
    Among the gum trees
    Does the beta not replace the released version?

    Manual scan completed successfully without hanging.
     
    Last edited: Aug 28, 2015
  21. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,360
    Location:
    Among the gum trees
    @erikloman ,

    I think this is probably a false positive.

    Code:
    HitmanPro 3.7.9.242
    www.hitmanpro.com
    
      Computer name . . . . : DESKTOP-QOR0FRF
      Windows . . . . . . . : 6.3.0.9600.X64/4
      User name . . . . . . : DESKTOP-QOR0FRF\Dave
      UAC . . . . . . . . . : Enabled
      License . . . . . . . : Paid (312 days left)
    
      Scan date . . . . . . : 2015-08-28 12:00:17
      Scan mode . . . . . . : Quick
      Scan duration . . . . : 58s
      Disk access mode  . . : Direct disk access (SRB)
      Cloud . . . . . . . . : Internet
      Reboot  . . . . . . . : No
    
      Threats . . . . . . . : 0
      Traces  . . . . . . . : 2
    
      Objects scanned . . . : 4,668
      Files scanned . . . . : 4,668
      Remnants scanned  . . : 0 files / 0 keys
    
    Suspicious files ____________________________________________________________
    
      C:\Program Files\Windows Mail\WinMail.exe
      Size . . . . . . . : 416,256 bytes
      Age  . . . . . . . : 2.1 days (2015-08-26 09:22:29)
      Entropy  . . . . . : 6.8
      SHA-256  . . . . . : EF3C60E82304C24055B85A346A1B1A48EE04F953D253EF6B54317EB89B1A30E6
      Product  . . . . . : Microsoft® Windows® Operating System
      Publisher  . . . . : Microsoft Corporation
      Description  . . . : Windows Mail
      Version  . . . . . : 10.0.10240.16384
      Copyright  . . . . : © Microsoft Corporation. All rights reserved.
      Gossip . . . . . . : Windows Mail
      LanguageID . . . . : 1033
      Fuzzy  . . . . . . : 22.0
      Program is questioned on security related forums and websites. This is typical for malware.
      The hidden file attribute bit is set. This is not common to most programs.
      This file contains a Thread Local Storage (TLS) data directory. This is not common for most programs.
      Program starts automatically without user intervention.
      Time indicates that the file appeared recently on this computer.
      The file is protected by Windows File Protection (WFP). This is typical for critical Windows system files.
      Startup
      HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}\
    
    
    
    
     
  22. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Solved it. Thanks :thumb:
     
  23. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,360
    Location:
    Among the gum trees
    Mate, you and your team are awesome!

    Thanks for sorting it so quickly. :cool:
     
  24. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    6,854
    PM & another PM and once again PM ........ then radio silence.....
    and results? -> nothing!


    https://www.wilderssecurity.com/thre...iscussion-thread.236732/page-269#post-2515610

    .... and again =
    https://www.wilderssecurity.com/thre...iscussion-thread.236732/page-269#post-2516212

    .... and again =
    https://www.wilderssecurity.com/thre...iscussion-thread.236732/page-270#post-2519267

    .... and again =
    https://www.wilderssecurity.com/thre...iscussion-thread.236732/page-270#post-2519652

    .... and again =
    see the screenshot

    Seems that best solution is : Bye-bye HitmanPro..........
     

    Attached Files:

  25. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,436
    Location:
    Under a bushel ...
    After downloading 245 install file, and executing this I see the Beta 245 version - and it runs fine.
    However, when executing again from my normal shortcut(s) it reverts to 242 version - why is this? Does the beta not replace the stable version?
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.