Hitman Pro Support and Discussion Thread

Discussion in 'other anti-malware software' started by yashau, Mar 20, 2009.

  1. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Last edited: Oct 2, 2015
  2. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    3,799
    Location:
    Under a bushel ...
    No problem on Win 8.1 Pro 64-bit.
    HMP always flags
    C:\Windows\SysWOW64\drivers\DrvAgent64.sys and
    HKLM\SYSTEM\ControlSet002\services DrvAgent64\
    Are these malicious or FPs?
     
  3. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,749
    Location:
    EU
    No problems on Windows10 Pro 64-bit, no FP's
     
  4. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,321
    Location:
    AmstelodamUM
    No problems on Win10 Home-64.
    Also running EMET 5.1 default settings & MBAM Pro.
     
  5. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,388
    Location:
    .
    Um, does beta run with same key as non beta.
    May I over install beta onto non beta...?
    asked before and I forgot reply :(
     
  6. SIR****TMG

    SIR****TMG Registered Member

    Joined:
    May 31, 2004
    Posts:
    831
    Windows 7 Pro 64-bit. no problems
     
  7. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Yes, they use same key. You cant install a beta though, just run a scan.
     
  8. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,388
    Location:
    .
    Oh, okay. Build 247 5m43s No threats
     
    Last edited: Oct 3, 2015
  9. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,740
    Erik,

    From the recent remote session that we had for HMPA, I showed you some screenshots, and you observed that HMP scans were taking too long....I have always had several snapshots on my computer, and it seems that HMP scans all of the snapshots during it's scan. Something has obviously changed with the way scanning goes, and obviously not for the better on my system.

    ScreenShot_HMP_v3.7.10 Build 247 beta_01.gif ScreenShot_HMP_v3.7.10 Build 247 beta_04.gif
     
  10. L10090

    L10090 Registered Member

    Joined:
    Feb 13, 2015
    Posts:
    300
    Location:
    Netherlands
    W7-x64 Professional, HMP 3 build 247 beta, HMPA 3.1 build 318 beta.
    So far everything is running smooth, no issues, no FP!
     
  11. malware1

    malware1 Registered Member

    Joined:
    May 26, 2014
    Posts:
    133
    @erikloman
    Look at my PM if you can please. Or at least confirm that you got it.
    Sorry for bothering.
     
  12. malware1

    malware1 Registered Member

    Joined:
    May 26, 2014
    Posts:
    133
  13. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    HitmanPro 3.7.10 Build 248 BETA

    New in this build is support for ad related tracking cookies for Microsoft Edge.
    In addition we've fixed the tracking cookie scan for Microsoft Internet Explorer.

    TrackingCookie.png

    Changelog
    • ADDED: Detection and removal of 'Ads by LaSuperba' malware.
      See here for example: https://twitter.com/erikloman/status/649967142121701377
    • ADDED: Detection and repair of patched dnsapi.dll (both 32-bit and 64-bit)
    • ADDED: Command line switch /diskmode=compatible|direct.
    • ADDED: Tracking Cookie scan for Microsoft Edge.
    • FIXED: Tracking Cookie scan for Internet Explorer.
    • IMPROVED: Improved Windows 10 compatibility.
    • IMPROVED: Remnant scan.
    • IMPROVED: Cloud lookup performance.
    Note: Items in bold are new compared to beta build 247.

    Download
    http://dl.surfright.nl/hitmanprobeta.exe
    http://dl.surfright.nl/hitmanprobeta_x64.exe

    Please let me know how this version runs on your computer :thumb:
     
    Last edited: Oct 5, 2015
  14. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    816
    No problems with build 248 beta.

    (W10 build 10240 64 bits/Norton Security with Backup v22.5.2.15)
     
  15. LagerX

    LagerX Registered Member

    Joined:
    Apr 16, 2008
    Posts:
    565
    Ran fast and fine :) W8.1 X64
    Could you guys whitelist Punkbuster files? These are flagged as suspicious.
    BC9AD4A4269A02E7C1C13C56726E15D9F59EA2DA69E918914B6086B69FFF601F
    BC9AD4A4269A02E7C1C13C56726E15D9F59EA2DA69E918914B6086B69FFF601F
    EEB39F76DEF39916C8480199163120B6042ABE6C585D7BEC55E53BEABE002D47
    194A24AD44B9266174BF3DA9378AC727FB645C5177FB879CC85F66A62614C257
    Thanks!
     
  16. erikloman

    erikloman Developer

    Joined:
    Jun 4, 2009
    Posts:
    3,152
    Location:
    Hengelo, The Netherlands
    Try scanning again. I made a change in the cloud.
     
  17. SIR****TMG

    SIR****TMG Registered Member

    Joined:
    May 31, 2004
    Posts:
    831
    Windows 7 Pro 64-bit. no problems
     
  18. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,388
    Location:
    .
    Build 248 = 6m28s then 5m23s :) No threats.
    W8.1 x64
     
  19. LagerX

    LagerX Registered Member

    Joined:
    Apr 16, 2008
    Posts:
    565
    Thanks, fixed! :)
     
  20. L10090

    L10090 Registered Member

    Joined:
    Feb 13, 2015
    Posts:
    300
    Location:
    Netherlands
    HMP build 248 Beta runs fine with HMPA build 318 and W7-x64 Professional.
    HMP build 248 scan found 9 tracking cookies not reported by build 247!
     
  21. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,749
    Location:
    EU
    No issues with Win10 Pro (64)
     
  22. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,286
    Location:
    Outer space
    Feature request:
    Let EWS scan show non-standard Root certificates.
     
  23. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    816
    False positive? Build 248 beta/W10 build 10240.

    Suspicious files ____________________________________________________________

    C:\ProgramData\Microsoft\Windows\AppRepository\StateRepository-Machine.srd-shm
    Size . . . . . . . : 32.768 bytes
    Age . . . . . . . : 26.1 days (2015-09-10 12:18:50)
    Entropy . . . . . : 6.2
    SHA-256 . . . . . : A482BAA7ADDC525DEA1A1EC46EF619F66CA3F02B87162BE2B99E181088C2A7C3
    Fuzzy . . . . . . : 56.0
    The file is hidden from Windows API. This is typical for malware.
    The file is completely hidden from view and most antivirus products. It may belong to a rootkit.
    The file name extension of this program is not common.
    Program is running but currently exposes no human-computer interface (GUI).
    Authors name is missing in version info. This is not common to most programs.
    Version control is missing. This file is probably created by an individual. This is not typical for most programs.
    The file is in use by one or more active processes.
    The file is a device driver. Device drivers run as trusted (highly privileged) code.
    Forensic Cluster
    -1.2s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\d2abe790c186609ce700d6af614dbda9_a3d6c6f9-8be7-4367-b352-d22eca12c24f
    -0.1s C:\ProgramData\Microsoft\Windows\AppRepository\StateRepository-Machine.srd-wal
    0.0s C:\ProgramData\Microsoft\Windows\AppRepository\StateRepository-Machine.srd-shm
     
  24. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,265
    Location:
    USA
    248 Beta working good here.
     
  25. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    816
    More false positives? Build 248 beta/Vista 32 bits.
     

    Attached Files:

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.