Hitman Pro Support and Discussion Thread

Discussion in 'other anti-malware software' started by yashau, Mar 20, 2009.

  1. RonnyT

    RonnyT QA Engineer

    Joined:
    Aug 9, 2016
    Posts:
    365
    Location:
    Planet Earth
    This issue should be resolved now, if not please contact support@hitmanpro.com
     
  2. cyberlost24

    cyberlost24 Registered Member

    Joined:
    Mar 11, 2004
    Posts:
    133
    Thanks..That resolved it!!
     
  3. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    9,279
    Location:
    Among the gum trees
    Scheduled daily scan ran successfully on machine with Kaspersky so it looks like their false positive has been fixed.
     
  4. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    7,378
    Location:
    Hawaii
    New game show: Dueling AVs. :rolleyes:
     
  5. Mops21

    Mops21 Registered Member

    Joined:
    Oct 5, 2010
    Posts:
    2,392
    Location:
    Germany
    Hi all

    HitmanPro 3.8.22 Build 316 is available

    HitmanPro v3.8.22 build 316

    Changelog

    • Improved: Malware removal
    • Changed: PUA Engine
    • Fixed: Freezing during removal of complex PUA files
    Applications are now SHA-2 signed only, this will cause Vista users to see a UAC prompt to allow HMP to run on interactive or context menu scan, scheduled scan's run without prompt anyway.

    Download

    https://get.hitmanpro.com

    32-bit https://dl.surfright.nl/HitmanPro.exe
    64-bit https://dl.surfright.nl/HitmanPro_x64.exe

    https://www.hitmanpro.com/en-us/whatsnew.aspx

    https://www.hitmanpro.com/en-us/downloads.aspx

    With best Regards
    Mops21
     
    Last edited by a moderator: Apr 12, 2021
  6. ViVek

    ViVek Registered Member

    Joined:
    Aug 7, 2008
    Posts:
    575
    Location:
    Moon
  7. Mops21

    Mops21 Registered Member

    Joined:
    Oct 5, 2010
    Posts:
    2,392
    Location:
    Germany
  8. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,736
    Location:
    USA
    HitmanPro 3.8.22 Build 316 (64-bit) finds 8 suspicious files in AdGuard 7.6 upgrade

    C:\Program Files (x86)\Adguard\langs\AdGuard.CrashReporter.resources.de.dll
    Size . . . . . . . : 18,848 bytes
    Age . . . . . . . : -0.3 days (2021-04-21 15:24:08 )
    Entropy . . . . . : 6.7
    SHA-256 . . . . . : CA41A999BE9CB10EC039A364917CC0DE7CD6BB19EF5AAE7AB0D650CC2FDC3721
    RSA Key Size . . . : 2048
    Authenticode . . . : Invalid
    Fuzzy . . . . . . : 22.0
    Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
    Time indicates that the file appeared recently on this computer.
    Authors name is missing in version info. This is not common to most programs.
    Version control is missing. This file is probably created by an individual. This is not typical for most programs.
    The file appears to be part of an installation package or setup program. This is typical for most programs.

    Adguard\langs\AdGuard.CrashReporter.resources.fr.dll
    Adguard\langs\AdGuard.CrashReporter.resources.it.dll
    Adguard\langs\AdGuard.CrashReporter.resources.ja.dll
    Adguard\langs\AdGuard.CrashReporter.resources.ko.dll
    Adguard\langs\AdGuard.CrashReporter.resources.ru.dll
    Adguard\langs\AdGuard.CrashReporter.resources.zh-TW.dll
    Adguard\langs\AdGuard.CrashReporter.resources.zh.dll

    Edit: Upon rescan with HMP, no detections. VirusTotal showing only 1 vendor out of 68 flagging the file as malicious. Also Jotti showing 0/15 scanners report malware. Also, myMoon (QA person from AdGuard Team) says this is a false positive.
     
    Last edited: Apr 21, 2021
  9. RonnyT

    RonnyT QA Engineer

    Joined:
    Aug 9, 2016
    Posts:
    365
    Location:
    Planet Earth
    Well technically we didn't flag this as 'Malicious' so no, we didn't false positive on this, we flagged this file 'suspicious' for a set of rules, without knowledge of the file AND the file is unknown for the online scanner status.

    Below is the reason this file was found 'suspicious' the Digital Signature is broken, it recently appeared, and the file is lacking the normal fields that should be set by the vendor, Author, Version etc.
    That's the reason it showed up as 'Suspicious'.

    Authenticode . . . : Invalid
    Fuzzy . . . . . . : 22.0
    Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
    Time indicates that the file appeared recently on this computer.
    Authors name is missing in version info. This is not common to most programs.
    Version control is missing. This file is probably created by an individual. This is not typical for most programs.
    The file appears to be part of an installation package or setup program. This is typical for most programs.
     
  10. plat1098

    plat1098 Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    1,217
    Location:
    Brooklyn, NY
    Well, the "suspicious" entries are back b/c AdGuard updated again (v.7.6.1). Thanks for attention.
    hmpag.PNG
    Just closing the UI here, no biggie.
     
  11. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,736
    Location:
    USA
  12. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    2,223
    Location:
    Italy
    The update will not install in Windows XP:

    100.JPG
     
  13. RonnyT

    RonnyT QA Engineer

    Joined:
    Aug 9, 2016
    Posts:
    365
    Location:
    Planet Earth
  14. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    2,223
    Location:
    Italy
  15. plat1098

    plat1098 Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    1,217
    Location:
    Brooklyn, NY
    Oy, just updated to 19043.1023, guess the latest cumulative KB5003214 came with bad timing--it's the weekend! OK so there's like 700 new Windows items chugging thru the uploader. Guess I'll just have to wait it out. :)

    hmp2much.PNG

    Just finished: 6 minutes 7 seconds. Usually the scan takes 45-50 sec.
     
  16. plat1098

    plat1098 Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    1,217
    Location:
    Brooklyn, NY
    Just updated via the UI. Version is now: 3.8.23. Build is still 318. Would be nice to see a changelog somewhere.

    hmpnew.PNG
     
  17. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
  18. RonnyT

    RonnyT QA Engineer

    Joined:
    Aug 9, 2016
    Posts:
    365
    Location:
    Planet Earth
  19. jaypeecee

    jaypeecee Registered Member

    Joined:
    Aug 21, 2007
    Posts:
    161
    Location:
    UK
    Hi Folks,

    I'm running Hitman Pro v 3.8.23 Build 318 (64-bit) and it has flagged up the following:

    StateRepository-Machine.srd-shm
    C:\ProgramData\Microsoft\Windows\AppRepository\

    Suspicious

    Identified Threats: 0 (Traces: 2)

    Is anyone able to advise what action I should take - Delete, Quarantine or Ignore?

    TIA
     
  20. RonnyT

    RonnyT QA Engineer

    Joined:
    Aug 9, 2016
    Posts:
    365
    Location:
    Planet Earth
    Please run a new scan, chances are it no longer shows.
    The -shm files are temporary and it seems they where in different states during the scan (e.g. first available, later on gone) hence flagged as 'suspicious'
     
  21. RonnyT

    RonnyT QA Engineer

    Joined:
    Aug 9, 2016
    Posts:
    365
    Location:
    Planet Earth
    Hi all, we have a new beta which should have significant reduced scan time for (mostly) Win10 machines, can you do us a favor and run a compare scan for us and post the results?
    • Scan with stable build 318 first
    • Now scan with the portable 320 build.
    • Navigate to C:\ProgramData\HitmanPro\Logs
    • Sort by date newest first and open the top 2 logs
    • Please post the following details
      • Windows . . . . . . . :
      • Scan mode . . . . . . :
      • Scan duration . . . . :
      • Disk access mode . . :
      • Objects scanned . . . :
      • Files scanned . . . . :
      • Remnants scanned . . :
    • For both 318 and 320
    https://dl.surfright.nl/HitmanProBeta.exe
    https://dl.surfright.nl/HitmanProBeta_x64.exe
     
  22. deugniet

    deugniet Registered Member

    Joined:
    Nov 25, 2013
    Posts:
    1,024
    Here you go.

    HitmanPro 3.8.23.318
    Windows . . . . . . . : 10.0.0.19043.X64/4
    Scan mode . . . . . . : Normal
    Scan duration . . . . : 2m 57s
    Disk access mode . . : Direct disk access (SPTI)
    Objects scanned . . . : 3.113.262
    Files scanned . . . . : 101.040
    Remnants scanned . . : 725.833 files / 2.286.389 keys

    HitmanPro 3.8.24.320
    Windows . . . . . . . : 10.0.0.19043.X64/4
    Scan mode . . . . . . : Normal
    Scan duration . . . . : 1m 50s
    Disk access mode . . : Direct disk access (SRB)
    Objects scanned . . . : 3.003.827
    Files scanned . . . . : 101.264
    Remnants scanned . . : 725.854 files / 2.176.709 keys
     
  23. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    1,109
    318:
    Code:
       Windows . . . . . . . : 10.0.0.19043.X64/2
       Scan mode . . . . . . : Normal
       Scan duration . . . . : 2m 52s
       Disk access mode  . . : Direct disk access (SRB)
       Objects scanned . . . : 2.509.272
       Files scanned . . . . : 61.668
       Remnants scanned  . . : 725.552 files / 1.722.052 keys
    
    320:
    Code:
       Windows . . . . . . . : 10.0.0.19043.X64/2
       Scan mode . . . . . . : Normal
       Scan duration . . . . : 1m 55s
       Disk access mode  . . : Direct disk access (SRB)
       Objects scanned . . . : 2.509.392
       Files scanned . . . . : 61.703
       Remnants scanned  . . : 725.590 files / 1.722.099 keys
    
    Impressive!
     
  24. plat1098

    plat1098 Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    1,217
    Location:
    Brooklyn, NY
    Not much on here so it's all relative. But a def. decrease in scan time. :) Windows 11 22000.194.

    hmprel10721.png
    hmp beta 10721.png
     
  25. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,977
    HitmanPro 3.8.23.318

    Windows . . . . . . . : 10.0.0.19043.X64/2
    Scan mode . . . . . . : Normal
    Scan duration . . . . : 3m 28s
    Disk access mode . . : Direct disk access (SRB)
    Objects scanned . . . : 2,782,227
    Files scanned . . . . : 33,045
    Remnants scanned . . : 536,862 files / 2,212,320 keys

    HitmanPro 3.8.24.320

    Windows . . . . . . . : 10.0.0.19043.X64/2
    Scan mode . . . . . . : Normal
    Scan duration . . . . : 2m 30s
    Disk access mode . . : Direct disk access (SRB)
    Objects scanned . . . : 2,782,118
    Files scanned . . . . : 33,031
    Remnants scanned . . : 536,847 files / 2,212,240 keys

    Edit>>>

    P.S. A bonus ;) ...I thought I would just look at my Process Lasso logs for details:

    HMP Test scans_Process Lasso log details for both scans_01.JPG
     
    Last edited: Oct 7, 2021
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.