Jump to content
Sign in to follow this  
Followers 0
lmk43

FP Hitmanpro3

By lmk43, in File Detections

Recommended Posts

lmk43   

lmk43
Posted

Malwarebytes' Anti-Malware 1.25

Database version: 1062

Windows 6.0.6001 Service Pack 1

1:48:11 AM 8/19/2008

mbam-log-08-19-2008 (01-48-09).txt

Scan type: Quick Scan

Objects scanned: 1

Time elapsed: 1 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\Users\Krijger\downloads\hitmanpro3.exe (Trojan.Agent) -> No action taken.

post-2610-1219103493_thumb.jpg

post-2610-1219103493_thumb.jpg

Share this post

Link to post
Share on other sites

nosirrah   

nosirrah
Posted

Is the file still there ?

Dev mode only gives me encrypted def that hit that file , scan is the same .

You might need to upload the file somewhere and link to it . I think regular users can only upload 2 megs .

Without the file and/or a dev mode scan I cant do anything about this one .

Share this post

Link to post
Share on other sites

lmk43   

lmk43
Posted
Is the file still there ?

Dev mode only gives me encrypted def that hit that file , scan is the same .

You might need to upload the file somewhere and link to it . I think regular users can only upload 2 megs .

Without the file and/or a dev mode scan I cant do anything about this one .

Hitman Pro 3 is a Beta Version.I don`t know where i got it but it`s a legit one.

I uploaded the requested file

Virustotal report

---------------------------------------------------------------------------------------------------------------------------------

Antivirus Version Last Update Result

AhnLab-V3 2008.8.19.0 2008.08.18 -

AntiVir 7.8.1.19 2008.08.18 -

Authentium 5.1.0.4 2008.08.18 -

Avast 4.8.1195.0 2008.08.18 -

AVG 8.0.0.161 2008.08.18 -

BitDefender 7.2 2008.08.19 -

CAT-QuickHeal 9.50 2008.08.18 -

ClamAV 0.93.1 2008.08.18 -

DrWeb 4.44.0.09170 2008.08.18 -

eSafe 7.0.17.0 2008.08.18 Suspicious File

eTrust-Vet 31.6.6035 2008.08.15 -

Ewido 4.0 2008.08.18 -

F-Prot 4.4.4.56 2008.08.18 -

Fortinet 3.14.0.0 2008.08.18 -

GData 2.0.7306.1023 2008.08.19 -

Ikarus T3.1.1.34.0 2008.08.19 -

K7AntiVirus 7.10.420 2008.08.18 -

Kaspersky 7.0.0.125 2008.08.19 -

McAfee 5363 2008.08.18 -

Microsoft 1.3807 2008.08.19 -

NOD32v2 3366 2008.08.19 archive damaged

Norman 5.80.02 2008.08.18 -

Panda 9.0.0.4 2008.08.18 -

PCTools 4.4.2.0 2008.08.18 -

Prevx1 V2 2008.08.19 -

Rising 20.58.02.00 2008.08.18 -

Sophos 4.32.0 2008.08.18 -

Sunbelt 3.1.1546.1 2008.08.15 -

Symantec 10 2008.08.19 -

TheHacker 6.3.0.5.054 2008.08.19 -

TrendMicro 8.700.0.1004 2008.08.18 -

VBA32 3.12.8.3 2008.08.18 -

ViRobot 2008.8.18.1339 2008.08.18 -

VirusBuster 4.5.11.0 2008.08.18 -

Webwasher-Gateway 6.6.2 2008.08.18 -

Additional information

File size: 3639008 bytes

MD5...: b937dc9c2ead89cb2bdbd10258613426

SHA1..: e50ff3b45f2dfd53a22af6d5b34fc4bd634c60bc

SHA256: 390e9c630aade4d4a1757caefd5df2b053e27836ba303e014ebd327cc3f18679

SHA512: 8b4ad4660a02adcf16218680703ae02e52b4191571682ad332f8e6f60f76cf37

5bf81afc6ea6cdf916afec0fb0129692ed76cf3368ddda10f36d456b06a8878d

PEiD..: -

PEInfo: PE Structure information

( base data )

entrypointaddress.: 0x4c2ce0

timedatestamp.....: 0x4850e379 (Thu Jun 12 08:51:05 2008)

machinetype.......: 0x14c (I386)

( 3 sections )

name viradd virsiz rawdsiz ntrpy md5

UPX0 0x1000 0x8a000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e

UPX1 0x8b000 0x38000 0x38000 7.93 d53a53cd782e0ab2add5e2180d9dcd30

.rsrc 0xc3000 0x31000 0x30800 5.09 8c4376ec775fa6e902e918879642db6c

( 13 imports )

> KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, VirtualAlloc, VirtualFree, ExitProcess

> ADVAPI32.dll: RegCloseKey

> COMCTL32.dll: ImageList_Create

> comdlg32.dll: GetSaveFileNameW

> GDI32.dll: LineTo

> MPR.dll: WNetUseConnectionW

> ole32.dll: CoInitialize

> OLEAUT32.dll: -

> SHELL32.dll: DragFinish

> USER32.dll: GetDC

> VERSION.dll: VerQueryValueW

> WINMM.dll: timeGetTime

> WSOCK32.dll: -

( 0 exports )

packers (F-Prot): UPX

packers (Kaspersky): PE_Patch.UPX, UPX, PE_Patch.UPX, UPX, PE_Patch.UPX, UPX

Share this post

Link to post
Share on other sites

nosirrah   

nosirrah
Posted

Im trying to help here , I need one of these or there is nothing I can do for you :

dev mode scan

file

link to file

Now again , is the file still there ? If it is please run a dev mode scan again .

Share this post

Link to post
Share on other sites

lmk43   

lmk43
Posted
Im trying to help here , I need one of these or there is nothing I can do for you :

dev mode scan

file

link to file

Now again , is the file still there ? If it is please run a dev mode scan again .

I uploaded the file.I don`t know what happend to the uploaded file.???.I`ll do another dev scan for you.Dev scan fished and nothing found.I`ll try and attach the file again

Share this post

Link to post
Share on other sites

nosirrah   

nosirrah
Posted
Is the file still there ?

Dev mode only gives me encrypted def that hit that file , scan is the same .

You might need to upload the file somewhere and link to it . I think regular users can only upload 2 megs .

Without the file and/or a dev mode scan I cant do anything about this one .

I already said why , more than 2 megs .

Can I have a link to where I can download this ?

Can I have a dev mode scan ?

Can you upload to rapidshare (or the like) and send me a link to it ?

Share this post

Link to post
Share on other sites

nosirrah   

nosirrah
Posted

MMMMM , this file size seems way off , are you sure this is it ?

Ill check it out but this seems like it could be a different file .

Share this post

Link to post
Share on other sites

lmk43   

lmk43
Posted
Perfect , this should be resolved tonight or at the latest tomorow morning .

It`s the same file.But it`s a Beta so there could be some bugs in it.It`s a file with multiple antivirus and antispyware in one.

http://www.hitmanpro.nl/hitmanpro/content/view/3/9/lang,en/

Thanks anyway.I myself don`t use Hitman Pro.Most of my friends call it stuff man.

I think it`s a false possitive

But he.Who knows.Better safe than sorry.

Share this post

Link to post
Share on other sites

nosirrah   

nosirrah
Posted

OK , no detetion so this is not the file . The file size of this file does not match the one in the VT log you posted .

This is the third time Im asking this next question , please answer . Is that file still on your system ?

Is so I need you to run a dev mode scan and post the results no matter what they are .

To do a dev mode scan do the following :

Click start

Click run

Type in "mbam.exe /developer", without the ""

Everything from this point on will look like a regular scan , please post the log after the scan .

Share this post

Link to post
Share on other sites

lmk43   

lmk43
Posted

Yes.The file is still on my system.This is the result of the dev scan

Malwarebytes' Anti-Malware 1.25

Database version: 1062

Windows 6.0.6001 Service Pack 1

3:11:01 AM 8/19/2008

mbam-log-08-19-2008 (03-11-01).txt

Scan type: Quick Scan

Objects scanned: 36999

Time elapsed: 1 minute(s), 5 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Share this post

Link to post
Share on other sites

lmk43   

lmk43
Posted

This is the result if i only scan the hitmanpro3. exe file with a quick scan

Malwarebytes' Anti-Malware 1.25

Database version: 1062

Windows 6.0.6001 Service Pack 1

3:14:42 AM 8/19/2008

mbam-log-08-19-2008 (03-14-40).txt

Scan type: Quick Scan

Objects scanned: 1

Time elapsed: 1 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\Users\Krijger\downloads\hitmanpro3.exe (Trojan.Agent) -> No action taken.

Share this post

Link to post
Share on other sites

lmk43   

lmk43
Posted

I hope it`s not to big for my webmail .I`ll try.I`ll zipped in HitmanPro.zip

Share this post

Link to post
Share on other sites

lmk43   

lmk43
Posted
He got it. It will be fixed in the next update.

What was the problem.Was it a false positive???

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept