F-secure blocks HitmanPro updute

Paulus1979
Paulus1979 Posts: 7 Explorer

Since a few days I can't updat HitmanPro (payed version) because F-secure blocks the automatic install of the hitmanpro.exe in ...\appdata\local\temp

Anybody experienced the same problem and does anybody know why F-secure blocks it (never had a problem with the automatic update before)

Comments

  • Ukko
    Ukko Posts: 3,727 Superuser

    Hello,

     

    Sorry for my reply. I'm only F-Secure user (their home solutions).

     

    Does it means that F-Secure show certain prompt or notification about event?

    Or how it was visible that installation is blocked for hitmanpro.exe in 'temp'-folder?

     

    I am able to think that maybe it is detection based on 'rare'-reason. Maybe if there is freshly release update and binary is not known for F-Secure -> it will trigger potential detection that 'suspicious' rare application is detected. Or there is not visible any F-Secure prompts about block-action?

     

    Thanks!

  • Paulus1979
    Paulus1979 Posts: 7 Explorer

    F-secure gives the message (also vissible in the F-secure log file) that the application hitmanpro.exe is blocked because it would be a "schadelijke" (dutch for harmfull) application.

     

  • Ukko
    Ukko Posts: 3,727 Superuser

    @Paulus1979 wrote:

    F-secure gives the message (also vissible in the F-secure log file) that the application hitmanpro.exe is blocked because it would be a "schadelijke" (dutch for harmfull) application.

     


    Hello,

     

    So, maybe there are some of potential steps:

     

    -> For example, it is possible to try upload this executable to F-Secure LABS:

    https://www.f-secure.com/en/web/labs_global/submit-a-sample#sample-file

    Possible to provide additional information and receive response about investigation;

     

    -> With my own experience - if application is detected (by DeepGuard module) as "rare"-application at first. And then if there is another try to launch this application -> it will be marked as 'harmful'-application.

    ALSO, maybe title should be with "schadelijke"-words - but does it possible to expand title and see if there is details (where visible "Reason: ___" and "Destination: ____"). Or with Quarantine (Main UI -> Tools tab -> Quarantine button).

    If it was detection by Real-time scanning. Maybe good to know "detection"-name (with noted steps like expand details).

     

    -> I tried to download only fresh binaries (64bit) for HitmanPro Scanner and it was possible to launch.

    Also, visible that HitmanPro is switched to Sophos look. So, maybe some of internal changes with certain build was a reason for F-Secure detection.

     

    Thanks!

  • Paulus1979
    Paulus1979 Posts: 7 Explorer

    I just uploaded the file.

    The only extra information I can see (using tools / blocked) is that it is marked as malware.

     

     

  • Ukko
    Ukko Posts: 3,727 Superuser

    @Paulus1979 wrote:

    I just uploaded the file.

    The only extra information I can see (using tools / blocked) is that it is marked as malware.


    Maybe it means that detection is created by DeepGuard. Possible to suspect that it is false positive.

    But just as small discussion: what version of HitmanPro is installed currently (it is autoupdate to ?!). And does automatic updates with paid HitmanPro is usual situation (or not so often?!).

     

    Thanks!

  • Paulus1979
    Paulus1979 Posts: 7 Explorer

    Indeed I think that DeepGuard is preventing the update.

    I use Hitman Pro 3.7.20 Build 286 (64-bit)

     

    I have no idea how often it is updated, but I think it is not on a daily or weekly base.

    I use Hitman Pro for some years now and I'm sure I received updates before but I can't remember them giving any problems before with F-secure.

This discussion has been closed.
Feedback on New Design