HitmanPro blocked F-secure file


HitmanPro 3.8.0. just gave me the following warning.

Are you aware of a problem with this file?



Malware _____________________________________________________________________

Size . . . . . . . : 1.011.680 bytes
Age . . . . . . . : 0.1 days (2019-02-01 08:52:14)
Entropy . . . . . : 7.3
SHA-256 . . . . . : 42DD96085BE703DB739F694F433BF03E9BFF07DDE81CA9659EB39F2A439524C7
Product . . . . . : AVOFFICE
Publisher . . . . : Avira Operations GmbH & Co. KG
Description . . . : Avira Engine Module for Windows
Version . . . . . :
LanguageID . . . . : 0
> Kaspersky . . . . : HEUR:Trojan.Win32.Generic
Fuzzy . . . . . . : 98.0


  • nanonyme
    nanonyme Posts: 145 Path Finder


    Running two antivirus programs on same machine is completely unsupported, they may well detect each other's virus databases as viruses preventing either from protecting you. 

  • bjm_
    bjm_ Posts: 11 Observer
    HitmanPro is on-demand second opinion scan tool. Not real-time. Not AV
  • nanonyme
    nanonyme Posts: 145 Path Finder


    The same applies for also on-demand scanning, it's not limited to real-time scanning. Databases and engines are quite likely to trigger false positive detections and removing those makes the antivirus software detect less things. 

  • Ukko
    Ukko Posts: 3,634 Superuser



    Sorry for my reply. I am only an F-Secure user (their home solutions).


    Just interesting:

    Does your experience still show that HitmanPro partner engine detects an F-secure file as 'potentially' malicious? Or it was one-time experience?


    Based on your log and item SHA-256 hash - this file has been corrupted(?). At least, digital code signing signature/cert were.

    Perhaps this is possible if the item was during writing/creation (temporary or even update); interrupted during update/create/write; broken item (temporary trouble).

    Otherwise, item is modified or tricked during certain stage. What is a little be strange for home use situation.

    And likely that troubles with signature verification was a reason for generic detection (HEUR:Trojan.Win32.Generic).


    Maybe if your experience is still about such a detection (or if the original item is still available) - possible to check it manually. What is state of file's digital signature?


    My own experience and "aeoffice.dll" are about valid situation probably (though, I check it with beta F-Secure SAFE solution). At least, the file is signed normally; and HitmanPro did not detect after a brief check.

    But as was suggested with other replies - detection of each other's signatures is most likely a probable situation. Although my own steps in this kind of situation with detection are attempts to contact F-Secure Labs:

    and the company that detects the item.



This discussion has been closed.
Pricing & Product Info