Scan results HMP

2025-12-09T00:07:11Z

Hello,

when i scan with hitman pro my system i get these results:

all those files belongs to /kaspersky Lab\SafeBrowser\Common\....

domain_actions.dll

Microsoft.CognitiveServices.Speech.core.dll

widevinecdm.dll

as a thread behavior " suspect "

virus total says

VirusTotal - File - 8d4d255fec537f9077482e735552f621e24025bb3cd26c54c8b29f705c0f54d1

VirusTotal - File - b6c062a2ed808b3065dfb4268ee5b6f3f5c7f549a4f0756371e76f81860e444f

VirusTotal - File - f8b4d90c107b8d5b8629e7b5e21d8435deb66fc120228e09349bbb1ff37039e3

when i delete these files it seems kasperky reinstalls them because on my second rig i dont have these scan results.

Scoring (36.0)
The file is completely hidden from view and most antivirus products. It may belong to a rootkit.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Program is running but currently exposes no human-computer interface (GUI).
Time indicates that the file appeared recently on this computer.
The file is in use by one or more active processes.

false positive maybe ?

any solution or information would be nice.

cheers

Edited 11 hours ago by scip
forgot something in topic

2025-12-09T08:31:03Z

8 часов назад, scip сказал:

" suspect "

It just reacts to the unusual path to these files and marks them as suspected. All these files are absolutely safe.

2025-12-09T08:33:45Z

The 1st 2 look They are Microsoft files, and the 3rd it's a file that comes with Google Chrome 🤔

Probably false positives of HMP.

2025-12-09T08:41:20Z

1 минуту назад, harlan4096 сказал:

Probably false positives of HMP.

Not probably, but 100%. It's just HitmanPro...🙂

2025-12-09T10:44:50Z

Thanks 4 replys

so i guess its false positive but why they are in the kaspersky folder even when they not belong to kaspersky ?

and why they reinstall even when i quarantine or delete ?

and my second rig doesnt have these false postives..?

best regards

2025-12-09T11:02:00Z

@scip This folder contains files necessary for the Protected browser (Safe money). When you start it, files and settings are transferred here from your regular browser(s). There are no detections in the second system, because these files simply don't exist, I guess.

Most likely, this is the Sophos engine, which often gives false detections, a lot of files seem "suspect" to it.

Edited 49 minutes ago by AlexeyK

2025-12-09T11:06:36Z

ok thx then i think we can close this topic i keep an eye on hmpa and mark this as false postive.

best regards

Scan results HMP

Recommended Posts

scip

AlexeyK

harlan4096

AlexeyK

scip

AlexeyK

scip

Please sign in to comment

Forum

Products

Support

Personal Account