What is this Hitman check? WinVerifyFileClassifier error 0x800b0100 2148073480

Question

I needed to exclude this program from 
 Exploit Mitigation And Activity Monitoring (Windows) 
 But still I see another log event in Hitman sophoshmpaservice.log 
 2025-02-05T10:36:51.316Z [ 1820: 2732] W [WinVerifyFileClassifier] GetFileEmbeddedSigned: WinVerifyTrust for path D:\xxx\bin\program.exe returned 0x800b0100 2025-02-05T10:36:51.340Z [ 1820: 2732] W [WinVerifyFileClassifier] Failed to get context for file D:\xxx\bin\program.exe with error code 2148073480 
 What kind of check is it? Looks like certificate checking for code signing. 
 Can I exclude that behavior on the exe?

MarkLoman · Accepted Answer

Thank you for sharing the log entry. Based on the details, this appears to be from Intercept X attempting to verify the code signing certificate of program.exe. While the verification failure is unusual (these checks typically succeed for standard programs), it a bit suspicious. 
 However, based on the details provided, I assume it is not triggering any actual protection events. Since there's no detection being generated, there wouldn't be anything to exclude in this case. I'm unclear about why an exclusion would be needed here. 
 If you're still experiencing issues, could you share more context about why you're looking to create an exclusion?

What is this Hitman check? WinVerifyFileClassifier error 0x800b0100 2148073480

Top Replies