Hitman Pro Support and Discussion Thread

Looks like an FP - https://www.wilderssecurity.com/showthread.php?t=294831

 

Which engine is it detected by?

 

That information was not indicated. However, running a fresh HMP scan shows a similar detection for a DefenseWall file without indicating the engine that detected as being malware. A glitch in HMP?

 

Click the arrow to the left of the file name. The engine(s) should then be listed.

 

LOL...How did I forget that?

 

I don't know if this has been mentioned before, but Hitman Pro (Prevx's engine-what a surprise!) detects Sumatra Pdf as a malware for a long time now. Not the normal installer but the portable .exe that i use. Virus Total results are 2/43 (Panda is the other one), CAMAS and ThreatExpert say the file is clean but Anubis' results aren't that encouraging , though i don't know how to read them really. Should i start worrying?

 

Some portable apps are detected because the way they are compiled are similar to some malware. In your case, it's a false positive. You should report it to SurfRight.

 

Hey shadek, thanks for your answer. I know it's a fp but it's been there for months. Do i need to report it? I thought that that's what this thread was for

 

False Positive



FbinstTool is NOT a virus, it's a very handy program to create bootable usb sticks. -http://www.burgloader.com/bbs/index.php?topic=131.0

 

False Positive MediaMonkey

File name:
unins000.exe
Submission date:
2011-03-14 13:51:26 (UTC)
Current status:
finished
Result:
0/ 42 (0.0%)

~ VirusTotal Results URL Removed per Policy ~

~ NoVirusThanks Results URL Removed per Policy ~

 

We, SurfRight, the Dutch team behind Hitman Pro, have been working the last half-year on new revolutionary technology. We have developed a high performance proxy server with a special cloud interaction component, to be used on low-resource hardware, such as consumer routers. The goal: create protection for all connected devices in a (home) network, built inside the router – i.e. the user does not need to install any software to be protected.

Sitecom is the first router manufacturer we teamed up with to integrate our technology on their new Gigabit routers (even though our tech is designed to work on older entry devices as well). Our software in the router runs on embedded Linux and we optimized it to make efficient and optimal use of the available resources, in terms of memory and processing power.

More here: https://www.wilderssecurity.com/showpost.php?p=1844815&postcount=3

A nice movie which explains how it works (currently only in Dutch): http://www.youtube.com/watch?v=Wk5eDlYJ9uI

 

Hi Mark, congrats on this new SurfRight tech.
Looks very promising.
Will your company offer this product towards hardware/router manufacturers only or are you also planning to sell it directly to Dutch ISP's (in a later stage)?
A 'KPN Cloud Security' version could change the malware landscape in NL.

And about the linked post, it mentions that the Cloud Security model will also 'block malicious binaries, drive-by downloads, malicious websites, phishing pages and (as an extra) unwanted web advertisements'.
What list (or lists) are you guys going to use for web ad blocking if I may ask? Homemade or other source?

(For all non-dutchies, KPN is the biggest ISP here)

 

We have been working on Hitman Pro 3.5 and have released a beta of build 120:

http://dl.surfright.nl/HitmanPro35beta.exe
http://dl.surfright.nl/HitmanPro35beta_x64.exe

Changes:

• Improved Behavioral Scan engine.

Due to the nature of this update, we would like to ask you all to test this build and notify us any irregularities, like false positives. Thanks!

 

Seems to work okay, noticed no irregularities or FP's.(x64)

 

Sorry if this has already been asked, but there is a means of Hitman Pro check every time I start Windows?

 

the beta is slower 2minutes 18seconds compared to 1minute 26seconds with the current released version. no false positives were detected.

 

Is it consistently slower? I mean, what if you run it twice. Is the time then still 2m 18s?

 

every time I run both I get a different time. My internet affecting times of both so the beta is working fine here.
on one of the test runs the stable version had a time of nearly 4minutes and the beta had the shortest time of 1.39

im pleased to see frequent updates of a fantastic product keep up the good work.
i cant wait to see the router technology to be incorporated in to routers in the United kingdom.

 

That's easy, click "Settings" and check under "Scan at startup".

 

Downloaded and ran 120. No problems to report.

 

Thank you markloman for this new beta. The only slight difference I found was
a "suspicious-ignore" detection for FSViewerSetup43.exe (Faststone ImageViewer) which I clicked to report as safe.

 

1. The file has a high entropy (either packed or encrypted)
2. The file has no version or publisher information
3. The file requires administrative privileges
4. The cloud does not know the file

Therefore the file is shown suspicious (default action Ignore).

This is one of the changes we've made in the behavioral scan. Please let me know what you guys think of this change. Some setups might get flagged as suspicious.

 

Tried the 64-bit BETA, everything went fine. It is performing a little slower than previous versions.

 

Thank you erikloman for the clear explanation. Seems to me that if software devs can't present product with credentials rightly expected, then afterwards
they shouldn't "cry" over "FPs", thanks, Dermot.

 

Ran b120 in EWS mode: no issues or FPs whatsoever. Ran like a champ.