Hitman Pro Support and Discussion Thread

Re: Anyone tried out Hitman Pro?

Did you reboot after uninstall?

 

Re: Anyone tried out Hitman Pro?

Good question. Im going to reboot just to be sure.

edit Yes after a reboot still shows it. I going to install Prevx and uinstall it again.

 

Re: Anyone tried out Hitman Pro?

ummm... rolarocka just curious....which scanning engine/scanner out of nod/prevx/a2 etc flags it btw? i would suspect it is prevx

 

Re: Anyone tried out Hitman Pro?

Its a file from prevx. Im just interested to know why its being flagged after prevx is uninstalled. It seems prevx doesnt uninstall it correctly or something else.

OK with Prevx installed (with reboot) pxsecure.dll is not detected.
with prevx uninstalled (with reboot) pxsecure.dll is detected.

 

Re: Anyone tried out Hitman Pro?

You are running Build 78 ?

 

Re: Anyone tried out Hitman Pro?

Interesting that the Prevx file is detected only when uninstalled.

 

Re: Anyone tried out Hitman Pro?

im guessing the driver or w/e the file is wasnt properly removed so Hitman Pro heur is picking it up as something suspicious (like a broken driver)

thats my guess at least.

 

Re: Anyone tried out Hitman Pro?

HMP 3.5.3. build 78 detects chkflsh.exe as malware using the Prevx engine, but I have Prevx 3 paid on the same system yet it scans clean. I am unable to report it as a FP on this scan, but I may have done it previously.

 

Re: Anyone tried out Hitman Pro?

Perhaps Prevx doesnt scan that specific folder during that fast scan prevx usually does.

 

Re: Anyone tried out Hitman Pro?

Yes latest.

 

Re: Anyone tried out Hitman Pro?

OR its an FP that was very RECENTLY corrected by prevx.

 

Re: Anyone tried out Hitman Pro?

Right-click scanning the folder/file w/ Prevx still comes up clean.

 

Re: Anyone tried out Hitman Pro?

Try re-scanning with HMP and see if still finds it; I believe there's a delay between Hitman and Prevx engines (and possibly others), something along the 30-minute mark.
I'm sure Erik will chime in and answer this better.

 

Re: Anyone tried out Hitman Pro?

I just scanned the folder again, and HMP is still flagging it as malware as per the above screen shot.

The interesting tidbit is that Prevx classifies the file as malware
http://spywarefiles.prevx.com/RRHCFA44540225/CHKFLSH.EXE.html

ChkFlsh checks your Flash Drives on Windows
http://www.makeuseof.com/tag/chkflsh-checks-your-flash-drives-on-windows/

 

Re: Anyone tried out Hitman Pro?

We have found a new variant of Alureon/TDSS that is in the wild.

Once infected, no AV can detect or remove this threat. We have tried Prevx, MSE, MSRT, MBAM and most 2010 suites (Norton, Kaspersky, NOD32). No one is able to detect it, let alone remove it.

Hitman Pro detects it using the alternate disks access mode but it cannot remove it. We are working on a solution that is included in the next release.

 

Re: Anyone tried out Hitman Pro?

o ok, wow, good to know.

 

Re: Anyone tried out Hitman Pro?

The FP for chkflsh.exe appears to be resolved.

erikloman, I wanted to take a moment and thank you for all of your efforts. Your forum contributions are also greatly appreciated.

 

Re: Anyone tried out Hitman Pro?

i wonder why erik hasnt been given Dev status on these forums yet it wuld make him more noticeable when he posts and more official looking when giving support.

 

Re: Anyone tried out Hitman Pro?

I agree Erik is a great example of how vendor support should be

 

Re: Anyone tried out Hitman Pro?

And also Joe from Prevx

TH

 

Re: Anyone tried out Hitman Pro?

The TDSS/Alureon rootkit I talked about a few posts back is TDL3 and is thoroughly described here.

From the article:
"Beside known features, this threats is exposed with a couple of impressive tricks which help it bypassing personal firewall and staying totally undetected by all AVs and ARKs at the moment."

This is currently one of the most advanced rootkits that is currently spreading (our Scan Cloud is receiving a lot of droppers).

The authors of this rootkit really know what they are doing as this is really professional stuff. For example, it has its own Encrypted File System that resides on the last sectors of the disk!

 

Re: Anyone tried out Hitman Pro?

sounds like some pretty nasty stuff.

 

Re: Anyone tried out Hitman Pro?

Seems that Matt is having trouble too:
http://remove-malware.com/malware/malware-warnings/nasty-new-rootkit-patches-atapi-sys/

 

Re: Anyone tried out Hitman Pro?

Where are you mostly seeing this ?