HitManPro first timer

@ erikloman

Hi,

The ones i highlighted as FP's are NOT alleged false positives, but Actual FP's. Especially these. IceSword, RkU, SysProt, which as i'm sure you know are all genuine ARK's = Antirootkit detectors. As i said before, they are NOT new files by any means, so the vendors should have been aware of them for a long time, and NOT detect them as malicious.

Find_Dll is another genuine tool with a similar timeline etc.

rkstart & rkdemo & ioport.sys are 100% safe test ONLY Rootkits. They will NOT harm anyones comp, again with a similar timeline etc.

HideToolz can be used to stealth files, but on it's own does nothing. It would need someone who Wanted to use it, to actively use it to do that.

passxoverdesigner is a 100% safe audio design tool.

*

With the exception of HideToolz, all of the above files are used for good intentions = testing etc.

*

Can you please explain,

1 - When the scan had finished, i selected streamviewer.45132.exe to be deleted, so clicked NEXT, it was NOT ?

2 - Avira or Prevx are NOT detected on my comp by HMP ?

3 - The button to expand detections failed to appear on two items, passxoverdesigner & Find_Dll

4 - No options on those two items either.

 

DL'd this nasty with the extension already changed to prevent accidental running. Max++ downloader install_2010.ex_

Decided to try and run it as is, not expecting it to, but just to see what might happen. Avira detected it even with the .ex_



Disabled Avira etc and double clicked it, and to my surprise this happened which i wasn't expecting





I didn't know HMP could/would do that ! and i'm not aware of ANY other app that will. So to HMP for that very useful/unique feature.

Uploaded it to VS Scanner results (12/36) found malware!

 

@ erikloman

Are you on holiday, or ?

 

As a matter of fact I am

 

Lucky you don't forget to send us a nice postcard, have fun, and please reply to my posts the second you get back

 

HMP bug or ?

@ erikloman

Hi,

Reported this before



but got NO answer ? And even with the new version/updates, it's still falsely showing no AV.

PS, what news on the other matters i was asking about ?

 

Re: HMP bug or ?

I have experienced this before and I was told HMP gets the AV status from the Windows Security center.

 

Re: HMP bug or ?

@ Ibrad

Thanks

Windows Security center disabled here, so that explains it.

Still like to hear from erikloman about the other matters