HitmanPro Virus Scan Results - Windows
0 Votes |
Description
Results from the most recent scan by HitmanPro, the "Second Opinion Malware Scanner"
From: http://www.surfright.nl/en/hitmanpro
This Analysis requires the use of the Task found here: http://bigfix.me/fixlet/details/3721
The latest version of this Analysis can be found here: (link to bigfix.me URL to be added)
Known Issues:
- The XML Document inspector seems to have issue with HitmanPro results xml files that contain no item results in some cases. More testing is needed.
- False positives are likely. Please investigate throughly before over reacting or remediating results widely.
Property Details
2994641 | |
Alpha - Code that was just developed | |
HitmanPro Virus Scan Results - Windows | |
BESC | |
jgstew on 2/21/2014 10:23:50 AM | |
jgstew on 2/21/2014 10:23:50 AM | |
7003 Views / 10 Downloads | |
* Average over 0 ratings. ** Log In or Register to add your rating. |
Properties
Time of Last Scan
Period
12 hours
* Results in a true/false |
modification times of files ((pathname of folder "__BESData\__Global\Logs" of parent folder of client) & "\results_HitmanPro.xml")
ScanType
Period
12 hours
* Session Relevance |
unique values of node values of xpaths "/Log/@scan" of xml document of file "C:\Program Files (x86)\BigFix Enterprise\BES Client\__BESData\__Global\Logs\results_HitmanPro.xml"
# of results
Period
12 hours
* Session Relevance |
number of xpaths "/Log/Item" of xml document of file "C:\Program Files (x86)\BigFix Enterprise\BES Client\__BESData\__Global\Logs\results_HitmanPro.xml"
Result (type,count)
Period
12 hours
* Session Relevance |
(it, multiplicity of it) of unique values of node values of xpaths "/Log/Item/@type" of xml document of file "C:\Program Files (x86)\BigFix Enterprise\BES Client\__BESData\__Global\Logs\results_HitmanPro.xml"
Valid results file?
Period
2 days
* Results in a true/false |
exists xml documents of files ((pathname of folder "__BESData\__Global\Logs" of parent folder of client) & "\results_HitmanPro.xml")
Threat Score of worst result
Period
12 hours
* Session Relevance |
maximum of (it as integer) of preceding texts of lasts "." of unique values of node values of xpaths "/Log/Item/@score" of xml document of file "C:\Program Files (x86)\BigFix Enterprise\BES Client\__BESData\__Global\Logs\results_HitmanPro.xml"
FilePath of worst result
Period
2 days
* Session Relevance |
unique values of node values of xpaths "File/@path" of xpaths "/Log/Item" whose(((it as integer) of preceding text of last "." of node value of attribute "score" of it) = (maximum of (it as integer) of preceding texts of lasts "." of unique values of node values of attributes "score" of xpaths "/Log/Item" of xml document of file "C:\Program Files (x86)\BigFix Enterprise\BES Client\__BESData\__Global\Logs\results_HitmanPro.xml")) of xml document of file "C:\Program Files (x86)\BigFix Enterprise\BES Client\__BESData\__Global\Logs\results_HitmanPro.xml"
Size of ResultsFile
Period
12 hours
* Results in a true/false |
sum of sizes of files ((pathname of folder "__BESData\__Global\Logs" of parent folder of client) & "\results_HitmanPro.xml")
Relevance
Windows Only (Relevance 2997197)
/* Windows Only */ windows of operating system
/* Windows XP or Higher */ version of operating system >= "5.1"
Used in 1 analsis | * Results in a true/false |
/* Only relevant on machines with HitmanPro scan results */ exists file ((pathname of folder "__BESData\__Global\Logs" of parent folder of client) & "\results_HitmanPro.xml")
Sharing
Social Media: |
Comments
|
|
I'm not sure why many of these properties are being mistaken for Session Relevance. |