HitmanPro Virus Scan Results - Windows
Log In or Register to download the BES file, and more.

0 Votes

Description

Results from the most recent scan by HitmanPro, the "Second Opinion Malware Scanner"

From: http://www.surfright.nl/en/hitmanpro

This Analysis requires the use of the Task found here:  http://bigfix.me/fixlet/details/3721

The latest version of this Analysis can be found here:    (link to bigfix.me URL to be added)

 

Known Issues:

  • The XML Document inspector seems to have issue with HitmanPro results xml files that contain no item results in some cases. More testing is needed.
  • False positives are likely. Please investigate throughly before over reacting or remediating results widely.

Property Details

ID2994641
StatusAlpha - Code that was just developed
TitleHitmanPro Virus Scan Results - Windows
DomainBESC
Added by on 2/21/2014 10:23:50 AM
Last Modified by on 2/21/2014 10:23:50 AM
Counters 7003 Views / 10 Downloads
User Rating 1 star 2 star 3 star 4 star 5 star * Average over 0 ratings. ** Log In or Register to add your rating.

Properties

Time of Last Scan
Period 12 hours
 
  * Results in a true/false
Show indented relevance
modification times of files ((pathname of folder "__BESData\__Global\Logs" of parent folder of client) & "\results_HitmanPro.xml")
ScanType
Period 12 hours
 
  * Session Relevance
Show indented relevance
unique values of node values of xpaths "/Log/@scan" of xml document of file "C:\Program Files (x86)\BigFix Enterprise\BES Client\__BESData\__Global\Logs\results_HitmanPro.xml"
# of results
Period 12 hours
 
  * Session Relevance
Show indented relevance
number of xpaths "/Log/Item" of xml document of file "C:\Program Files (x86)\BigFix Enterprise\BES Client\__BESData\__Global\Logs\results_HitmanPro.xml"
Result (type,count)
Period 12 hours
 
  * Session Relevance
Show indented relevance
(it, multiplicity of it) of unique values of node values of xpaths "/Log/Item/@type" of xml document of file "C:\Program Files (x86)\BigFix Enterprise\BES Client\__BESData\__Global\Logs\results_HitmanPro.xml"
Valid results file?
Period 2 days
 
  * Results in a true/false
Show indented relevance
exists xml documents of files ((pathname of folder "__BESData\__Global\Logs" of parent folder of client) & "\results_HitmanPro.xml")
Threat Score of worst result
Period 12 hours
 
  * Session Relevance
Show indented relevance
maximum of (it as integer) of preceding texts of lasts "." of unique values of node values of xpaths "/Log/Item/@score" of xml document of file "C:\Program Files (x86)\BigFix Enterprise\BES Client\__BESData\__Global\Logs\results_HitmanPro.xml"
FilePath of worst result
Period 2 days
 
  * Session Relevance
Show indented relevance
unique values of node values of xpaths "File/@path" of xpaths "/Log/Item" whose(((it as integer) of preceding text of last "." of node value of attribute "score" of it) = (maximum of (it as integer) of preceding texts of lasts "." of unique values of node values of attributes "score" of xpaths "/Log/Item" of xml document of file "C:\Program Files (x86)\BigFix Enterprise\BES Client\__BESData\__Global\Logs\results_HitmanPro.xml")) of xml document of file "C:\Program Files (x86)\BigFix Enterprise\BES Client\__BESData\__Global\Logs\results_HitmanPro.xml"
Size of ResultsFile
Period 12 hours
 
  * Results in a true/false
Show indented relevance
sum of sizes of files ((pathname of folder "__BESData\__Global\Logs" of parent folder of client) & "\results_HitmanPro.xml")

Relevance

Windows Only (Relevance 2997197)
Used in 6452 fixlets and 32 analyses   * Results in a true/false
Show indented relevance
/* Windows Only */ windows of operating system
Used in 158 fixlets and 17 analyses   * Results in a true/false
Show indented relevance
/* Windows XP or Higher */ version of operating system >= "5.1"
Used in 1 analsis   * Results in a true/false
Show indented relevance
/* Only relevant on machines with HitmanPro scan results */ exists file ((pathname of folder "__BESData\__Global\Logs" of parent folder of client) & "\results_HitmanPro.xml")

Sharing

Social Media:
Share this page on Yammer

Comments

Log In or Register to leave comments!
jgstew -
I'm not sure why many of these properties are being mistaken for Session Relevance.