HitmamPro.Alert2 Problem

[cfdevlin01]

Have a current problem with HitmanPro.Alert2. As of yesterday I received a message from HitmanPro.Alert2 that read: "Computer Virus "Dropbox.exe" is attacking your personal files., etc.". I then via this alert box downloaded (free) version of Hitman Pro and ran it. It picked up a hyjacker virus plus Conduit and Playtopus junk. I believe the hyjacker program caused the alert and the Conduit and Playtopus junk just was causing the computer to run slowly. I then restarted the computer, got the same message from HitManPro.alert2 and thus reran the scan and came up clean. However the computer really is running very fast, which I believe is the cleaning up of Conduit and Playtopus.

I next googled issues with Dropbox and saw that certain viruses do use this and thus followed the following processes to try and correct the issue.
1. Booted up in Safe Mode with Networking
2. Ran Malwarebytes - ran clean, no issues
3. Ran TDSSKiller - ran clean, no issues
4. Ran CCleaner for file cleanup and Registry - small amout of cleanup
5. Ran ADWCleaner - small amount of cleanup.

Now restarted the computer. Same Pop-up Window from HitmanPro.alert2 - this message comes once DropBox initiates from StartUp. I want DropBox in startup and have had it there for months with no issue.

I believe the computer is clean as it is really running very fast. I do not know if the problem is from DropBox or HitManPro.alert2 or some other virus that is hidden. I ran TDSSKiller to see if a hidden rootkit was buried, but as stated above it ran clean.

I also think the initial alert was valid, and the following alerts are not valid. Again, the Pop-up alert comes right after DropBox initiates.

Any help would be greatly appreciated.
Chuck Devlin (user id: cfdevlin01)

[Britec]

It seems to be a known issue, the creator of Hitmanpro was talking about the same issue your having on the forum thread  I think there is a solution on that post.

Hope it helps.

[cfdevlin01]

Britec, thank you for the quick reply. I checked out the thread you indicated and as a result uninstalled current version and installed version 2.6.5 which indicated this may be the updated (corrected) version. The last posting was March 2014, thus I was not sure if it would work. I installed that version, but the problem is still there, thus it appears Surfright has not yet corrected the problem.

I will probably leave it installed and just click CLOSE when the pop-up occurs. When I go to the internet it appears to be working properly. Still not sure what kicked this off after having it on my system since April 2014 - but Oh-Well.

Again thanks for your quick response.

Chuck Devlin

[Britec]

Your welcome, try uninstalling dropbox and re-installing that with the latest version to see if it helps, its worth a try.

[redwolfe_98]

my 2 cents.. if it was me, and something was flagged on my computer, like "dropbox.exe", i would look at what was flagged ie the "dropbox.exe" file, to try to determine if it was a "false-positive".. you could look at the location of the file, to see if it seems to be a legitimate file, and you could look at the file's "properties".. then i would upload the file to "virustotal", just to double-check..

if i concluded that it was a "false-positive", i would try to "whitelist" the file, so that it wouldn't be flagged any more, then i would contact the vendor of the program, in this case, "surfright", and inform them about the "suspected false-positive" issue, so that it would be addressed..

i think you should contact "surfright" about this issue, where the "HMP-alert" program is flagging the "dropbox.exe" file..

i believe that "HMP-alert" only uses heuristics for detecting things.. so, if it had a detection for flagging trojans, when they try to upload files, it might also likewise flag "dropbox.exe" when it tries to upload files..

maybe what happened is that "surfright" had the old "dropbox.exe" file whitelisted, but it was updated, and the new "dropbox.exe" file had not been whitelisted..

i did a google-search for "dropbox.exe" and all that i saw was where it was said that "dropbox.exe" was a legitimate file that was used by "dropbox"..

[cfdevlin01]

(12-14-2014, 04:16 PM)Britec Wrote:  Your welcome, try uninstalling dropbox and re-installing that with the latest version to see if it helps, its worth a try.

---

Tried most of what you said. I have DroxBox on another computer, thus checked the paths of both - they were the same. Also checked Properties - everything the same. Then went to Hitman Pro. As mentioned above version 2 of HitmanPro Alert the identified problem has not been fixed. Noticed there is a version 3 in Beta - however to get version 3 you need to purchase HitmanPro. I am not willing to do that. Thus I uninstalled the product. If I ever decide to purchase HitmanPro then I will reinstall HitmanPro Alert.3 and check it out. RedWolfe_98, I appreciate your comment.