Thema: Hitman Pro

[SiLæncer]

Hitman Pro is a fast all-in-one tool to locate, identify and remove viruses, spyware, trojans, rootkits and other types of malware. The executable can be downloaded and run straight from a USB Flash Drive, CD/DVD, local or network attached hard drive and will quickly reveal the presence of any malware. Hitman Pro uses innovative cloud computing techniques to detect and remove potential malware threats with minimal impact on system performance. A further benefit of this technology is that you need never again download definitions on a hourly / daily basis as this is all managed in the cloud further reducing the impact on your PC. Hitman Pro will work alongside any existing anti-virus/anti-spyware or security suite and can be simply run whenever required to give a second opinion or be called upon to remove threats missed by your existing software. Scanning your PC is free for the life of the product and in addition removal of malware is also free for the first 30 days, thereafter, users can take a paid for subscription to cover malware removal in the future. The innovative Early Warning Scoring (EWS) technology allows users without internet to remove potential malware - no subscription required.

Licence: Freeware

Version 5.38 Build 121 (2011-05-04)

    Added detection and removal of latest TDL4 bootkit.
    Improved behavioral scan.
    Improved removal engine.
    Added Indonesian language.
    Updated Czech language.

http://www.hitmanpro.nl/

[SiLæncer]

The most important features in this new version are:

    Cloud Assisted Miniport Hook Bypass feature (see below).
    Mebroot/Sinowal detection and removal.
    Removal of new variant of Trojan Vundo.
    Master Boot Record (MBR) protection when restoring infected MBR to counter rootkit watchdogs.
    Repair for BCD testsigning. Testsigning is a feature of 64-bit Windows that, when enabled, allows loading of non-signed drivers on 64-bit Windows. Testsigning is typically abused by 64-bit bootkits.

The full release notes and changelog of Hitman Pro 3.5.9 build 124 can be found on www.surfright.com/hitmanpro/whatsnew

http://www.hitmanpro.nl/

[SiLæncer]

The latest release of Hitman Pro 3.5.9 – build 126 – will remove the infamous Trojan “Popureb” without the need to reinstall the operating system as previously advised by Microsoft.

Malware like Popureb overwrites the hard drive’s Master Boot Record (MBR), the first sector – sector 0 – where code is stored to bootstrap the operating system after the computer’s BIOS completed its start-up checks. The rootkit hides the MBR by hooking the DriverStartIo of the harddisk driver atapi.sys, making it effectively invisible to both the operating system and most security software.

The Cloud Assisted Miniport Hook Bypass technology that was added to Hitman Pro in an earlier release this month is designed to detect these sophisticated rootkits. Our Cloud Assisted Miniport Hook Bypass is capable of detecting and removing the Popureb bootkit.

Build 126 of Hitman Pro 3.5 contains a new Tool Action: Replace with standard MBR.



This new action offers users a means to overwrite a non-standard MBR with a standard MBR returning it to a clean state. This new Tool Action is only available to users when scanning a system with Hitman Pro in Early Warning Scoring (EWS) mode. Users do not need to use the Windows Recovery Console to return the MBR to a clean state.

http://www.hitmanpro.nl/

[SiLæncer]

Build 127 (2011-07-15)

    Added detection and removal of the ZeroAccess rootkit. Read our blog for more information.
    Added kernel mode guard to block code injection attacks on Hitman Pro scan and removal process.
    Added DACL monitor on Hitman Pro executable.
    Added 'Follow us on Twitter' button on Welcome pane.
    Added license information bar above the navigation buttons.
    Added Proxy tab under Settings.
    Fixed a bug regarding the auto activation of the free license.
    Fixed several minor GUI issues.
    Updated Swedish language.

http://www.hitmanpro.nl/

[SiLæncer]

Build 152 (2012-04-12)

    NEW: Bitdefender logo.
    IMPROVED: Bootkit detection heuristic.
    IMPROVED: Direct Disk Access handling.
    IMPROVED: Handling of GPT disks.
    IMPROVED: Scheduler starts a scan when it has missed its time window (thanks Adric).
    IMPROVED: Scheduler performs Default scan when the last Default scan was at least 30 days ago.
    FIXED: Solved a problem where HitmanPro would keep scanning indefinitely.
    FIXED: Solved a problem where HitmanPro could not overwrite an existing activation license due to changed file attributes.
    FIXED: Solved a problem handling the license files.
    FIXED: Solved a problem handing the 'no proxy' setting.
    Updated internal white lists.


http://www.hitmanpro.nl/

[SiLæncer]

Build 188 (2013-02-05)

    Version 3.7.2
    ADDED: NTFS Timeline Forensics to cluster malware related files and establish malware infection timeline.
    With the established timeline you can trace back to where the actual infection came from and how it got on your system. In addition, the cluster can reveal zero-day malware due to which files have been created along with the unknown binary. A picture to illustrate can be seen here: http://dl.surfright.nl/NTFS-Timeline-Forensics.png
    ADDED: Detection of zero-day Reveton ransomware through file clustering.
    ADDED: Repair of non-existing Winlogon startup entries.
    ADDED: Complete removal of ZeroAccess 'recycler variant'.
    IMPROVED: Removal of malware hijacking Winmgmt service.
    IMPROVED: File remnant scanner detects more remnants.
    IMPROVED: Detection of malware starting through Winlogon.
    IMPROVED: Proxy is set to NoProxy when Kickstart started HitmanPro at Winlogon desktop.
    IMPROVED: Parsing of Run entries.
    IMPROVED: Services enumerator.
    IMPROVED: Raw registry parser.
    FIXED: Portuguese language.
    UPDATED: Embedded white lists.

http://www.hitmanpro.nl/

[SiLæncer]

Build 189 (2013-02-25)

    ADDED: Kickstart blocks ransomware stealing the desktop from HitmanPro.
    ADDED: Kickstart blocks "Image File Execution Options" hijacking.
    ADDED: Kickstart lists the file that was added 'Most Recent as Startup' as suspicious.
    ADDED: Kickstart keeps track of processes that are started during boot.
    ADDED: VirusTotal API key is now embedded so it is no longer needed to register an account.
    ADDED: /excludefile command line option to exclude files and folders from the scan.
    ADDED: Text Log File now shows number of encountered files that were excluded from the scan.
    ADDED: Detailed file view now shows parent process name as property.
    ADDED: Detailed file view now lists both local and remote network connections
    FIXED: Reveton ransomware detection caused false postives.
    FIXED: Network Port enumerator now lists listening ports correctly.
    FIXED: On some systems HitmanPro shuts down unexpectedly at end of scan.
    IMPROVED: Force Breach process filtering.
    IMPROVED: License activation retry mechanism.
    UPDATED: Kickstart Bootstrap loader 1.2.
    UPDATED: Embedded white lists.

http://www.hitmanpro.nl/

[SiLæncer]

Build 190 (2013-03-01)

    IMPROVED: Kickstart blocking ransomware stealing the desktop from HitmanPro.
    UPDATED: Kickstart Bootstrap loader 1.3.
    ADDED: Norgwegian language.

http://www.hitmanpro.nl/

[SiLæncer]

Whats new: >>

    ADDED: Removal of child pornography images dropped by Urausy ransomware.
    ADDED: Detection of zero-day Urausy ransomware through forensic file clustering.
    ADDED: Kickstart hardening to protect HitmanPro processes from Winwebsec malware family.
    Use Kickstart against Disk Antivirus Professional, AVASoft Antivirus Professional or other rogue antiviruses.
    IMPROVED: Forensic file clustering speed.
    IMPROVED: Reduced memory usage during forensic file clustering.
    IMPROVED: Processing of registry key values.
    FIXED: On some BIOSes, when booting with Kickstart, Windows loader would hang with either frozen screen or blinking cursor.
    UPDATED: Kickstart Bootstrap loader 2.1.
    UPDATED: Embedded white lists.

http://www.hitmanpro.nl/

[SiLæncer]

Build 193 (2013-04-03)

    IMPROVED: Detection of zero-day Urausy ransomware through forensic file clustering.
    FIXED: HitmanPro stopped working when it encountered a particular forensic cluster.
    UPDATED: Embedded white lists.

http://www.hitmanpro.nl/

[SiLæncer]

Build 194 (2013-04-15)

    FIXED: HitmanPro driver leaked some nonpaged kernel memory when scanning in Direct Disk Access mode.
    IMPROVED: Minor improvements to Compatible Disk Access mode.
    IMPROVED: Detection of zero-day Urausy ransomware through forensic file clustering.
    IMPROVED: File remnant scanner detects more remnants.

http://www.hitmanpro.nl/

[SiLæncer]

Build 197 (2013-05-22) BETA

    ADDED: Java exploit drive-by-download detection through forensic clustering.
    ADDED: Bootkit Gapz removal via Kickstart.
    IMPROVED: Forensic clustering.
    IMPROVED: Detection of zero-day ransomware through forensic clustering.
    IMPROVED: Detection and removal of malware starting via Command Processor (cmd.exe).
    IMPROVED: Remnant scanner.
    FIXED: On some computers keyboard was unresponsive in Kickstart BIOS Boot Menu
    UPDATED: Kickstart 2.2

http://www.hitmanpro.nl/

[SiLæncer]

Build 199 (2013-05-24)

    FIXED: Suspicious classified items set to Quarantine were not removed after pressing Next button.

http://www.hitmanpro.nl/

[SiLæncer]

Build 200 (2013-05-29) BETA

    IMPROVED: Detection of zero-day ransomware through forensic clustering.
    IMPROVED: Java exploit drive-by-download detection through forensic clustering.

http://www.hitmanpro.nl/

[SiLæncer]

Build 201 (2013-05-31)

    ADDED: Repair for NTFS Symbolic Links placed by ZeroAccess on Windows Defender and Microsoft Security Essentials. Now repairs folders and corresponding files in Winsxs folders as well. In addition, ACL security is reset.
    IMPROVED: Detection of zero-day ransomware through forensic clustering.
    IMPROVED: Java exploit drive-by-download detection through forensic clustering.
    FIXED: Unexpected termination of HitmanPro during remnant scan on computers with FAT32 system volume.


http://www.hitmanpro.nl/