HitmanPro - wersje rozwojowe

[OXYGEN THIEF]

Re: Hitman Pro wersje rozwojowe

Hitman Pro 3.5.9 Build 123 BETA

Changelog build 123

Improved Cloud Assisted Miniport Hook bypass (both cloud and client components)
Improved removal of new variant of Vundo
Improved removal of malware files that change their file security
Added Master Boot Record (MBR) protection when restoring infected MBR to counter rootkit watchdogs
Added repair when BCD has testsigning enabled (testsigning allows loading of non-signed drivers under x64)
Minor user interface improvements
Updated Brazilian Portuguese language (thanks Bruno)

32-bit:

Zaloguj lub Zarejestruj się aby zobaczyć!

64-bit:

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[OXYGEN THIEF]

Re: Hitman Pro wersje rozwojowe

Hitman Pro 3.5.9 build 126

We just released a BETA version of Hitman Pro 3.5.9 build 126 that is able to detect and clean Trojan Popureb.E.

Early this week Microsoft advised Windows users to reinstall the operating system to get rid of the trojan.The new build of Hitman Pro allows to remove the trojan withing a few minutes.

We also wrote a blog post upon the matter here.

The BETA can be download here:

32-bit:

Zaloguj lub Zarejestruj się aby zobaczyć!

64-bit:

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[OXYGEN THIEF]

Re: Hitman Pro - wersje rozwojowe

 

[OXYGEN THIEF]

Re: Hitman Pro - wersje rozwojowe

Hitman Pro removes Popureb.E



The latest release of Hitman Pro will remove the infamous Trojan “Popureb” without the need to reinstall the operating system.




Hengelo, June 30, 2011 - SurfRight, a developer of tools that give users more control over their PC security, today announced that Hitman Pro 3.5.9 build 126 will remove the infamous Trojan “Popureb” without the need to reinstall the operating system as previously advised by Microsoft.



Malware like Popureb overwrites the hard drive's master boot record (MBR), the first sector -- sector 0 -- where code is stored to bootstrap the operating system after the computer's BIOS does its start-up checks. Because it hides on the MBR, the rootkit is effectively invisible to both the operating system and most security software. Popureb detects write operations aimed at the MBR and then swaps out the write operation with a read operation to avoid detection.



“The Cloud Assisted Miniport Hook Bypass technology that was added to Hitman Pro in an earlier release this month is designed to detect these sophisticated rootkits”, according to Mark Loman, CEO of SurfRight. “Our Cloud Assisted Miniport Hook Bypass is capable of detecting the Popureb bootkit.”



The latest Hitman Pro version (build 126) contains a new Tool Action: Replace with Standard MBR. This new Tool Action offers users a means to overwrite a non-standard MBR and return it to a clean state when malicious code is detected. It is only available to users when scanning a system with Hitman Pro in Early Warning Scoring (EWS) mode. Users do not need to use the Windows Recovery Console to return the MBR to a clean state.

 

[OXYGEN THIEF]

Re: Hitman Pro - wersje rozwojowe

Hitman Pro 3.5.9 build 127 BETA

Changelog

Added detection and removal of the ZeroAccess rootkit.
Added kernel mode guard to block code injection attacks on Hitman Pro scan and removal process.
Added DACL monitor on Hitman Pro executable.
Added 'Follow us on Twitter' button on Welcome pane.
Added license information bar above the navigation buttons.
Added Proxy tab under Settings.
Fixed a bug regarding the auto activation of the free license.
Fixed several minor GUI issues.

32-bit:

Zaloguj lub Zarejestruj się aby zobaczyć!

64-bit:

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[OXYGEN THIEF]

Re: Hitman Pro - wersje rozwojowe

Hitman Pro Beta Build 128
Beta Build 128 (32-bit only)

Changelog

Detects and removes latest ZeroAccess rootkit
Improved kernel-mode guard to block code injection attacks on Hitman Pro scan and removal process.
Added Romanian language.

...

32-bit:

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[OXYGEN THIEF]

Re: Hitman Pro - wersje rozwojowe

BETA Hitman Pro 3.5.9 build 129 (32-bit/64-bit)

Changelog (compared to build 127)

Detects and removes latest ZeroAccess rootkit
Improved detection of Sinowall rootkit
Improved removal of 64-bit version of ZeroAccess rootkit
Improved kernel-mode guard to block code injection attacks on Hitman Pro scan and removal process.
Improved Cloud Assisted Miniport Hook Bypass to support detection of detours.
Improved Crusader's watchdog.
Added Romanian language.
...


32-bit:

Zaloguj lub Zarejestruj się aby zobaczyć!

64-bit:

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[OXYGEN THIEF]

Re: Hitman Pro - wersje rozwojowe

Ukazała się nowa beta wyczesanego do granic możliwości Hitmana Pro
HitmanPro 3.6 Beta 1

Changelog

Hitman Pro is now called HitmanPro. On Twitter use #HitmanPro.
Added Scanning for Malware Remnants.
This feature crawls the File System and Registry for common malware related paths (files, folders, keys).
The Remnant Scan combines a multi-threaded local scan with cloud based confirmation.
For Beta 1 we are detecting only a few hundred remnants, more will be added in the coming weeks. We are still fine tuning the tooling on the backend.
Added Scheduler to allow scanning Daily, At Startup, Mon, Tue, Wed, Thu, Fri, Sat, Sun at specific times. The scheduler is a process called hmpsched.exe.
Added detection for infected Volume Boot Record.
Added detection for files signed with weak Authenticode signatures (RSA 512-bit keys).
See also:

Zaloguj lub Zarejestruj się aby zobaczyć!

Added third opinion scan using VirusTotal.
To use this feature you enter your personal VirusTotal Public API Key on the Advanced tab under Settings.
Added chevrons to highlight items in the result list that are running [PID] or start by [Run], [Service] or [Driver].
Added detection and repair for the HOSTS file that was altered by malware.
Improved NTFS Parser to work better with heavily fragmented files.
Improved Direct Disk Access mode to always scan using the lowest possible level.
Version 3.5 used SPTI to access the disk.
Version 3.6 accesses the disk by directly talking to the hard disk miniport driver. This has some impact on the overall scan speed since we bypass Windows disk caching.
Early Warning Scoring in no longer selectable by default.
Early Warning Scoring can be enabled on the Advanced tab under Settings.
Removed Prevx detection due to poor malware detection.
Reworked several areas of the user interface, including a polished new Logo.
Beta 1 is only available in English.
...

Spoiler: Pokaż zawartość

Zaloguj lub Zarejestruj się aby zobaczyć!

Spoiler: Pokaż zawartość

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[Anonymous]

Re: Hitman Pro - wersje rozwojowe

Przypomina Windows 8. Usunęli PREVX

 

[OXYGEN THIEF]

Re: Hitman Pro - wersje rozwojowe

Pewnie dlatego że Webroot kupił prevx, zresztą to beta więc wszystko może się zmienić o :kill :bardzo zły

Parę sreenów

 

[OXYGEN THIEF]

Re: Hitman Pro - wersje rozwojowe

HitmanPro 3.6.0 Build 134 Beta 2

Changelog

Improved Cloud Assisted Miniport Hook Bypass
Improved detection and removal of Sinowal, Mebroot rootkit
Improved removal of TDL4 on systems where Boot Configuration Data (BCD) was persistently malformed by TDL4. Removing TDL4 from those systems caused a non-bootable system (BSOD). HitmanPro now repairs BCD before removing TDL4.
Added 'Goto location' to context menu to highlight the file in Windows Explorer.
Added 'Show information' to context menu to expose more internal information to the expert end users (see screenshot below).
Enabled 'Automatic upload of suspicious files to the Scan Cloud' checkbox.
Moved 'Shell Integration' to Scan tab under Settings.
Fixed Tray Icon and tooltip Balloon when 'Scan at startup' is performed.
Updated internal white lists.
Several minor improvements.

32-bit:

Spoiler: pokaż

Zaloguj lub Zarejestruj się aby zobaczyć!

64-bit:

Spoiler: pokaż

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[OXYGEN THIEF]

Re: Hitman Pro - wersje rozwojowe

HitmanPro 3.6.0 Beta 3

Changelog (compared to beta 2)

Restored scan speed (on par with 3.5)
Added Shell Extension.
Remove beta3 from the filename to be able to install the shell extension.
Added /clean command line option
Various GUI improvements
Lots of internal improvements
Updated internal white lists

...


Downloads
32-bit:

Spoiler: pokaż

Zaloguj lub Zarejestruj się aby zobaczyć!

64-bit:

Spoiler: pokaż

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[OXYGEN THIEF]

Re: Hitman Pro - wersje rozwojowe

Hitman Pro 3.6.0 RC Build 136 (Release Candidate)

This is a release candidate. This means that this build will upgrade an existing installed Hitman Pro 3.5 to HitmanPro 3.6. In addition, the release candidate will update itself to the final (when available), whereas the beta will not. So beta users, please update your executable to this one.

The release candidate contains mainly fixes and small improvements since Beta 3 (= no new major features). Full changelog will be posted tomorrow.

Downloads

Spoiler: pokaż

Zaloguj lub Zarejestruj się aby zobaczyć!

Spoiler: pokaż

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[OXYGEN THIEF]

Re: Hitman Pro - wersje rozwojowe

HitmanPro 3.6.0 Build 140 Beta

Changelog

Improved removal of new 64-bit variant of ZeroAccess (aka Sirefef).
This new variant re-infects the SubSystems registry key on reboot using Netsvcs.
Improved Crusader (HitmanPro's malware removal engine) that now blocks malware watchdogs trying to redeploy while being removed.
Re-added the languages from HitmanPro 3.5.
Added Slovak language
Added Serbian language
Added Bengali language
Several small fixes


What's coming in the next build(s)

Fixed VirusTotal integration. Currently not working properly due to excessieve slashes in the URL. A fix has already been checked in.
Volume Boot Record scan and repair.
... (your suggestion here) ...

32-bit:

Spoiler: pokaż

Zaloguj lub Zarejestruj się aby zobaczyć!

64-bit:

Spoiler: pokaż

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[OXYGEN THIEF]

Re: Hitman Pro - wersje rozwojowe

HitmanPro 3.6.0 Build 143 BETA

Change log

Improved Crusader removal engine.
Improved Hosts file repair. Now detects BOM obfuscation.
See

Spoiler: pokaż

Zaloguj lub Zarejestruj się aby zobaczyć!

Improved Authenticode classifier
Updated VirusTotal integration. Now uses Public API version 2.0.
Updated languages
Updated embedded white/black lists


32-bit:

Spoiler: pokaż

Zaloguj lub Zarejestruj się aby zobaczyć!

64-bit:

Spoiler: pokaż

Zaloguj lub Zarejestruj się aby zobaczyć!