Hitman Pro Support and Discussion Thread

[markloman]

We have just released the 32-bit version of Hitman Pro 3.5 (build 85).
Hitman Pro is now the first and only antivirus program in the world capable of finding and removing the TDL3+ rootkit

Anyway, the release notes:

Build 85 (2010-01-15)

• Added removal of TDL3 rootkit version 3.2 (aka TDL3+).
  This rootkit infects the hard disk driver (usually atapi.sys or iaStor.sys) and redirects Google search results.
• Improved detection and removal of fake/rogue anti-malwares (scareware).
• Fixed a occasional crash while scanning on Windows 7.
• Fixed a crash related to DEP/NX.
• Fixed a rare crash when user closes the window.
• Added a reminder panel when the removal license has expired.
• Remembers Do Not Repair actions (thanks Page42).
• Added Destop Wallpaper policy repair.
• Added Portuguese-Brazilian language.
• Updated several language strings.
• Several minor bug fixes.

[PC__Gamer]

Quote:

Originally Posted by markloman

Hitman Pro is now the first and only antivirus program in the world capable of finding and removing the TDL3+ rootkit

isnt this the same thing?

http://news.drweb.com/show/?i=687&c=5&p=1&lng=en

Quote:

The updated Dr.Web GUI Scanner allows to detect and successfully delete the new sophisticated threat - BackDoor.Tdss.565.

dated Novemeber 2009.

i understand its probably a new version of it, but they were soo quick to find the originals, im sure they can probably already handle 3.2

btw - i think i have decided to go ahead and purchase a license with you guys just for a 'what if' type of situation, having a trial on my machine i just dont like, gonna route around for a coupon code or something first though.

[Page42]

Quote:

Originally Posted by markloman

[*] Remembers Do Not Repair actions (thanks Page42).

Unfortunately this is not the case. I ran the new build 3 times, but it still shows the Do Not Repair items.

[markloman]

Quote:

Originally Posted by PC__Gamer

isnt this the same thing?

http://news.drweb.com/show/?i=687&c=5&p=1&lng=en

No it is not the same thing. Dr.Web and Hitman Pro are still the only AV programs to remove TDL3, but Dr.Web cannot remove TDL3.2.
Note that practically no AV product is capable of detecting the TDL3 rootkit let alone remove it. And we see many, many computers infected with TDL3+

[markloman]

Quote:

Originally Posted by Page42

Unfortunately this is not the case. I ran the new build 3 times, but it still shows the Do Not Repair items.

When you set a repair item to Do not repair, the item will still show up in subsequent scans. Only the default action is now set to Do not repair. This is by design.

[jmonge]

mark do you have the download link?as it is not in the websiteonly built 84

[Triple Helix]

Quote:

Originally Posted by markloman

We have just released the 32-bit version of Hitman Pro 3.5 (build 85).
Hitman Pro is now the first and only antivirus program in the world capable of finding and removing the TDL3+ rootkit

Anyway, the release notes:

Build 85 (2010-01-15)

• Added removal of TDL3 rootkit version 3.2 (aka TDL3+).
  This rootkit infects the hard disk driver (usually atapi.sys or iaStor.sys) and redirects Google search results.
• Improved detection and removal of fake/rogue anti-malwares (scareware).
• Fixed a occasional crash while scanning on Windows 7.
• Fixed a crash related to DEP/NX.
• Fixed a rare crash when user closes the window.
• Added a reminder panel when the removal license has expired.
• Remembers Do Not Repair actions (thanks Page42).
• Added Destop Wallpaper policy repair.
• Added Portuguese-Brazilian language.
• Updated several language strings.
• Several minor bug fixes.

Thanks Mark Posted at COU! http://www.calendarofupdates.com/upd...event_id=65416

TH

[Triple Helix]

Quote:

Originally Posted by jmonge

mark do you have the download link?as it is not in the websiteonly built 84

It will autoupdate for 32 bit only I think? http://www.surfright.nl/en/hitmanpro

TH

[jmonge]

thanks triple

[Page42]

Quote:

Originally Posted by markloman

When you set a repair item to Do not repair, the item will still show up in subsequent scans. Only the default action is now set to Do not repair. This is by design.

Oh I see. In that case, detection overrides would be helpful. Maybe in a future build. Thank you. I appreciate your software.

[PC__Gamer]

Quote:

Originally Posted by markloman

No it is not the same thing. Dr.Web and Hitman Pro are still the only AV programs to remove TDL3, but Dr.Web cannot remove TDL3.2.
Note that practically no AV product is capable of detecting the TDL3 rootkit let alone remove it. And we see many, many computers infected with TDL3+

hi, i just got a reply to my question to them.

Quote:

yes, scanner in release can't remove all tdl3 version (3.21/3.22). instead use beta cureit, it's cured all version of tdl3. in next week this scanner will be released.

so their beta has been curing it for sometime, i always trust their cureit tool when i need strong removal, its proved the best.

however, im now a valid H.P user for 3 years, but doubt i would need it as Prevx has been protecting me for years without hiccup, always nice to have that second opinion though.

they also added a further comment Mark:

Quote:

p.s. hitman pro (build 84) can't remove tdll 3.22. but I did not test last build of hitman pro (build 85), maybe it cure very well all tdl3.

[Rednose!]

Hi Mark and Erik

Maybe a little bit off topic, but I am curious : What is your relation with SpicyLemon and their Cloud Scanner :

http://www.spicylemon.nl

Greetz from Enschede to Hengelo, Red.

[Eagle Creek]

Quote:

Originally Posted by Rednose!

Hi Mark and Erik

Maybe a little bit off topic, but I am curious : What is your relation with SpicyLemon and their Cloud Scanner :

http://www.spicylemon.nl

Greetz from Enschede to Hengelo, Red.

SpicyLemon used to be "NOD32 Nederland". Because if ESET would get in financial trouble, NOD32 Nederland would be out of a business they changed their name and portfolio to prevent that. A couple of years ago they renamed to SpicyLemon, and now they are reselling several security products, including NOD32, Caretaker, Comodo, and Hitman Pro

You can read something about that here (19-10-2007).

Their laboratory has the subscript "Powered by ESET NOD32 en Hitman Pro".

[gerardwil]

Hi,

Must be me, but I don't fully understand: what about this site http://www.nod32.nl/?

Gerard

[Eagle Creek]

They still are the official Dutch Reseller, so they manage that website (under the name of NOD32 Nederland).

[markloman]

Funny... Malwarebytes revealed a new logo today: http://www.malwarebytes.org/forums/i...howtopic=36765

It could be me but it looks like the Hitman Pro logo that we have since April 2009. Our logo is also based on a pac man. It symbolizes the statistical Behavioral Scan in Hitman Pro, and of course the ‘eating’ of malware. The pie symbolizes wide ‘scanning’. The surrounding colored elements – like the corner stone – symbolizes our multiple renowned security partners that assist Hitman Pro with virus recognition in our Scan Cloud. And the different colors resemble the colors used in the Microsoft Windows logo, the operating system Hitman Pro was designed for.

[Eagle Creek]

What exactly are you trying to say here, Mark? I doubt they used the HMP logo when they started designing the Malwarebytes' one .

Not sure what it's supposed to look like, to be honest .

[markloman]

Quote:

Originally Posted by Eagle Creek

What exactly are you trying to say here, Mark?

Similar creative minds of course!

[Greg S]

Quote:

Originally Posted by markloman

Our logo is also based on a pac man. It symbolizes the statistical Behavioral Scan in Hitman Pro, and of course the ‘eating’ of malware. The pie symbolizes wide ‘scanning’. The surrounding colored elements – like the corner stone – symbolizes our multiple renowned security partners that assist Hitman Pro with virus recognition in our Scan Cloud. And the different colors resemble the colors used in the Microsoft Windows logo, the operating system Hitman Pro was designed for.

Very interesting and informative read. Thanks

I'm aware of the Hitman Pro issues with Eaz-Fix and Rollback but do the same issues apply with Comodo Time Machine?

[Rednose!]

Quote:

Originally Posted by Eagle Creek

SpicyLemon used to be "NOD32 Nederland". Because if ESET would get in financial trouble, NOD32 Nederland would be out of a business they changed their name and portfolio to prevent that. A couple of years ago they renamed to SpicyLemon, and now they are reselling several security products, including NOD32, Caretaker, Comodo, and Hitman Pro

You can read something about that here (19-10-2007).

Their laboratory has the subscript "Powered by ESET NOD32 en Hitman Pro".

Thnx for the info m8

Btw I signed up for Nucia. Should have done that a long time ago

Greetz, Red.

[Rednose!]

Quote:

Originally Posted by Greg S

Very interesting and informative read. Thanks

I'm aware of the Hitman Pro issues with Eaz-Fix and Rollback but do the same issues apply with Comodo Time Machine?

As far as I know Comodo Time Machine is a Rollback clone so I expect the same issues

Greetz, Red.

[Saraceno]

Regarding the logo comparisons, few things to point out:

# Similar san serif font, I'd say both are using something specific like Helvetica (light). Take a look at the 'a' and 'r' for example.

# The Windows blue, used by Hitman Pro, quite similar to the malwarebytes colour used. Malwarebytes has used a different shade/tint.

#The pacman/pie, Hitman Pro's red 'bite' facing almost down, malwarebytes' white 'bite' facing upright. However, malwarebytes has a few 'bites', so if you take a look at the outer blue pacman/pie, it's similar to Hitman Pro's red bite angle.

So font, colour and pacman/pie, 'bite' angle, are all very similar.

That aside, Mark, what are the chances of you having malwarebytes part of your scan cloud? I think many users would want this as malwarebytes would complement the other scanners, especially with rogue software, problem installations and registry entries. Basically it'd make Hitman pro an even better program and would give better exposure to both.

Both are effective at removing stubborn malware, both smaller companies with products undergoing change, both have developers who listen to their customers. Like emsisoft and tall emu, you two (hitman pro/malwarebytes) could make a great pair when producing security products.

Just a thought.

[nikanthpromod]

Quote:

Originally Posted by markloman

Funny... Malwarebytes revealed a new logo today: http://www.malwarebytes.org/forums/i...howtopic=36765

It could be me but it looks like the Hitman Pro logo that we have since April 2009. Our logo is also based on a pac man. It symbolizes the statistical Behavioral Scan in Hitman Pro, and of course the ‘eating’ of malware. The pie symbolizes wide ‘scanning’. The surrounding colored elements – like the corner stone – symbolizes our multiple renowned security partners that assist Hitman Pro with virus recognition in our Scan Cloud. And the different colors resemble the colors used in the Microsoft Windows logo, the operating system Hitman Pro was designed for.

Are u trying to say "MBAM Theft"

JK

[Eagle Creek]

Quote:

Originally Posted by Rednose!

Thnx for the info m8

Btw I signed up for Nucia. Should have done that a long time ago

Greetz, Red.

Welcome .

And yeah, you should have done that .

[TonyKlein]

Quote:

Originally Posted by markloman

It could be me but it looks like the Hitman Pro logo that we have since April 2009

I think it is you... LOL

Also do not forget that the name "Malwarebytes" itself from the very start has referred to the "eating of malware", as you put it