首先是官方的介绍
Hitman Pro 3 - the all-in-one tool against malicioussoftware
Hitman Pro 3 is a fast all-in-one tool to locate, identify and removeviruses, spyware, trojans, rootkits and other malware. Hitman Pro 3 willquickly show if your PC is infected with malicious software.
Research shows that many computers are infected,even if they have an up-to-date security suite installed, and that acombination of different anti malware programs would be required to preventinfection.
Hitman Pro 3 uses innovative cloud computing techniques to detect and removepotential malware threats with minimal impact on system performance.
Advantages of Hitman Pro 3
- Recognizes and removes viruses, trojans, rootkits, spyware and other malware.
- Revolutionary innovation in scanning technique to distinguish between malicious and safe software without signatures.
- Short scan time - searches the system within a few minutes.
- No extra system load.
- Impossible to make false positives on important systems files thanks to "profiling" and whitelisting.
- Multi-vendor identification of malware in our real-time "Scan Cloud".
- Automatically restores common system alterations made by malicious software.
- Creates a check point in System Restore before removing malicious software.
- Removes resistant threats using native NT boot-time deleter.
- Removes references to malicious software (like shortcuts and registry entries).
- Free malware scan.
- Free online support in English, German and Dutch.
How does Hitman Pro 3 work?
The Hitman Pro 3 executable can be downloaded and run straight from a USBFlash Drive, CD/DVD, local or network attached hard drive and will quicklyreveal the presence of any malware.
It will scan your PC in a few minutes and detect files that are potentiallymalware using a Behavioral Scan.
The actual identification of these potential malware files is then done on theHitman Pro servers - the "Scan Cloud".
To understand how Hitman Pro 3 works we first need to describe a fewfundamental characteristics of malicious software and your Windows PC.
Like everything else, malicious software always has a purpose. The malwarewriter only wants one thing: money. The traditional virus that cripples ordestroys your PC is now quite rare. To make money the virus needs to be run andstay resident on the PC. This way the malicious software can steal yourpersonal data, show pop-ups, or install fake software programs. The softwarecan even turn your PC into a zombie as part of a botnet, using your PC to sendspam or be part of a cyber attack. Of course, all this is going on without younoticing anything. To keep doing this, the malicious software needs to startautomatically and protect itself from being removed by security software.
On a single Windows PC there are thousands of files with a limited number of these files being "executables" and "associated data files", which have file extensions like EXE, DLL, SYS, etc. They belong to for example a word processor, a spreadsheet program or a photo editing program.
To work properly, the malicious program must be an executable file.
Hitman Pro 3 looks for executables like drivers and other automatically starting software programs. These are active in memory, communicate with the internet and potentially try to make themselves invisible. From an average of 400,000 files on your PC typically only 2000 are interesting enough for Hitman Pro 3 to classify. Hitman tries to determine:
- where a file comes from
- how it got on your PC
- which publisher created it
- what purpose it has
- whether it can be uninstalled appropriately
- if it is visible for the user and through Windows API's
- if it's communicating with unreliable computers on the internet
- if it's compressed or encrypted
- if it has anomalies commonly found in malicious software
- what people say about the file on security related websites
These are just a few of the details that Hitman Pro 3 collects, understands and associates. This method is what we call the Behavioral Scan.
|
Hitman Pro 3 uses as manycharacteristics of safe and malicious software as possible. After classifyingonly a handful remain interesting enough for further investigation. Each fileis fingerprinted and sent to our Scan Cloud. This cloud determines if a file issafe, unsafe or unknown.
Unknown files on your PC are physically sent to the Scan Cloud where the filesare scanned, in just seconds, by trusted anti-malware software from our trustedpartners.
Purpose
Hitman Pro 3 does not leave a program running in the backgroundthat continuously checks incoming e-mail and downloaded files for malware.Therefore you need to scan your PC regularly to ensure your PC is not infected.
Hitman Pro 3 can be used in combination with any other security suite. Scanningyour PC for malware with Hitman Pro 3 will always be free so if you alreadyhave a security suite on your PC, it is an ideal program to make sure yoursecurity suite has not missed anything.
Behavioral Scan
The Behavioral Scan in Hitman Pro 3 does not need to monitoryour system constantly to discover suspicious behavior. Most behavioralblocking programs need to monitor continuously. Hitman Pro 3 uses the knowledgefrom multiple anti-malware partners to identify the files on your system, whichmakes it exceptionally usable for non-technical computer users, who cannotanswer incoherent questions about for example new system services or registryentries. In addition, Hitman Pro 3 knows upfront which files are notinteresting and which belong to the operating system. This is done by checkingthe (valid) digital signatures on executable files and a white list containingsignatures of known safe files. Hitman Pro 3 has signatures of all importantfiles from Windows 2000 to Windows 7 (RC). After a quick check, these files areautomatically detected as safe.
云扫描 很流行的东西,基于行为分析的扫描 TForMamutu
体验开始!
[ 本帖最后由 悠柚 于 2009-7-25 14:50 编辑 ] | 
发表于 2009-7-25 14:00:42
楼主
还算漂亮吧
)
帅锅也还算养眼
,30天试用,please click“License Information”
(可能是我的电脑比较干净
)
,我把样本放到了system32下面,这个貌似会被扫描到,看看效果
发表于 2009-7-25 14:45:14
