Hitman Pro 3 - Second Opinion Malware Scanner

Download Now (32-bit) | Download Now (64-bit)

Unlimited free scanning and free 30-day version to remove detected malware
Runs on Windows XP/Vista/2000/2003/2008 and Windows 7

Behavioural Scan | Malware Characteristics

Behavioural Scan

SurfRight has done an extensive research of over 300,000 malware files to determine the common characteristics (behaviour) of malware. The Hitman Pro client uses this research in its Behavioural Scan, when it scans the computer for virus activities or suspicous files that have the characteristics of malware.

Malware Characteristics

Like everything else, malicious software always has a purpose. The malware writer only wants one thing: money. The traditional virus that cripples or destroys your PC is now quite rare. To make money the virus needs to be run and stay resident on the PC. This way the malicious software can steal your personal data, show pop-ups, or install fake software programs. The software can even turn your PC into a zombie as part of a botnet, using your PC to send spam or be part of a cyber attack. Of course, all this is going on without you noticing anything. To keep doing this, the malicious software needs to start automatically and protect itself from being removed by security software.

In our research we have been able to identify the common characteristics of malware. Hitman Pro scans the computer and rates each file based on its characteristics, such as:

  • Origin
  • File Entropy
  • PE analysis imports, anomalies common in malware
  • Discrepancies between API and raw data (rootkits)
  • Read locked files using SurfRight RawCopy
  • Activity (process, modules, handle, network)
  • Uninstall abilities
  • Visibility (window, tray icons)
  • Presence (location, icons, etc.)
  • Communicating with web servers
  • Imitation of trusted process names
  • Autostart methods
  • Meta data (publisher, version, description, product name)
  • Authenticode digital signatures
  • Compression and encryption
  • Probable sources (ex. IE cache escape)
  • Query public sources for security gossip and safety classifications

Hitman Pro scans a computer and is in a matter of minutes able to classify files as potentially malicious. For the files that are classified as suspicious, the Hitman Pro client sends a request to the Scan Cloud for confirmation if these files are indeed malicious. Read more

  1. Behavioural Scan
  2. Scan Cloud
  3. Malware Removal

© SurfRight 2010  |  Disclaimer  |  Sitemap