image

HitmanPro

HitmanPro Review

By: Sophos.com

Visit Website

Overview

A product from Sophos.com offers an advanced level of malware scanning and removal along with antivirus. The product quickly scans and cleans malware and also scans the bad behavior of various apps, which could lead to more significant problems. HitmanPro relies on a variety of databases from different security labs. Currently, it is available for Windows-based PC and has many business solutions, as well.

Detailed Review

Computer devices are a big craze since they were invented. As technology progressed, we got high-tech and advanced systems. With them, rose the dark side of the technology. The dark side of technology leads to many malicious usages like hacking, dark web, information stealing, data destruction, data corruption, and many more.

Apart from these big names, malicious files have always been a norm to cripple a healthy system. Since the beginning of the internet era, computer infections are spreading rapidly.

To fight these viruses, programmers came up with tools that can detect and remove these infectious files. These software programs are called Anti-Malwares, or Anti-Virus software.

Both of them are commonly known to the majority of masses who use computer devices. The threats are constantly inflowing in the system, and so, we need protection in our systems to secure them from such attacks. For that, we use reputed anti-malware or anti-virus programs.

Pros

  • Super light-weight and portable setup.
  • Click-based interface for scanning and cleaning the system. No prior experience is necessary.
  • It has a malware detection database from over 5 anti-virus labs.
  • We can integrate other malware scan tools like VirusTotal to reinforce system security.
  • The scan detects the threat based on the process code as well as via behavioral inspection.
  • It generates the most detailed logs among most anti-malware tools. These logs are readily accessible via text files.
  • It comes with an Early Warning Scan( EWS) to protect against zero-day malwares and APTs( Advanced Persistent Threats).
  • It comes with a fully unlocked, free of cost 30-day trial version.

Cons

  • No real-time scan. That makes it quite costly for mere scan and removal function. Also, internet connection is needed for cloud-based scan.
  • The EWS may return many false-positives, and so it needs advanced knowledge to separate the suspicious files from the chaff.
  • Customer support methods need some extension via live chats and phone systems.
  • No pause feature after the scanning process The scan scheduler can be made a bit more detailed.
  • No custom scan, and the scan is limited to check the OS drive only. This can leave the complex infections that are capable of operating from other drives/network locations.

Prologue

When it comes to Anti-Malwares, they are called a toned-down version of an anti-virus software. Among many such malware removal software, we have picked HitmanPro Anti-Malware for today’s review.

Recognized with a good reputation in the field of computer security, this software was made by SurfRight in 2009. With time, their software began to improve and gained a lot of popularity. After that, in the year 2015, they were acquired by Sophos Group plc.

They claim to have provided their product service to more than 100 million people and 300k businesses. There are many top companies like Pixar, Xerox, Toshiba, Ford, etc. who utilize their services for protecting their systems from malwares.

HitmanPro is known to remove nearly all types of malwares, viruses, worms, trojans, rootkits, registry infections, and so on. The setup of this tool is abysmal compared to other anti-malware tools.

As we move on, the structure of HitmanPro will be reviewed thoroughly. There are many aspects of an anti-malware tool, which make it good or bad. Merely cleaning infections isn’t the task to be managed by these tools.

Also, every anti-virus tool has a certification program too. We will look into that too and see how the software performed, among other tools.

Quick Intro to HitmanPro’s Setup

HitmanPro comes with a minimal framework. The good part is that there is no need to install the program. What? You need to install it!

Well, yes! The program itself is in a portable format. You can pick it and carry along in any eligible device and scan them using it.

This is a significant advantage of incorporating a portable setup. However, it will download necessary files on a system to enhance its engine’s detection capabilities.

The main thing apart from storage space-saving is that in case of a prominent infection, which may affect every installed program, having a portable anti-malware or using a boot scan drive is essential. In such scenarios, such portable setups and boot disks have lesser chances of getting corrupted by the infections.

Apart from the rationales above, a portable setup is less resource-intensive and would not hang your computer device while scanning. But keep in mind that before the setup begins the job of scanning the system, it will download some essential definition files from Internet.

So, it is recommended to update the definition of an anti-malware for the latest threat detection services.

After the update, we can place the system for a complete system-wide scan. Now, just relax and watch it detect and destroy all types of infections. HitmanPro also consists of a 30-day trial version in this setup.

You can activate it after you verify the registered email ID. The setup being portable will not have so many sophisticated features. It has a very elementary structure, i.e. plug n play type.

Let us check what things we can tweak before commencing the scanning process.

Configuring the Setup for Scan

Since it is a portable setup, we will need to configure the scan settings before we begin. These settings, by default, are set to optimize the working of the anti-malware detection process.

In the setup of HitmanPro, you can hit the Settings Button in the lower status bar. This opens the configuration menu, from where we can set the criteria of a scan, actions before/after scan, schedule, etc.

In the first tab, we can assign several scan conditions like Scan Compressed Files, Upload Suspicious Files To The Cloud, Malware Remnants, Tracking Cookies, LNK Vulnerabilities, and PUPs( Potentially Unwanted Programs).

The next tab facilitates us to configure the schedule of a scan. As we know, this is a quite desired feature in most anti-malware or anti-virus tools. This is because the scanning activity takes time and is resource heavy too.

You cannot do multiple tasks together while your system is being scanned thoroughly. It will probably slow-down and hang out. For that reason, we prefer to postpone the system scan, at times where we are free of any work, and there are minimal background processes.

Now in the scan schedule, HitmanPro has given optimum choices. It does not have a meticulous section like Malwarebytes, Emsisoft, etc. For now, you can add the schedule per day of the week, or every day at a designated time.

There is also an option to postpone the scan in case a full-screen application is under use, like video games or presentations. It can be directly integrated into the Windows shell menu, which will allow it to be used from the Windows explorer.

As we move to the last section of the scan configurations, there are some advanced selections given by HitmanPro here.

In here, we can choose the access mode of the scan program as either Direct Disk Access, or Compatible Disk Access. Just below this drop-down button, we have an integration with VirusTotal.

VirusTotal is a cloud-scanner, used to scan and identify threats like any other anti-virus tool. All you need to do is create a VirusTotal account and then insert the API here. It has an online cloud service that scans a file for any type of infection.

HitmanPro will utilize the cloud scanner of VirusTotal and help to make the system safer. Before this, in versions 1 and 2 of HitmanPro, they had many more integrations than this. With time, old programs lost compatibility with the modern systems and had to be ditched by HitmanPro.

Once all these settings are configured, we can safely move on to see how the scan works.

Various Scan Types in HitmanPro

Among several types of anti-malwares, the requirements for the scan varies from the type of infections to area covered by a scan like single drive’s scan, full system scan, or just OS/system drive’s scan.

Due to these varied needs, anti-malwares are kitted with various scan categories. Among them, HitmanPro isn’t far from customizing as per the user’s need.

The scan menu can be accessed from the bottom status bar. From there, there is a small drop-down menu, named Next. There, you will see three main types of scans offered by HitmanPro.

These are the Default Scan, Quick Scan, and Early Warning Scan( EWS). Among them, a Quick Scan is used to check the key locations where most infections reside and clean them. It examines the processes running in the system memory, and then checks if any of them have signatures matching a malware program.

The Default Scan is used to scan an entire OS/system drive as well as other prominent locations where most malwares reside. For obvious reasons, the quick scan takes lesser time than an entire system scan.

EWS is for advanced users and is used in case you have a slower internet connection, i.e.; it limits the cloud interaction while scan and utilizes offline resources first.

Let’s begin with the Default Scan. Once you select the default scan, it will show a T&C menu, after which we need to select if we want to make a system copy or not.

With a system copy, we can scan the device regularly. Hit Scan Now button to start the procedure. The program will download any files necessary for the scan.

While scanning, you can see the threats popping-up in the central interface. The top portion shows the net scan percentage, and the time elapsed so far.

The color of the window changes to red if the program scans an infection. Once the scan is finished, the main window having a list of all discovered infections will be shown.

From here, we can do several operations on these infected files. It took about 12 minutes for the default scan to detect all the infections in our device.

In case of detected malwares, we have few options, i.e., to either delete, quarantine, ignore, or mark it safe. Apart from that, we can also view detailed information about a selected malicious file.

Now, there is a tools menu from where we can view overall integrations in their setup. Here, you will see the VirusTotal option in the tools menu.

This will redirect the users to the website interface of VirusTotal, which then will give more info about that file. You can see the list of anti-virus as well as anti-malware programs that have reported the file as a threat.

The program is highlighted as red if it is identified as malicious by many anti-malware tools, whereas files in green are marked safe by most anti-malwares.

This is an excellent extra feature to cross-check the threats with other programs by matching their malware database.

After that, we also had a warning for tracking cookies. These cookies are placed by websites to track your activities, and may sometimes act as a spyware. These cookies are directly removed after the scan.

We chose to quarantine the threats for now. Click the next button, and it will lock the files in the quarantine vault. The free version will show an ad at the end of the scan.

They themselves detect adware, bloatware, etc. and spam ads like that. Quite ironic! But these ads aren’t like those annoying pop-ups on different websites.

From the status bar below, use the Save Log option to save the information of a scan. The log files will save the details of the scanned system, total threats, threat types, scan type, scan mode, etc.

This is common in both default scan mode as well as quick scan mode. Lastly, we will have to review the Early Warning Scan.

As the name suggests, the results of this scan aren’t malwares. These are just warning about programs that are in the auto-start list, and have access to the core system files. It helps in knowing which file’s behavior is identified as safe and which ones are unwanted or suspicious.

The criteria to put them into this radar mostly includes the date/time of creation, location of the file, system access level, links to other programs, and so on.

Most of the time, we will get a lot of .dll files. In our case, about 80% of them were under the protection of WFP, i.e., Windows File Protection service.

After the scan, if you see any suspected files that aren’t part of the windows services or any known program, you can quarantine it. Click Finish Button, and then you can exit this process.

There is an irksome thing incorporated by HitmanPro here. The thing is that after a scan is over, the program is closed instantly. Users can’t go back to resume inspection of other drives. They’ll have to start the program again, which shouldn’t be the case.

The other issue we faced was that the program had no custom scan. This means that we cannot scan external drives, USB drives, CD drives, and other storages except the system OS drive. This was indeed limiting.

We asked customer support regarding this feature, and they said that the program scans the most common locations and infection hideouts only.

And so, there was no need to introduce the custom scan. They call it a behavioral scan. It looks for the specific signatures of various malwares at their ascertained locations. But as they say, what will they do if the malware’ location is outside the system/OS drive.

If the infections are made by a pro-users, that are capable of hiding in other drives and masking its process, it will become challenging to detect and root it out. We hope that they at least give us a custom scan feature to scan other drives as well as externally connected drives.

Lastly, the Quarantine Vault holds all the locked threats. It shows the name of the files, malware types, and they were quarantined. Then, there are typical choices to either free the file or remove it permanently.

The logs section is very detailed in it. We can see the list of processes that were running while it scans them, coupled with info regarding their details like author name, program control, user input, access level, version control, etc.

It is great to see HitmanPro give the info regarding these items in such details. The logs generated are in a text file, and so they can be easily copied and inspected.

Overall, it was a decent experience working with HitmanPro malware remover. The only con we could find is that there is no real-time protection in it. Other products in the similar range give us real-time protection too.

However, their other product HitmanPro.Alert has all features if HitmanPro along with the real-time protection system. It is priced at $35 and is $10 more than the basic HitmanPro software. This puts it among same price range as other products.

Closing Verdict

After studying all the features of HitmanPro, we can now pass a certain verdict on it. So from our experience, we think these tools are more than capable of removing the high-risk infections from the system. Yes, they are very reliable tools.

The engine used by them is top class, and so most of the infections won’t be spared. Even if some of them are missing from its engine’s database, its integration with other external engines makes sure that most malwares registered worldwide, are detected and removed.

The process of scanning was very efficient, and we did not encounter any issues in it. The system did not lag while the scan was going on, which is lovely. It can benefit lot more if they integrate custom scan feature too in the HitmanPro setup.

Overall, the pricing of the product is among the cheapest anti-malware programs. Therefore, we would indeed advise users to try HitmanPro. The one-month trial version is good enough to clean most of the infections, and also give a clear insight into the program’s potential.

Since real-time protection is not given in it, we can choose to integrate it with another antivirus, or try HitmanPro.Alert. After that, we can benefit from real-time monitoring, as well as from a reliable and exhaustive system scan.

Company Information

Company Name: Sophos.com

Submit a Review

(Rating)