I got to know Hitman Pro last year but didn’t post it out because I find it a little ridiculous to install it on a computer. Imagine that it installs ESET NOD32, Webroot Spy Sweeper, PC Tools Spyware Doctor, McAfee VirusScan, Ad-Aware, Spybot, TrendMicro CWShredder, Ewido Microscanner and SpywareBlaster to your computer then it updates and scans. Normally a computer that has been infected by malware would be running very slowly, installing all the software would definitely make it even slower. Moreover we haven’t even taken a look at the time needed to download the latest definition and also running a full scan…
The latest version of Hitman Pro 3 has changed and uses scan cloud. First Hitman Pro 3 will try to detect virus and files that have a suspicious behavior. Then it uploads to Hitman’s server to have it scanned with 5 antivirus engines that always scores very high in virus detection (GData, NOD32, Avira, PrevX and A-Squared). If the uploaded files are being detected as malicious, it will be removed.
I wanted check out Hitman Pro 3 myself because I read quite a lot of good comments on it from Wilders Security forum.
Good thing about Cloud Computing technology is you do not need a virus scanner installed on your computer as the scanning is done on the server itself. So you can expect a very low system load. The bad thing is it requires a working Internet connection and the behavior analysis has to be very good or else it can’t detect a malicious files and won’t upload it to the clouds for scanning.
I dropped a total of 22 malicious files (virus and trojan) on my test computer and ran a scan. Hitman Pro 3 took only 40 seconds to complete scanning. It detected 21 files as dangerous and uploaded to the clouds to scan with multiple antivirus engines. I was surprised that Hitman Pro missed one old VBS worm. I uploaded the VBS worm in VirusTotal and all 5 antivirus engines used by Hitman Pro was able to detect it as a threat. This shows that Hitman Pro has problems identifying threats in .vbs extension… Hopefully they’ll fix it in future versions. Before Hitman Pro can remove the malicious files, I must activate the program first. Since this is my first time testing Hitman Pro 3, I can activate a one-time free license valid for 30 days. When finished removing the virus, closing the program totally terminates it and doesn’t leave any hidden process at background.
Now I wanted to test if Hitman is able to remove a trojan that is infected on my computer. I infect my test computer with Bifrost trojan and then ran a scan. Sadly Hitman Pro shows ZERO identified traces meaning it failed detect the Bifrost trojan that is infected on my PC.
When I right click on the Bifrost trojan and select “Scan with Hitman Pro”, Hitman was able to detect is as a trojan and advice me to delete it.
Then I tried infecting my computer with Brontok and Sality virus, then run a full scan with Hitman to see if it can detect and remove the virus from my computer. Hitman immediately shows up a Runtime Error with the message “R6002 – floating point support not loaded” after clicking the Next button.
Hitman Pro 3 cost $19.95 for 1 PC valid for a year. Honestly I wouldn’t mind using Hitman Pro 3 as an alternative IF it is free but since it cost money, I can settle VirusTotal Uploader 2.0 which scans a suspicious file in cloud with 41 types of antivirus. Hitman Pro is NOT an antivirus and it is not made to protect your computer real time from viruses. It is more like a tool for you to scan suspicious file with 5 different antivirus engine based on its behavioral scan.
I also find that the Hitman Pro 3 licensing system is not very strong. Although there are not many cracks or no keygen for Hitman Pro 3 because of the online activation, but defeating the trial period is way too easy. When you activate the 30 day free license, two files will be created (HitmanPro.lic and HitmanPro.key) saved in application data folder. If you try to delete the 2 files, Hitman Pro license will be deactivated which lets you think that you can do this whenever the 30 days trial period is up. However, after 30 days you can no longer re-activate the free license and you will always get the error “Your free trial period for Hitman Pro is expired”. I found out that when you activate the one time free license, Hitman Pro’s server records your computer’s Security Identifier (SID). Every computer has a unique SID and the only way to change it is to reinstall Windows or you can simply look for some tools such as NewSID or GhostWalker to change them.
[ Visit Hitman Pro 3 Website ]
I like your analysis and review of Hitman Pro. very well done. I wonder if Hitman Pro was specifically designed to id and stop the redirect virus? My PC was infected big time with the dreaded google redirect virus and that windows xp antivirus thing. Hitman Pro id’d them in less than one minute and removed them. I have noticed that it doesn’t do to well in catching some other stuff. Panda AV caught some others. I was told not to use more than one AV on my PC but it seems two are necessary. I gave up on Avira when it failed to stop the redirect virus. Avira actually crashed.
Hitman Pro removed the dreaded Google redirect virus from my PC when every other download failed.
I am surprised so many of you do not think highly of this program. I think it is the bomb! It has succeeded where all others have failed. I will buy it when my 30 day free trial expires. When you get this virus,I bet you will come running to Hitman Pro to fix your pc!
I just bought a 1 year license to Hitman Pro as it was the only that manage to disinfect my PC. Was getting redirects to s/w sites and recruitment sites when clicking on Google links despite full Kaspersky scan (with ALL options checked) and full Ad-Aware scan and a couple of other free ones. Two days solid trying to sort the problem and Hitman sorted it in 10 seconds. It might miss a few but with Kaspersky too, plus diagnostics like TCPview and HiJackThis, hopefully it will be enough.
Hitman Pro is a great program.
is the hitman pro that you’re reffering here mr. raymon is the same with the hitman pro that mr.paul talking about i this post ??raymond.cc/blog/archives/2010/06/09/hitman-pro-when-you-need-it-gone/#comment-478855
then i can simply use your trick to bypass the 30 day period right??then i dont need his 1 year license anymore :P
thanks ray for your review :D
Hey man, great review, haven’t check your site in quite a while…
I recently loaded Hitman Pro 3.5 to rid my computer of the Atapi.sys rootkit. I did this because my computer was infected with the Google search redirect issue. It did correct the problem. I am now concerned with Hitman Pro. (Hitman Pro’s server records your computer’s Security Identifier (SID). Every computer has a unique SID and the only way to change it is to reinstall Windows
or you can simply look for some tools such as NewSID or GhostWalker to change them.) When the 30 day trial is up I do not want to purchase. I am confused, are there going to be issues if I don’t purchase? After reading the info you have me thinking Virus Uploader is the better option. What do I need to do to rid my computer of Hitman?
Everywhere I go something new is always around claiming it’s the best anti-virus,anti-malware,scanner,firewall,internet suite,etc.,etc.Seriously,I want to know which,one security is right for all systems,mobiles, maybe kaspersky,panda,bitdefender,bullgaurd,agnitum outpost firewall pro,A-squared,not really sure.Please help!!!!
thank you for good program
I think that OSAM AntiRookit with Online Malware Scanner is really better. New version of OSAM v5.0 is not reviewed yet. Previos version was revied 1 year ago here:
raymond.cc/blog/archives/2009/01/15/osam-a-powerful-and-reliable-autorun-manager-with-online-malware-scanner/
Happy New year Ray…..
No I always do all my test on a real Windows environment, not in virtual because some trojans and cryptors can be configured to stop running when being ran in VM.
I’m very familiar with bifrost and I am sure it is active on the system. I can even remote control it using the client software.
Bifrost injects itself to %defaultbrowser% so that it can FWB (firewall bypass).
Thanks
I tried a couple of Bifrose samples in VMware but they all failed to run as these won’t run in a virtual environment.
@Raymond
Did you use VMware to test? Are you sure that Bifrose was active on the system? How did you check it actually ran? As this might be the reason the Bifrose was not detected as it was not on the system at all…
never won, but never give up to try .. :) lol
@Erik
“Though it should have detected the Bifrost malware. I assume this piece of malware needs to survive a reboot so Hitman Pro should have found that one.”
i agree, thats wat i first thought while reading the article
I know in the article you say that a normal AV installed on your computer isn’t needed when using this kind but can you keep your AV and use this too? Just curious.
I really enjoyed the article and seeing I am not a technician it helps me to make a more informed choice in what to use when considering anything new.
Thank you for the article. Hugs Silk40dd
Seems to report a lot of false positives; probably because of A-Squared. That’s not a bad thing; it just means you need to screen the results with Virus Total.
The best thing is that it is quick. It’s not worth paying for, though, if you have some other av protection (which you should)
Nice review!
Hitman Pro uses 7 different antivirus engines (from 5 vendors). This as two vendors combine 2 engines. G Data uses BitDefender and Avast and a-squared uses the a-squared and Ikarus engine.
Out of 22 pieces of malware it just missed an old VBS file which is reasonable as Hitman Pro just analyzes PE-files. Hitman Pro does not scan data files like Office documents due to privacy reasons. That’s why the VBS file is missed.
Though it should have detected the Bifrost malware. I assume this piece of malware needs to survive a reboot so Hitman Pro should have found that one.
Hitman Pro is a second opinion scanner. It should detect more zero-day malware than any other product due to the combination of multiple AVs (hence, 7 know more than 1).
The trick is that it is fast and doesn’t conflict with your current AV. This is all possible due to scanning in the cloud. The analysis is done on servers on the internet and the result of scans is shared among the users. This reduces load significantly and the analysis work has not to be performed on the local computer.
A regular computer has well over 20.000 PE-files and a scan just takes 1-2 minutes.
More features and different scan methods are coming in 2010 as well as real-time protection.
Happy New Year to you all!
Nice review Happy New Year 2010 to all of you.
Thanks for the review Raymond.
Happy New Year, Raymond!!! May the best things happen to you and your family in 2010!
Raymond, Thanks for the review. I think I’ll pass on this one. Have a Happy New Year.
@Raymond,
You’re completely right when you say Virus uploader 2.0 is a better option than Hitman Pro.
I’d also mention scanner.novirusthanks.org/ as another good service to check files on line for potential threats.
Have a very nice 2010 for you and your family!
Thanks for all your advices and along 2009 year.
I want to try it
Detected autoruns (Microsoft systernals) as a Trojan. Definitely needs to update its detection/heuristic prediction methods
@acr: Yes bifrost is running in memory and injected into a process which HMP did not detect anything.
People who want good software but don’t want to pay for it are leeches upon society.
Thank You for The Review & Happy New Year Everybody ….
Useful review, thanks a lot Ray.
Raymond I hear that HMP sometimes misses on demand scans for files not on the desktop. When you had Bifrost installed was it running in active memory? I believe HMP only scans what is in active memory.
Hey Raymond & others,
CHeeerz!!!
Just wanted to tell you how I appreciate the stuffs you publish here from time to time & especially the stuffs you give:)
Advanced Fruitful and Joyful Greetings for the coming 2010!!!
– abs:)
@thathagat: I’ve actually written about this review months ago but never got to post it. Then I updated the review but messed up one of the screenshot.
Thanks for taking note of it and I’ve updated the screenshot.
Happy New year…..Ray
I am learning a lot through your website
Hi,
Thanks for this review .
Best regards and HAPPY NEW YEAR to you and your family !
happy new year. Keep posting for forthcoming years
happy new year ray. keep posting for forthcoming years
nice one, but previously I have horrible experience with this security software .
A very Happy new year Ray
ray… why are there two different builds…..68 and 84 in your review?
I tested myself the Panda Cloud Antivirus. Can you make a review about?
Happy New Year Ray.
I like Hitman Pro. It is usually the first tool I use when repairing infected computers. I wouldn’t purchase it for myself or rely upon it solely, but it is an effective tool to have in your virus/malware removal kit.
Happy New Year Ray,and all the best….
Raymond.I wish to you good new year.
nice one. but hitman is not so good compared to dr web cureIT or combofix.
Useless!
Thanks for review Raymond.
Where I can find NewSID or GhostWalker to download?
Happy New Year!
Thanx Raymond for an excellent review