HitmanPro Malware Removal Tool Archives

Spybot Search & Destroy. Windows Malicious Software Removal Tool. Avast Free Antivirus. Gridinsoft Anti-Malware. Xvirus Anti-Malware. In this article, you will be aware of the number of beneficial tools that helps your system to stay safe from malware threats. HitmanPro Malware removal toolHitmanPro Malware removal toolHitmanPro Malware removal toolHitmanPro is a portable anti-malware program, which aims to detect.

HitmanPro offers advanced malware scanning and removal tools. It clears up malware, viruses, trojans, worms, keyloggers, rootkits, trackers, and spyware. HitmanPro.Alert goes even further, stopping complex attacks and exploits in real time while increasing privacy.

There are many different types of computer malware and the ones that use rootkit technologies are the worst because they are hardest to detect and remove. Rootkit technology is able to hide its presence from the most basic tools built into Windows such as Task Manager, to your most trusted firewall or antivirus software and you won’t even know that it’s there. This is achieved through installing and loading kernel-mode drivers which can allow the malware to run with higher privileges.

Although 64-bit Windows operating systems are generally safe from rootkit infection because by default the operating system only accepts signed driver files, there were previous cases where legitimate digital certificates were stolen by hackers and used to sign rootkit drivers to bypass security software and Windows defenses. Antivirus software was not much of a help either because the Stuxnet worm successfully stayed infected on the computers for years before it was discovered by VirusBlokAda, the developer of VBA32 antivirus software.

Since antivirus software are far from being perfect in catching rootkits, we’ve put 15 dedicated anti-rootkit tools to the test and see if they are able to detect the 3 different keyloggers (All In One Keylogger, Invisible KeyLogger Stealth, Elite Keylogger) that uses rootkit technology which we have installed on our test system.


This free and portable anti rootkit tool by avast! is outdated and no longer being maintained since 2008 because it has been integrated into their antivirus program but can still be downloaded directly from their server. Using rootkit detection technology based on GMER, avast! ANTIROOTKIT only managed to detect All In One Keylogger while missing the other two driver-based rootkit keyloggers. Clicking the “Fix Now!” button successfully deleted the files after a restart.

2. AVG Anti-Rootkit

This free anti-rootkit tool by AVG suffers the same fate as avast! because it has been abandoned since 2006 due to the integration of this anti-rootkit into their antivirus software. The program requires installation, a reboot and either manually run as admin or disable UAC to run. The result of AVG Anti-Rootkit is also the same as avast! where only All In One Keylogger is detected while missing Elite Keylogger and Invisible KeyLogger Stealth. The “Remove selected items” button does not delete the infected files but replaces the last character of the file’s extension with an underscore, for example from .exe to .ex_

3. Bitdefender Removal Tool / Rootkit Remover

We weren’t able to determine the if Bitdefender’s antirootkit tool is called “Removal Tool” or “Rootkit Remover” because the program’s name and website says differently when they are the exact same application. Bitdefender Removal Tool is free, portable and up-to-date (last update on February 2013) but can only detect known rootkits through signatures and not the undetected ones. The scan takes merely a second to tell you if there are any rootkit threats detected. Both 32-bit and 64-bit versions available. Bitdefender Rootkit Remover fail to detect all 3 rootkit keyloggers.

4. HitmanPro

HitmanPro is a popular second opinion malware scanner that first uses behavioral analysis to determine if a file is a possible threat and then automatically uploads the file to have it scanned in the cloud with 5 different antiviruses for confirmation. Although HitmanPro is shareware, you can use it to scan your computer for free while removal is only available during the 30-days trial. All In One Keylogger was detected because Ikarus and G Data indicated that the file is malicious. HitmanPro found Elite Keylogger files to be suspicious but wasn’t flagged as a threat because none of the antiviruses detected it as malicious after the cloud scan. Invisible KeyLogger Stealth wasn’t detected at all.

5. Kaspersky TDSSKiller

Kaspersky TDSSKiller started off as a removal tool to detect and clean up the Alureon/TDSS/TDL rootkit and has grown to recognize a few other rootkits including bootkits. Upon testing, Kaspersky TDSSKiller missed all 3 rootkit keyloggers and even wrongly detected 3 legitimate system (.SYS) files belonging to COMODO Time Machine as suspicious objects with medium risk.

6. Malwarebytes Anti-Rootkit

Malwarebytes Anti-Rootkit is the new kid on the block for detecting and removing rootkits that is still in BETA status. It received a lot of reviews and publicity when it was released to public because everyone had very high hopes for products by Malwarebytes.

It is unclear what variants of rootkits can be detected by Malwarebytes Anti-Rootkit because it is not mentioned in their official website, but it failed to detect any of the 3 rootkit keyloggers during testing. A very useful tool called “FixDamage” that comes together in the ZIP archive file can be used to repair damages made by rootkit by restoring important Windows services.

7. McAfee Rootkit Remover

McAfee Rootkit Remover is a very simple and small (532KB) utility to detect and remove ZeroAccess and TDSS family of rootkits. The program runs on command line window, automatically checks for updates and takes only a few seconds to scan for rootkit infections. As expected, McAfee Rootkit Remover didn’t detect all 3 rootkit keyloggers as threat because it can only recognize 2 types of rootkits that was mentioned earlier.

8. Norton Power Eraser

We don’t normally see Symantec offering any of their tools for free. Even their rescue disk known as Norton Bootable Recovery Tool requires a valid product key to run. Thankfully there is one tool called Norton Power Eraser which is free to use for detecting and removing malware that is hidden deep inside the system.

It is a single portable executable file of only around 3MB in size. The Rootkit scan option is enabled by default in Settings and will first require a restart before performing a rootkit scan. Norton Power Eraser detected All In One Keylogger and Invisible KeyLogger Stealth. As for Elite Keylogger, one of the DLL files are flagged as unknown. Other than that, it also had 3 false positives by detecting COMODO Time Machine driver files as unsafe.

9. Trend Micro RootkitBuster

RootkitBuster is a free tool by Trend Micro that is able to check multiple locations in Windows such as the Master Boot Record (MBR), files, registry entries, kernel code patches, operating system service hooks, file streams, drivers, ports, processes and services to identify rootkit presence. It was last updated a month ago and has dedicated builds for both 32-bit and 64-bit.

RootkitBuster only managed to detect All In One Keylogger while missing the other 2. It also has the same false detection as Kaspersky TDSSKiller and Norton Power Eraser by wrongly identifying 3 system driver files as threats.

10. UnHackMe

UnHackMe is the only shareware rootkit killer with monitoring capabilities to auto check your computer for any possible rootkit infection. The trial version of UnHackMe allows you to use it for 30 days without limitation. The program’s user interface looks simple enough for beginners to use and you can even send the generated regrunlog.txt report file to their support center to obtain advice if you’re not fully sure the detected unknown/suspicious file is indeed malicious.

There are a few buttons such as stopping a service, deleting a registry key and disabling autorun to help disable the suspicious file but we found that most effective one is the “Delete File at Next Reboot” if the malware is very persistent. UnHackMe found All In One Keylogger and Invisible KeyLogger Stealth but missed Elite Keylogger.

As you can see from the results above, very few automated rootkit detection tools manage to detect all 3 rootkits. Norton Power Eraser did the best by confirming 2 infections with 1 unknown status. There is another category of antirootkit utilities designed for more advanced users to manually analyze, decide and remove rootkits which can be found on the next page.

12Next › View All

You might also like:

Detect and Remove DarkComet RAT Malware used by Syrian Government10 Free Anti-Malware to Scan and Remove Malwares3 Free Online AntiVirus Scanners to Scan for Malware from Web Browser6 Tools to Detect Zombie Bot Malware Infection on Windows ComputerList 3rd Party or Microsoft Drivers Installed in Windows with DriverView

austin o'brien2 years ago

perhaps winpatrol war. and winpatrol has a hidden folders viewer that might turn something up.


i would be curious if your samples would be visible in winpatrol. it has a tab for viewing “hidden” process etc.

janice marlow6 years ago

Very nice and great post.thanks for sharing.


This is interesting finding, especially none of the so-called-simple tools are able to detect all of them; unless you are using the manual / advanced methods

Bill9 years ago

1. Nice work. I hope you will provide n update on whether any of these tools find your three test cases 1 month and 3 months later.

2. Your original testing is critical but the reviews would be greatly enhanced by a incorporating recent results from elsewhere (e.g., how did TDSS Killer do in av-comparatives, av-test, or PC Mag)

3. As you note, some of the tested tools have not been updated in years so I don’t really see the point in testing those when you did not test several other tools that are more current.

4. I recently looked at RogueKiller. It has been around for awhile but now has a GUI. The site and documentation are in French but (slightly rough) English translations are available. RogueKiller is firmly in the advanced user camp. Some of the repairs are a bit heavy handed: options other than all or nothing are sometimes lacking.
RogueKiller checks for rootkits, rogue processes, rogue registry entries, rogue or untrusted drivers, and master boot record (MBR) modification. RogueKiller can even restore the Host file, delete Proxy entries, and repair shortcuts. Some features rely upon white and blacklists. Be _very_ careful.


Thank you verry much…

owolabi,babatunde oluwaseyyi9 years ago



Hello Ray,

Nice article.If you remember,there was a toolkit called AVZ(sorry,I don’t have any links,it is a Russian anti-malware which was later bought by Kaspersky).
Any chance you can try this?

leonardo9 years ago

dind’t knew about norton anti-rootkit, i have added it to my setup
thank you raymond, great review.


Ray,could you please test emsisoft toolkit and let us know what happened with the detection?Thank you

Raymond Author9 years ago

Hi joe, I’ve tested Emsisoft Toolkit and it only found one of the rootkit through signature. Another rootkit was partially detected because only the log file was being flagged but not the driver. The official website did not state anything about detecting rootkits which is why I did not include Emsisoft Toolkit.


Thanks for this info !!
Have you heard about this new AntiRootkit Remover called: OSHI Unhooker?
Have you tested it?

Raymond Author9 years ago

Hi Icaro, yes in fact I’ve already tested OSHU Unhooker but did not include it since it is not fully automated and failed to detect all 3 rootkits.


This is a really great test Raymond. It looks to me like none of these company’s are taking root kit detection very seriously, it looks like we will have to use multiple programs to do a reliable root kit scan on our systems. I thought for sure at least a couple of them would get it right. Bit Defender and Kaspersky were a big surprise to me, I thought they would both do pretty well.

Chuck9 years ago

Ray Any opportunity to see how MS’s MRT or Safety Scanner does against these three would be much appreciated.I think those are two of the most overlooked,and effective free tools with root kit removal capability available to date.


hi reym,
this is manoj from india appreciate your artical everytime followed last 4 5 yrs
thanks for posting such wonderful information free

B-boy/StyLe/9 years ago


Nice test, but you missed a lot of things here.
Which settings you used before the tests, there are the results from the scan etc.


TDSSKiller can be configured to detect unknown services

Aswar is really old. I prefer Gmer or AswMBR for bootkits.

Bitdefender created many tools for rootkits detection but they left them behind and they didn’t implemented them in one product as Kaspersky did with TDSSKiller.

HitManPro can be configured to scan with EWS
However you should be very careful when using HitManpro, because sometimes he can’t repair the BCD settings properly and the system will become unbootable.

You tested McAfee Rootkit Remover which is only for ZeroAccess and not McaFee Rootkit Detective?

Norton Power Eraser gives a lot of false positives.

Unhackme is not so good. The most of the time you should use RegRun Warrior CD to get the job done. Not very good for shareware.

Gmer can delete files and services…you can use batch files for that purpose.
For example:

gmer.exe -del service gasfkyeydxlkaw
gmer.exe -del reg “HKLMSYSTEMControlSet001Servicesgasfkyeydxlkaw”
gmer.exe -del file “%systemroot%system32driversgasfkyktfoqdtk.sys”
gmer.exe -del file “%systemroot%system32gasfkywsp8y.dll”
gmer.exe -del file “%systemroot%system32gasfkyyicofjwf.dat”
gmer.exe -del file “%systemroot%system32gasfkycpoyvxdq.dll”
gmer.exe -del file “%systemroot%system32gasfkyjktjolda.dat”
gmer.exe -del file “%systemroot%system32gasfkyetodsrmt.dll”
gmer.exe -del file “%systemroot%system32gasfkybgdkopjo.dll”
gmer.exe -reboot

The following products are missing as well:

Win64AST, avirarkd (Avira anti-rootkit), Vba32 AntiRootkit, SysProt, Rootkit Unhooher 3.8.388.590, RootRepeal, SanityCheck Home Edition (x64), Dr.WebCureIt (has a built in anti-rootkit), f-secure blacklight (yes it’s old but AVG anti-rootkit is old as well, so it can be included). :)

The other tools can be found here:

Anyway, thank you for the test. It was interesting to read it with my coffee. :)
Keep up the good work!



after along time… thank you for this nice article… i am using emsisoft malware for quite sometime…what are your ratings for this one raymond…

billy139 years ago

Thanks for the update!!!


Good rule of thumb I always say, is that when you have names like dhdbiquxyt.exe, you know you have something bad in there.

Jim9 years ago

Ray, have you tried Sophos Rootkit Remover? curious to see the results of the rootkits you tested.


Jim, the Sophos Rootkit Remover redirects me to their free Sophos Virus Removal Tool which failed to detect all 3 keyloggers. Check the “Additional Tests” information found on the end of the second page.

kash9 years ago

Thank you very much !
The best is UnHackMe.


Hi Raymond, I understand that GMER has been integrated with AVAST, but you can download GMER zip/exe from the GMER website and it’s being constantly updated. Is it the same one that AVAST is using or is it different? If different, could you test it out as well please?
Thanks for all the hard work! Malaysia Boleh!

HitmanPro Malware Removal Tool ArchivesReply
Raymond Author9 years ago

Hi Mark, the guy who created GMER works for AVAST which is why the “technology” in detecting rootkits used by GMER is integrated into AVAST products.


Appreciate this article.
Thank you!
I need this software!

Charlie9 years ago

Great posting Raymond. Really appreciate all the hard work that has gone into this article on AntiRootkits. Sure saves me (and others) a lot of time surfing the net only to find skewed opinions! Your final note is very apt and a friendly reminder to tread with care when using these tools – as you so eloquently state “No matter how user friendly or easy it is to use the anti-rootkit tools, you must use it with care”. Your testing of various tools in this regards makes the job that much easier. Thanks again and keep up the fantastic work on this site…


Useful test Ray, very useful.
Thanks a bunch Ray!

Merlin_Magii11 years ago

A very useful posting Raymond – Thank you.


Appreciate this article. Thanks!

Nicks11 years ago

Now that is a really good post Ray!
I love the post in which you test a software for us!
I guess in November you tested all the antivirus to find out the best and you said Avira is the best free antivirus so I switched to that!


As usual great test from Ray.

Mohamed11 years ago

thanks raymond
good info


Nice article, thanks for giving us links for many Antirootkits, it will be good for us, to keep at least one of these products in our computer and USB. Thanks,


Leave a Reply


  • 1. What is HitmanPro_x64.exe?
  • 2. Is HitmanPro_x64.exe safe, or is it a virus or malware?
  • 3. Can I remove or delete HitmanPro_x64.exe?
  • 4. Common HitmanPro_x64.exe error messages
  • 5. How to fix HitmanPro_x64.exe
  • 6. November 2021 Update
  • 7. Download or reinstall HitmanPro_x64.exe

What is HitmanPro_x64.exe?

HitmanPro_x64.exe is an executable file that is part of HitmanPro 3 developed by SurfRight B.V.. The Windows version of the software: is usually about 9618208 bytes in size, but the version you have may differ.

The .exe extension of a file name displays an executable file. In some cases, executable files can damage your computer. Please read the following to decide for yourself whether the HitmanPro_x64.exe file on your computer is a virus or malware that you should delete, or if in fact it is a valid Windows operating system file or reliable application.

Recommended: Identify HitmanPro_x64.exe related errors
(optional offer for Reimage - Website EULA Privacy Policy Uninstall)

Is HitmanPro_x64.exe safe, or is it a virus or malware?

The first thing that will help you determine if a particular file is a legitimate Windows process or a virus, is the location of the executable itself. With HitmanPro_x64.exe for example, it's path will probably be something like C:Program FilesSurfRight B.V.HitmanPro 3HitmanPro_x64.exe

To determine it's path, open Task Manager, go to View -> Select Columns and select 'Image Path Name' to add a location column to your Task Manager. If you find a suspicious directory here, it may be a good idea to investigate this process further.

Another tool that can sometimes help you detect bad processes is Microsoft's Process Explorer. Start the program (it does not require installation) and activate 'Check Legends' under Options. Now go to View -> Select Columns and add 'Verified Signer' as one of the columns.

If the 'Verified Signer' status of a process is listed as 'Unable to Verify', you should take a moment look at the process. Not all good Windows processes have a Verified Signature label, but neither do any of the bad ones.

The most important facts about HitmanPro_x64.exe:

  • Name: HitmanPro_x64.exe
  • Software: HitmanPro 3
  • Publisher: SurfRight B.V.
  • Expected Location: C:Program FilesSurfRight B.V.HitmanPro 3 subfolder
  • Expected Full Path: C:Program FilesSurfRight B.V.HitmanPro 3HitmanPro_x64.exe
  • SHA1: D042025B6B2B17C6A2FFD564F1F95876AF216468
  • SHA256:
  • MD5: 967E32636FCE9A1E96551CC14A2FAAB9
  • Known to be up to 9618208 bytes in size on most Windows;

If you had any difficulties with this executable, you should determine if it's trustworthy before deleting HitmanPro_x64.exe. To do this, find this process in Task Manager.

Find its location and compare the size etc with the above facts.

If you suspect that you may be infected with a virus, then you must attempt to fix it immediately. To delete the HitmanPro_x64.exe virus, you must download and install a full security application like this. Note that not all tools can detect every type of malware, so you may need to try several options before you're successful.

In addition, the functionality of the virus may itself affect the deletion of HitmanPro_x64.exe. In this case, you must enable Safe Mode with Networking - a secure environment that disables most processes and loads only the most required services and drivers. When there, you can run a security program and a complete system analysis.

Can I remove or delete HitmanPro_x64.exe?

You should not delete a safe executable file without a valid reason, as this may affect the performance of any associated programs that use that file. Be sure to keep your software and programs up to date to avoid future problems caused by corrupted files. With regard to software functionality issues, check driver and software updates more often, so there is little or no risk of such problems occurring.

The best diagnosis for these suspicious files is a complete system analysis with either ASR Pro or this antivirus and malware remover. If the file is classified as malicious, these applications will also delete HitmanPro_x64.exe and get rid of the associated malware.

However, if it is not a virus and you need to delete HitmanPro_x64.exe, then you can uninstall HitmanPro 3 from your computer using its uninstaller. If you cannot find it's uninstaller, then you may need to uninstall HitmanPro 3 to completely delete HitmanPro_x64.exe. You can use the Add/Remove Program function in the Windows Control Panel.

  • 1. In the Start menu (for Windows 8, right-click the screen's bottom-left corner), click Control Panel, and then under Programs:
    o Windows Vista/7/8.1/10: Click Uninstall a Program.
    o Windows XP: Click Add or Remove Programs.
  • 2. When you find the program HitmanPro 3, click it, and then:
    o Windows Vista/7/8.1/10: Click Uninstall.
    o Windows XP: Click the Remove or Change/Remove tab (to the right of the program).
  • 3. Follow the prompts to remove HitmanPro 3.

Common HitmanPro_x64.exe error messages

The most common HitmanPro_x64.exe errors that can appear are:

• 'HitmanPro_x64.exe Application Error.'
• 'HitmanPro_x64.exe failed.'
• 'HitmanPro_x64.exe has encountered a problem and needs to close. We are sorry for the inconvenience.'
• 'HitmanPro_x64.exe is not a valid Win32 application.'
• 'HitmanPro_x64.exe is not running.'
• 'HitmanPro_x64.exe not found.'
• 'Cannot find HitmanPro_x64.exe.'
• 'Error starting program: HitmanPro_x64.exe.'
• 'Faulting Application Path: HitmanPro_x64.exe.'

These .exe error messages can occur during the installation of a program, during the execution of it's associate software program, HitmanPro 3, during the startup or shutdown of Windows, or even during the installation of the Windows operating system. Keeping a record of when and where your HitmanPro_x64.exe error occurs is important information when it comes to troubleshooting.

How to fix HitmanPro_x64.exe

A clean and tidy computer is one of the best ways to avoid problems with HitmanPro_x64.exe. This means performing malware scans, cleaning your hard disk with cleanmgr and sfc /scannow, uninstalling programs you no longer need, monitoring any auto-start programs (with msconfig), and enabling automatic Windows updates. Don't forget to always make regular backups or at least define recovery points.

If you have a bigger problem, try to remember the last thing you did or the last thing you installed before the problem. Use the resmon command to identify the processes that are causing your problem. Even in case of serious problems, instead of reinstalling Windows, you should try to repair your installation or, in the case of Windows 8, by executing the command DISM.exe /Online /Cleanup-image /Restorehealth. This allows you to repair the operating system without data loss.

To help you analyze the HitmanPro_x64.exe process on your computer, you may find the following programs useful: Security Task Manager displays all Windows tasks running, including built-in hidden processes such as keyboard and browser monitoring or auto-start entries. A single security risk rating indicates the probability that it is spyware, malware or a potential Trojan horse. This anti-virus detects and removes spyware, adware, Trojans, keyloggers, malware and trackers from your hard disk.

Updated November 2021:

We recommend you try using this new tool. It fixes a wide range of computer errors, as well as protecting against things like file loss, malware, hardware failures and optimizes your PC for maximum performance. It fixed our PC quicker than doing it manually:

  • Step 1 : Download PC Repair & Optimizer Tool (Windows 10, 8, 7, XP, Vista – Microsoft Gold Certified).
  • Step 2 : Click “Start Scan” to find Windows registry issues that could be causing PC problems.
  • Step 3 : Click “Repair All” to fix all issues.

(optional offer for Reimage - Website EULA Privacy Policy Uninstall)

Download or reinstall HitmanPro_x64.exe

Hitmanpro Customer Support Number

It is not recommended to download replacement exe files from any download sites, as these may themselves contain viruses etc. If you need to download or reinstall HitmanPro_x64.exe, then we recommend that you reinstall the main application associated with it HitmanPro 3.

What is HitmanPro 3

HitmanPro 3 (64-bit) is a second opinion scanner, designed to rescue your computer from malware (viruses, spyware, and rootkits.) that have infected your computer despite all the security measures you have taken (such as anti virus software and firewalls.).You do need a second source to make sure you are secure.

Operating system information

HitmanPro x64.exe errors can occur in any of the following Microsoft Windows operating systems:

  • Windows 10
  • Windows 8.1
  • Windows 7
  • Windows Vista
  • Windows XP
  • Windows ME
  • Windows 200

HitmanPro Malware Removal Tool Archives Free

RECOMMENDED:Optimize your computer and troubleshoot errors with this simple fix for Windows!

Hitman Pro Malware Removal Tool Archives 2017

Other files in HitmanPro 3:

Other software titles by SurfRight B.V.: