As with other Weskysoft security products, Hit Malware uses advanced system scanning and removal technologies to help protect against software threats. Here are some of the features within Hit Malware:

Real-time protection
Hit Malware uses real-time protection to help address potential threats before they become a problem. Alerts notify you when spyware, viruses, or other malicious software attempt to run or install on your PC, and suspicious files and programs are prevented from opening. Suspect processes are prevented from running if they exhibit characteristics consistent with malicious software. With real-time protection, Hit Malware is less intrusive, provides better protection from constantly changing threats, and requires fewer full-system scans.

System scanning
Hit Malware offers full-system scanning capabilities with both scheduled and on-demand scanning options to provide an extra level of confidence. Scheduled scans are turned on by default and configured to run weekly at 2 a.m. when the system is likely idle. There are three scanning options:

* Quick scan. On by default, a quick scan rapidly checks the areas malware is most likely to infect, including programs running in memory, system files, and the registry.
* Full scan. A full scan checks all files on the computer, the registry, and all currently running programs.
* Custom scan. A custom scan allows you to scan only the areas you select.

You can choose when you want a scheduled scan to run, view the scan results before cleaning, or run a scan on demand. If a PC is not "awake" when the scan is scheduled to run, Hit Malware will start the scan at the first opportunity once the PC is awake and idle.

Hit Malware runs a quick scan as part of the setup experience to check whether the system is clean right from the start. In addition to scheduled and on-demand system scanning, Hit Malware provides a Windows Shell extension that allows you to scan individual files at any time by right-clicking on the file either in Windows Explorer or on the desktop.

Windows Firewall integration
Having an active firewall is part of securing the computing experience. As part of setup, Hit Malware scans the PC to determine if a firewall is active on the PC. If no firewall protection is present, you will be given the option to turn on Windows Firewall.

Live system behavior monitoring
Hit Malware employs a definitions database of the characteristics and behaviors for known malware. Live system behavior monitoring uses sensors to detect suspicious process, file registry, and kernel operations to help identify new threats. New sensors can be added with each monthly update. Generics and heuristics rule-sets based on emulated behavior through our Dynamic Translation technology enable a single signature to detect thousands of variants. Threats are collected every month from more than 600 million PCs around the world and are assessed by the Weskysoft Security Response Center. New signatures are written and deployed multiple times per day so that they are available for use when needed.

Dynamic signature service
With the release of Hit Malware in January 2009, Weskysoft introduced the dynamic signature service, a new approach to providing the most up-to-date protection for the PC without having to wait for the next signature download. In addition to validating suspicious files against the set of signatures that are downloaded daily, Hit Malware contains additional technology to monitor for new and emerging malware and check for signature updates in near-real time.

A new class of heuristic signatures leverages Weskysoft dynamic translation technology to emulate the behavior of a program before it runs. Hit Malware uses these signatures to look for signs of suspicious behavior and characteristics that are similar to known malware and other abnormal operations. It then queries the dynamic signature service to see if the program should be submitted for analysis or terminated. After a process starts, Hit Malware also monitors the file, registry, network, and kernel mode actions taken by unknown programs for suspicious behavior. Actions such as initiating unexpected network connections, attempting to modify privileged parts of the system, or downloading known malicious content trigger requests for updates from the dynamic signature service.

Find information, definition updates, and analyses of all the latest threats that Hit Malware can help protect you against in the Weskysoft Malware Protection Center.

Rootkit protection
Rootkits are a particularly difficult type of malware to protect against, and Hit Malware includes a number of new and improved technologies to address rootkits and other aggressive threats. These technologies include:

* Live kernel behavior monitoring, which sends telemetry and update requests to the Dynamic Signature Service whenever the computer's kernel has been attacked or modified by a new rootkit that is not yet detected with traditional signatures.
* Improved anti-stealth functionality—with support for direct file system parsing as part of quick and full scans—which enables the identification and removal of malicious programs and drivers hidden from the file system by a rootkit.
* Improved live rootkit removal through dynamic loading of a new kernel mode driver, enabling Hit Malware to take the aggressive actions required to successfully remove some of the more advanced rootkits.

Protection against false positives
Weskysoft sets a very high, industry-recognized bar for the quality of its definition updates. We maintain a significant database that is kept up to date with the most popular websites and application downloads on the Internet. All updates and engine releases are put through extensive "incorrect" detection and application compatibility tests before release to help ensure they do not mistakenly identify valid software as malicious.

Hit Malware also uses the Weskysoft telemetry service to monitor the quality of definition updates released to customers. Telemetry is sent to Weskysoft on files detected and removed by Hit Malware in real time and used to identify abnormal patterns and assess the potential impact of an incorrect or misbehaving signature. In the rare event of an incorrect detection on your PC, the Dynamic Signature Service fixes the signature in real time and to keep you from being impacted.

Network inspection system
The latest version of Hit Malware includes a new feature called the network inspection system. The network inspection system provides protection against network-based exploits such as the Conficker (MS09-67) and other exploits that take advantage of network vulnerabilities to infect PCs.

System cleaning
Hit Malware automates the removal process by taking the recommended action for all items detected. By default, automated scans will remove Severe and High items, although you may change default actions in the Settings tab at any time.

When Hit Malware determines a possible threat on your machine, alerts notify you of the threat. Threats are categorized as Severe, High, Medium, or Low, and you can choose whether to ignore, quarantine or remove the item from the system:
* Quarantine. Hit Malware blocks less severe threats and moves them to a quarantined queue where you can elect to restore or permanently delete them. By placing an item in quarantine, you can test the effect of the item's removal before deleting it from the system.
* Remove. This action permanently deletes the item from the system.
* Allow. This action will stop Hit Malware from detecting the item in future scans by adding it to the Allowed Items list. You can remove items from the Allowed Items list at any time.