Jump to content

hitmans pros best zero day malware finder

nsm0220

By nsm0220
in General Chat

 Share

Recommended Posts

GT500

GT500

Posted
Posted

HitmanPro incorporates scanners from several vendors, so it makes sense that their detection rate would be better then any of those scanners would have by themselves.

That being said, the makers of HitmanPro don't do the research themselves and they don't developer the scan engines themselves, so don't forget to give credit to the makers of the AV engines that are used in HitmanPro since those engines and the developers and researchers behind them are responsible for any good detection ratings that HitmanPro may have. ;)

Of course, I am reminded of something that Bruce Harrison once said. To paraphrase him, think for a moment of a test result where an AV product is able to detect 99.9% of the malicious samples, and the test was conducted by scanning a folder of 5,000 malicious samples. That leaves you with 5 malicious samples that were undetected. What if those 5 malicious samples were all 0-day infections, and were spreading more rapidly at the moment then the 4,995 samples that were detected? The sad truth about comparative testing is that, when you see your end results, you have no way of knowing if the malicious samples that were not detected are more common in-the-wild than the ones that were detected. It leaves you with an incomplete picture.

Link to post
Share on other sites
nosirrah

nosirrah

Posted
Posted

But not this one https://www.virustotal.com/en/file/9d732e99396aaaeb250e1eee35bc6067e6644fffef305844df6344b0f12f5bff/analysis/1378678821/ Note that my VT scan is ineed the first VT scan for this sample and it is indeed malware, a ransomer.

 

Its easy to find 0hour malware to make any vendor look good/bad.

Link to post
Share on other sites
Guest Sentoryn

Guest Sentoryn

Posted
Posted

It is easy to explaining the definition of zero-day, is the process of modifying the risk of a hacker in 24 hours, the parts are modified all the more difficult to detect. And here's an example from my scan to zero day malware:https://www.virustotal.com/pl/file/2f95dc8c5edb0031b09b5333e2df3fdc225d4f2fa7003f0fc7016d1cfb38652c/analysis/

 

Hitman Pro is a good scanner for today uses only three motors, Bitdefender, Emsisoft , Kaspersky :)

Link to post
Share on other sites
Guest Sentoryn

Guest Sentoryn

Posted
Posted

Can you scan suspicious files older version of Hitman Pro, but that's not possible because you updated to the latest which uses only three engine, see the link to the picture, which I gave up  :)

Link to post
Share on other sites
GT500

GT500

Posted
Posted

no its fp eate haves drop over the last year or two

I don't know what their FP rate was before Janurary of 2012, however since then I do have experience with their engine and its FP rate. The Ikarus engine would frequently cause Emsisoft Anti-Malware to fail in Virus Bulletin's testing, and as soon as the Ikarus engine was dropped in favor of the BitDefender engine Emsisoft Anti-Malware finally stopped failing comparative testing due to false positives.

The false positives may seem better in your own testing and personal use of products that include the Ikarus engine, however in both real-world situations and testing done by certain organizations the Ikarus engine tends to produce too many FP's.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.