Hitman v3.5 Replacement

Discussion in 'other anti-virus software' started by whitedragon551, May 23, 2010.

Thread Status:
Not open for further replies.
  1. ALiasEX

    ALiasEX Registered Member

    Joined:
    Mar 30, 2010
    Posts:
    240
    I have had about as many false positives with Hitman Pro as with Malwarebytes (I don't use Malwarebytes anymore). About a couple.
     
  2. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,264
    Location:
    USA
    This is unfortunate. I think IP has the potential as Im a beta tester and seldom participate in betas.

    I wish GAOTD would do another Hitman Pro v3.5 giveaway or that Panda would offer most options to scanning, configuration, etc.
     
  3. icr

    icr Registered Member

    Joined:
    Sep 6, 2008
    Posts:
    1,589
    Location:
    UK
    I too wish this can take place:eek:
     
  4. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,264
    Location:
    USA
    Lets organize a mass emailing to GAOTD.

    Im trying out Panda again. Seems things have changed since I used it on my wifes netbook last.
     
  5. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    To worse or better?:D
     
  6. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,811
    Location:
    Kolkata, India
    I don't understand why can't Hitman do false positives. It uses Emsisoft engine (famous for that), G-Data, Prevx, Nod32 all have some sort of false positives. These will all be summed up in Hitman's detection.
     
  7. 3x0gR13N

    3x0gR13N Registered Member

    Joined:
    May 1, 2008
    Posts:
    849
    Not really... Sure it can inherit some of the FPs, but not all. HMP uses it's own scanning method to determine suspicious files (+ whitelist)and then uploads them to the Cloud for scanning. If a2 had a FP on a file that HMP didn't deem suspicious/had it whitelisted, it's not going to flag it.
     
  8. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,264
    Location:
    USA
    I think for better. It now allows custom scanning choices so I can scan my entire HD. It also allows you to choose weather or not to automatically handle threats or if the user can do it. Those were the two main issues I had with it before.
     
  9. Matthijs5nl

    Matthijs5nl Guest

    Ofcourse you have to chance of getting 6 times higher False Positives with Hitman Pro than with a single scanner. But the fact is not all vendors have a lot of false positives, probably only Emsisoft en GData will provide some FP's, ESET is really one of the kings in not having FP's.

    But like previously said Hitman Pro's scanning methods is really different. It doesn't check all your files with signatures. First it builds up a list of files which are of any potential interest for malware (at my pc it scans 14000 files), then it checks wether it actually contains some sort of malware-ish behaviour, and only after that it checks the file in the cloud.

    For example: I run Hitman Pro once in the like 2 weeks. I have the program for like 1,5 years: so 52*1.5*0.5 = a total of 39 scans. I think Hitman Pro uploaded here 3 times a file to the cloud (once a just installed file belonging to a NVIDIA driver, which after scanning wasn't flagged as Suspicious anymore, once the RelaventKnowledge thingy flagged as spyware (in my opinion it ain't, it gives you a proper uninstall item) and one I can't remember, but also clean).
    For each scan it uses the previously mentioned list of potentially infectable files: at my pc about 14000 files (1 min and 20 sec scan time).
    So it scanned a total of 14000*39 = 546000 files.

    This means IN MY CASE the maximum possible rate of false positives is: 3/546000 *100% = 0.000545%. (You could also say (1/0.000545): I will encounter 1 false positive in the 1834 year (minimal 1834 years).
    Not bad huh?, I mean: the chance of getting killed in a traffic accident caused by some drunk idiot is larger.
     
    Last edited by a moderator: May 24, 2010
  10. tipo

    tipo Registered Member

    Joined:
    Dec 29, 2008
    Posts:
    440
    Location:
    romania
    they have the same av engines (emsisoft & ikarus) and interfaces
     
  11. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,264
    Location:
    USA
    Has anyone encountered or tested these?
     
  12. icr

    icr Registered Member

    Joined:
    Sep 6, 2008
    Posts:
    1,589
    Location:
    UK
    I have tested MalAware, the scans are really fast and the detections is quite good but it only shows number of detected malware and provides removal of malware which are <5 in number (And then tells the user to buy Emsisoft AntiMalware)
     
  13. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,264
    Location:
    USA
    Sounds like a no go then. I dont have time for annoying ads.
     
  14. icr

    icr Registered Member

    Joined:
    Sep 6, 2008
    Posts:
    1,589
    Location:
    UK
    Yeah I do better use PCAV or even Immunet v2 when it will be released as I will have a 12-Month license:)
     
  15. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,264
    Location:
    USA
    Im in on the IP beta as well and I hope it gets good fast.
     
  16. ratwing

    ratwing Guest

    HitManPro 3.5.5 Build98 detects Online Armor Cloudscan exe,as Malware.(but only with the full scan,not the right click.)

    Strangely,it does not detect the newest version of MalAware.

    It also does not have a drop down to show which engine(s) is responsible for the fp.
     
  17. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,811
    Location:
    Kolkata, India
    You can know that by uploading to VT.
     
  18. ratwing

    ratwing Guest

    Namaste sg09,

    Good idea,but I get 40/0 at VirusTotal on OnLineArmour Cloudscan exe.
     
  19. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,065
    Have you tryed autorun angel?

    I have used it on my clients systems and it did correctly identify the malware.
    its a very quick program and its tiny.
    I havent had any false possitives with it.
    the default option is tio hide safe files. only the unknown and unsafe files are shown.
     
  20. AvinashR

    AvinashR Registered Member

    Joined:
    Dec 26, 2009
    Posts:
    2,063
    Location:
    New Delhi Metallo β-Lactamase 1
    Its better to send those malware to respective company for further analysis or information...
     
  21. ALiasEX

    ALiasEX Registered Member

    Joined:
    Mar 30, 2010
    Posts:
    240
    Does it say 'Suspicious'?
     
  22. Matthijs5nl

    Matthijs5nl Guest

    Indeed.

    There should clearly be a dropdown arrow on the left which you can click to see which engine develops the false positive, if it really is detected as Malware.

    Like AliasEX says, it could also be Suspicous, then it ain't recognized as malware by any cloud engine. The behavioral scan just thinks it is malware by looking at the file's behaviour and characteristics, but the file wasn't found in the cloud.
     
  23. ratwing

    ratwing Guest

  24. Matthijs5nl

    Matthijs5nl Guest

  25. ratwing

    ratwing Guest

    Thank you Matthijs5nl!!!

    You are of course right.
    My bad.
    The detection is by Prevx as "Medium Risk Malware"


    respect noor
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.