CBAD Cloud Antimalware 2014

[Kardo Kristal]

@Nico@FMA

First impressions:

+ Fast installation
+ Very light on system
Info: RAM usage between 1 to 4 megs (Quick scan), usually under 1 meg (On Standby)
+ Clean and easy to use interface
+ No slowdown

Possible bug:

"Add context menu item" is not working or I missed something (tried to enable it with Admin rights)?

Questions:

1. Is it correct that Full scan button is disabled by default?
2. What is the location of detection log?

Just tried Quick scan and Manual scan - no problems

As already noted: OS - Windows 7 32-bit.

So far it seems great. Any questions, just let me know!

Regards,
Kardo

 

[Nico@FMA]

@Nico@FMA downloaded & Installed the the Beta version

• Download & install was fast without problems on Windows 7 SP1 64-bit
  
• Quick scan took 3.4 minutes on Ultra Deep,0.6 minutes on Simple & 0.7 minutes on Deep
• It detected all of my side projects which are also detected by Kaspersky,EIS,MBAM,HMP & ESET(and probably most others)
• My Machine is clean.There were no FP's
• Scanning was very light and overall no bugs or conflicts
• Performed one manual scan on Simple which performed well with same results as quick scan and no FP's
• Full Scan Button doesn't work.Will that work in the final release?
• I did not test it against any malware
  
  All in all I think it is a very good program and look forward to the final product.

Thank you for testing, and i am happy that the beta performed this well. Specially the engine given its home grown design was a bit of hassle and reason for worry. Afterall developing a own engine with new technology looks good on paper and even on a test machine.
But having it perform in the public is like a kid being born, 100's of things that can go wrong.
The full scan button is not enabled at this point, for practical reasons. The cloud infrastructure is being upgraded as we speak and when thats ready then the full scan will be enabled as well. Call it better save then sorry.
Let me know how it performs on RL malware (just keep in mind that we are still working on the algorithm so the detection will not be fantastic out of the box.
In the next few weeks you will see the detection capacity go up dramatically as right now its just running bare bone for this BETA version, 90% of its capacity has not yet been enabled.
Anyway again thanks man and let me know.

Cheers

@Anupam I suggest you read the information on the main topic, there is exactly explained why its a NG engine and how it works.
Its not a fancy term (I would call that a insult to our work), but ill guess that guys like for example @exterminator20 and others can tell you what it actually means as i assume that you are not aware of the terminology that is being used, to explain everything.

 

[Exterminator]

I also ran the program with Admin rights and it was not added to the context menu(Nice feature to have though)
Same problem as @Kardo Kristal I cannot locate the detection log
I also tried a manual scan and then tried to use the "Quit" option.It did stop the scan on quick scan however on manual scan after clicking "Quit" it hung and I had to kill it via task manager.Might be nothing but worth a mention.
For a Beta I thought it really did well and bugs are to be expected.

 

[Nico@FMA]

@Nico@FMA

First impressions:

+ Fast installation
+ Very light on system
Info: RAM usage between 1 to 4 megs (Quick scan), usually under 1 meg (On Standby)
+ Clean and easy to use interface
+ No slowdown

Possible bug:
"Add context menu item" is not working or I missed something (tried to enable it with Admin rights)?

Questions:
1. Is it correct that Full scan button is disabled by default?
2. What is the location of detection log?
Just tried Quick scan and Manual scan - no problems
As already noted: OS - Windows 7 32-bit.
So far it seems great. Any questions, just let me know!

Regards,
Kardo

Thanks m8, No the context menu works when admin enabled, however it only works on folders for practical reasons.
Afterall its a beta. Full scan is not enabled as i told @exterminator in my previous reply.
Work in progress.
Detection log can be found in install folder, c:\CBAD\

Since you have your own AV program, maybe you could explain @Anupam why my engine is N-Gen as i assume that you do understand what i did write, obviously i could say it myself, but hearing it from a different person would help me to, as these questions make me doubt if i was clear enough in my introduction.

Kind Regards Nico

 

[Nico@FMA]

@everyone

Guys please when posting bugs or asking questions, please read the topic and its replies to check if your question, or bug has not yet been noted, otherwise i keep explaining things 40 times.
Thank you.

Ps just added this to the main topic:

Updated info:
1: Context menu does work only on folders run as admin or activate it within the program.
2: Full scan is not enabled yet.
3: Detection log can be found in: c:\CBAD\

 

[Kardo Kristal]

@Nico@FMA
In my opinion Next-Generation description by Nico is clear enough.

FMA Intel-Secure CBAD Cloud Antimalware 2014 will include Next-Generation technology to detect
and remove: Malware, Viruses, Exploits, Rootkits, Adware, Spyware, PUP, Rogue software and Zeroday
threats.

The key word here is technology.

@Anupam
.. or take a look at here (example) - http://dictionary.reference.com/browse/next-generation

Regards,
Kardo

 

[Kardo Kristal]

@Nico@FMA

Thanks for the information about context menu item, Full scan and Detection log.
I can confirm that Context menu item is enabled for folders.

Regards,
Kardo

 

[Nico@FMA]

@Nico@FMA

Thanks for the information about context menu item, Full scan and Detection log.
I can confirm that Context menu item is enabled for folders.

Regards,
Kardo

sweet you got me worried for a second.

 

[Sasa]

Norton blocked it when i tried to open it at first had to disable auto protect

It was doing a great job then it stoped for more than 10 min on the same scan area without doing any thing else

adding a timer would be great idea because i cant really figure out if it is working or not

what does the power thing mean at the scanning area?

and is it detecting it self?! see the attached file please

 

[Nico@FMA]

Norton blocked it when i tried to open it at first had to disable auto protect

It was doing a great job then it stoped for more than 10 min on the same scan area without doing any thing else

adding a timer would be great idea because i cant really figure out if it is working or not

what does the power thing mean at the scanning area?

I assume you have Norton 360 or Norton Internet Security, in both cases the firewall blocks the connection to our cloud.
If the scan hangs then this means that the engine does not get feedback from the server or is not able to send to the server.
So make sure that your firewall allows it.
Due to the fact that this is a new program (Low reputation) Vendors like Norton and many others will block, flag or warn about it.
Thats normal specially because this is a BETA and is not digitally signed yet.

The power thing is the accelerator within the engine as it reads the code within a file, ones a code is found clean the engine will remember that and skip that specific code in future files as its already deemed clean. It specifically looks for code that is malicious while leaving all others. So when you see the power jump up then this means that the engine skipped a bunch of code as it already got scanned in a previous file (Some files have pretty much identical code specially MS system files) and since the engine specific looks for malicious code it will ignore previous scanned clean code. Its way more complex then that but this is pretty much the easiest way i can explain it.

Good questions, cheers

 

[Av Gurus]

I installed on virtual machine with Avast free on.
Here are my first impressions.
RAM usage when scaning is low (about 1-1.5MB) .

In a folder with malware pack (2 days old) Avast is left 13 files, this program find 20 malware files

I must restart to clean

After restart i look in folder and it left 3 files, checking them on VirusTotal and it says it's malicious

 

[Sasa]

I assume you have Norton 360 or Norton Internet Security, in both cases the firewall blocks the connection to our cloud.
If the scan hangs then this means that the engine does not get feedback from the server or is not able to send to the server.
So make sure that your firewall allows it.
Due to the fact that this is a new program (Low reputation) Vendors like Norton and many others will block, flag or warn about it.
Thats normal specially because this is a BETA and is not digitally signed yet.

The power thing is the accelerator within the engine as it reads the code within a file, ones a code is found clean the engine will remember that and skip that specific code in future files as its already deemed clean. It specifically looks for code that is malicious while leaving all others. So when you see the power jump up then this means that the engine skipped a bunch of code as it already got scanned in a previous file (Some files have pretty much identical code specially MS system files) and since the engine specific looks for malicious code it will ignore previous scanned clean code. Its way more complex then that but this is pretty much the easiest way i can explain it.

Good questions, cheers

Norton Security and please see my attached file above

 

[Nico@FMA]

Norton blocked it when i tried to open it at first had to disable auto protect
It was doing a great job then it stoped for more than 10 min on the same scan area without doing any thing else
adding a timer would be great idea because i cant really figure out if it is working or not
what does the power thing mean at the scanning area?
and is it detecting it self?! see the attached file please

Btw i just did see your screenshot.
Did you change the name of the scanner? as it should look like this:

With capitals and such.
That being said yes funny enough our own engine detects itself, and this is due to the fact that its a NEW file because our cloud also has a reputation algorithm but this is still being developed, and as test our own file is detected.

Cheers

 

[Nico@FMA]

I installed on virtual machine with Avast free on.
Here are my first impressions.
RAM usage when scaning is low (about 1-1.5MB) .

View attachment 23992

In a folder with malware pack (2 days old) Avast is left 13 files, this program find 20 malware files

View attachment 23993

I must restart to clean

View attachment 23994

After restart i look in folder and it left 3 files, checking them on VirusTotal and it says it's malicious

View attachment 23995

Thanks so much for this, thats actually a really damn good score, considering the Cloud is now exactly 12 hours online so every detection made by our engine is only because of the code inside those files. for more info check this and read it carefully:

Spoiler: Read more.

FMA Intel-Secure CBAD Engine (Code Behavior Anomaly Detection)How does it work?
CBAD includes various new technologies to ensure that our software is capable of detecting and
removing known and unknown dangers while protecting the integrity of your operating system and
data.

CBAD Dynamic analysis
A data file and its internal code is being analyzed and automatically evaluated based upon the visible
and hidden features within the code and the commands it tries to execute. When a suspicious action
is being found the file will be monitored by the CBAD Dynamic emulation.
CBAD Dynamic analysis will also validate software and processes in order detect and remove fake,
rogue and PUP applications.

CBAD Dynamic emulation
A data file is encapsulated within a highly tuned and optimized environment that is designed to
emulate a operating system. The behavior and contents of the file and its internal code is being
monitored as it attempts to execute within the cloud-based virtual environment to discover known
and unknown threats.

CBAD Behavior & Anomaly analysis
During the behavior & anomaly analysis a data file is being monitored whenever sensitive or critical
data is about to be compromised by a malicious code.
All commands and codes that are being executed by a malicious file and its internal code while being
analyzed and monitored are being blocked and removed.
When the CBAD engine has blocked all active data streams, it will attempt to either clean or
completely remove the detected file and all of its malicious code. When a file is being cleaned or deleted the CBAD engine will try to maintain the OS integrity and stability.
This will require a reboot as the CBAD engine will only remove files from a inactive Windows in order to deny a malicious code to jump to other files and infect a new chain.

So if it only missed 3 files out of 20 then its time for beer, girls, music aka party.
because to tell you the truth, if you read back then i mentioned already that 90% of the engines capability is not even running at this point.
With that in mind...
This is going to be fun

 

[amz]

Installed it on win 7 32bit
Context menu scan option is only available when the program is active ? when i close the program ,no context menu option is shown.

 

[Nico@FMA]

Installed it on win 7 32bit
Context menu scan option is only available when the program is active ? when i close the program ,no context menu option is shown.

Context menu only is active when program is active. there is even a button that allows you to switch it on when the program runs.
After that context menu works and only on folders.
For more info read up on the topic as your question already got answered 3 times now.
cheers

 

[Anupam]

@Nico@FMA
In my opinion Next-Generation description by Nico is clear enough.


The key word here is technology.

@Anupam
.. or take a look at here (example) - http://dictionary.reference.com/browse/next-generation

Regards,
Kardo

I know what next generation means

Just wanted to know what advanced features it uses to make it next generation. I did not mean to insults the developer or the product.

 

[Adhit Prakosho]

Hi @Nico@FMA ,
I discovered this when downloading on Internet Explorer 11 but I am confident and believe in your software. I will try it

quote from microsoft support:

"What does it mean when I see a message that says a file isn't "commonly downloaded"?
When you download a program from the Internet, SmartScreen Filter will check the program against a list of programs that are downloaded by a significant number of other Internet Explorer users and a list of programs that are known to be unsafe. If the program you're downloading isn't on either list, SmartScreen Filter will display a warning that the file isn't "commonly downloaded." It doesn't necessarily mean the website is fraudulent or that the program is malware, but you probably shouldn't download or install the program unless you trust the website and the publisher."

then everyone not to worry but people who do not know this will worry

sorry for my bad english

 

[Raphoul]

Hi
I installed it it seems very light and very good software.
I saw 2 problems

1) Tiranium antivirus saw it like a heuristic virus
2) there is a problem your program sees himself as even a virus

 

[Nico@FMA]

Hi @Nico@FMA ,
I discovered this when downloading on Internet Explorer 11 but I am confident and believe in your software. I will try it

quote from microsoft support:

"What does it mean when I see a message that says a file isn't "commonly downloaded"?
When you download a program from the Internet, SmartScreen Filter will check the program against a list of programs that are downloaded by a significant number of other Internet Explorer users and a list of programs that are known to be unsafe. If the program you're downloading isn't on either list, SmartScreen Filter will display a warning that the file isn't "commonly downloaded." It doesn't necessarily mean the website is fraudulent or that the program is malware, but you probably shouldn't download or install the program unless you trust the website and the publisher."

then everyone not to worry but people who do not know this will worry

sorry for my bad english

Thanks for that.
I certify beyond the reasonable doubt my software is 100000% clean.
That being said if you scroll down the page you will see a badge of StopTheHacker it checks my site and all the content for malicious crap.
Simple said None to be found.
I am in the malware combating mode NOT in the malware making mode lol