- May 11, 2013
- 1,687
This topic is a continuation of the old BETA 1 topic.
For those who do not know what CBAD Cloud Antimalware 2014 is here is all the info:
FMA Intel-Secure CBAD Cloud Antimalware 2014 is our Next-Generation antimalware software.
We have developed our very own Next-Generation CBAD engine that analysis your system for
malicious data and hidden threats using our own advanced Cloud detection.
Which offers advanced on-demand security in addition to that provided by traditional security
applications such as firewalls, anti virus software and spyware detection software.
FMA Intel-Secure CBAD Cloud Antimalware 2014 will include Next-Generation technology to detect
and remove: Malware, Viruses, Exploits, Rootkits, Adware, Spyware, PUP, Rogue software and Zeroday
threats. CBAD includes various new technologies to ensure that our software is capable of detecting and
removing known and unknown dangers while protecting the integrity of your operating system and
data.
What technologies? How does it work? << Please read it as it contains updates.
CBAD Dynamic analysis
A data file and its internal code is being analyzed and automatically evaluated based upon the visible
and hidden features within the code and the commands it tries to execute. When a suspicious action
is being found the file will be monitored by the CBAD Dynamic emulation.
CBAD Dynamic analysis will also validate software and processes in order detect and remove fake, rogue and PUP applications. We added now a real time log that will show all the files being scanned and the full address & path.
A data file and its internal code is being analyzed and automatically evaluated based upon the visible
and hidden features within the code and the commands it tries to execute. When a suspicious action
is being found the file will be monitored by the CBAD Dynamic emulation.
CBAD Dynamic analysis will also validate software and processes in order detect and remove fake, rogue and PUP applications. We added now a real time log that will show all the files being scanned and the full address & path.
CBAD Dynamic emulation A data file is encapsulated within a highly tuned and optimized environment that is designed to emulate a operating system. The behavior and contents of the file and its internal code is being monitored as it attempts to execute within the cloud-based virtual environment to discover known and unknown threats. We have now added CBAD Hyper emulation which is a very aggressive setting (highly sensitive scan for highly infected systems) that will give the engine more capability to detect and predict actions by a unknown advanced malicious code and it will also boost the communications with the cloud
CBAD Behavior & Anomaly analysis
During the behavior & anomaly analysis a data file is being monitored whenever sensitive or critical
data is about to be compromised by a malicious code. All commands and codes that are being executed by a malicious file and its internal code while being analyzed and monitored are being blocked and removed.
When the CBAD engine has blocked all active data streams, it will attempt to either clean or completely remove the detected file and all of its malicious code. When a file is being cleaned or deleted the CBAD engine will try to maintain the OS integrity and stability. This will require a reboot as the CBAD engine will only remove files from a inactive Windows in order to deny a malicious code to jump to other files and infect a new chain.
During the behavior & anomaly analysis a data file is being monitored whenever sensitive or critical
data is about to be compromised by a malicious code. All commands and codes that are being executed by a malicious file and its internal code while being analyzed and monitored are being blocked and removed.
When the CBAD engine has blocked all active data streams, it will attempt to either clean or completely remove the detected file and all of its malicious code. When a file is being cleaned or deleted the CBAD engine will try to maintain the OS integrity and stability. This will require a reboot as the CBAD engine will only remove files from a inactive Windows in order to deny a malicious code to jump to other files and infect a new chain.
CBAD Collective Cloud Database (CCD) (NEW!!)
The cloud receives data from each single client engine, which submits files and codes to the cloud for emulation. If the emulation classifies a code or file as malicious then a snapshot of the actual malicious string is being saved within the CCD and the cloud will directly communicate with all client engines that that particular code or file is malicious. Enabling 1 single engine to detect unknown malicious objects and submit them to the network, and within minutes every single client scanner will know the same algorithm and will start looking for it without having that file go through the emulation process again. Saving time, resources, research and making its response time much much faster and more reliable.
The cloud receives data from each single client engine, which submits files and codes to the cloud for emulation. If the emulation classifies a code or file as malicious then a snapshot of the actual malicious string is being saved within the CCD and the cloud will directly communicate with all client engines that that particular code or file is malicious. Enabling 1 single engine to detect unknown malicious objects and submit them to the network, and within minutes every single client scanner will know the same algorithm and will start looking for it without having that file go through the emulation process again. Saving time, resources, research and making its response time much much faster and more reliable.
What operating systems will CBAD support? and what are the requirements?
We support 32 bit & 64 bit for: Windows Vista, Windows XP, Windows 7 ,Windows 8, Windows 8.1,Windows Servers 2008 and
Windows servers 2012 R1 & R2
System requirements:
We support 32 bit & 64 bit for: Windows Vista, Windows XP, Windows 7 ,Windows 8, Windows 8.1,Windows Servers 2008 and
Windows servers 2012 R1 & R2
System requirements:
- Microsoft .NET Framework 4
- Computer with Pentium or AMD processor, at least 1.6 GHz
- At least 250 MB of free hard disk memory space
- At least 2048 MB RAM under Windows 7
- Requires ACTIVE internet connection
- Full Admin rights
MUST read Important facts:
1: Some firewalls might block the connection please white list our software.
2: Some security programs might detect us as PUP or suspicious or in some cases even malicious, this is a FP and you can disregard the alert as i personally guarantee that our software IF and only IF obtained from http://fma-is.com is 100% clean.
3: Full scan is not enabled yet and yes this is a free version.
4: Will there be a premium version? Yes we are working on it and no i will not share what it can do yet.
Its ready when its ready.
5: What type of zero day protection is it a BB or hips or sandbox? A new one as described above. Its called Dynamic Emulation.
6: Do you guys use signatures? Or patterns? Yes we do use signatures and patterns but these are generated by the Emulation process once a file is found to be malicious, the system will store that making future scans faster.
7: Does your product have RT (realtime) protection? The free version does not however the premium version will.
8: Will you offer a program/engine (in the future) to VirusTotal? We do not have any intention to do so, but maybe in the future we might.
9: Is there going to be some Giveaways for Beta testers (or something similar)? Maybe who knows.
However true beta testers and supporters will not be forgotten so who knows what we might come up with.
10: Are you guys developing a internet security or specialized tools next to the premium and free version?
We have big plans in the future so stay tuned and you will find out soon enough.
11: What is the power indicator? It is the accelerator within the program that checks for duplicate code analysis and skips them. As there is no need to scan the same file twice.
12: Why is the engine reporting: CBAD.Detection instead of malware X? Thats simple our engine does not classify malware by names, it is classifying malware according to the internal code and as such no name will be given.
13: What are the 4 bars in the scan menu? These are upload buffers and indicate how much data is being uploaded.
14: Can your software run in VM? and in guest mode? Yes to both yet you need admin to install.
15: Why is the context scan not shown? it is if you enable it in the program itself and it will only scan folders. This is for practical reasons and will stay this way.
16: Can your software run next to other software? Yes it can our software has been designed that way yet we have no control over the way how other vendors handle our software.
17: Can your program work in safe mode? Yes only safe-mode with network options.
18: How do i know your software is safe and is not some garbage? Well i personally guarantee that my software is clean and if you are in doubt you can ask: @Umbra Polaris @Jack @BoraMurdar @Huracan @Littlebits @Malware1 @exterminator20 or any other staff member.
19: Is the software and FMA truly yours? Yes it is.
20: VPN software will disrupt and interfere with the scanning please turn it off, our cloud has not yet been configured to deal with encrypted connections.
21: VB projects and very new files are being detected as malicious because they have a low reputation and VB projects are open exe files which mimics malware in some ways.
If you see files that are false positives then unselect them from the scanning result.
* NOTE: IF YOU ASK A QUESTION THAT ALREADY HAS BEEN ASKED OR EXPLAINED WE WILL NOT REPLY.
We have taken the trouble and time to explain everything, so just take a few minutes and read.
1: Some firewalls might block the connection please white list our software.
2: Some security programs might detect us as PUP or suspicious or in some cases even malicious, this is a FP and you can disregard the alert as i personally guarantee that our software IF and only IF obtained from http://fma-is.com is 100% clean.
3: Full scan is not enabled yet and yes this is a free version.
4: Will there be a premium version? Yes we are working on it and no i will not share what it can do yet.
Its ready when its ready.
5: What type of zero day protection is it a BB or hips or sandbox? A new one as described above. Its called Dynamic Emulation.
6: Do you guys use signatures? Or patterns? Yes we do use signatures and patterns but these are generated by the Emulation process once a file is found to be malicious, the system will store that making future scans faster.
7: Does your product have RT (realtime) protection? The free version does not however the premium version will.
8: Will you offer a program/engine (in the future) to VirusTotal? We do not have any intention to do so, but maybe in the future we might.
9: Is there going to be some Giveaways for Beta testers (or something similar)? Maybe who knows.
However true beta testers and supporters will not be forgotten so who knows what we might come up with.
10: Are you guys developing a internet security or specialized tools next to the premium and free version?
We have big plans in the future so stay tuned and you will find out soon enough.
11: What is the power indicator? It is the accelerator within the program that checks for duplicate code analysis and skips them. As there is no need to scan the same file twice.
12: Why is the engine reporting: CBAD.Detection instead of malware X? Thats simple our engine does not classify malware by names, it is classifying malware according to the internal code and as such no name will be given.
13: What are the 4 bars in the scan menu? These are upload buffers and indicate how much data is being uploaded.
14: Can your software run in VM? and in guest mode? Yes to both yet you need admin to install.
15: Why is the context scan not shown? it is if you enable it in the program itself and it will only scan folders. This is for practical reasons and will stay this way.
16: Can your software run next to other software? Yes it can our software has been designed that way yet we have no control over the way how other vendors handle our software.
17: Can your program work in safe mode? Yes only safe-mode with network options.
18: How do i know your software is safe and is not some garbage? Well i personally guarantee that my software is clean and if you are in doubt you can ask: @Umbra Polaris @Jack @BoraMurdar @Huracan @Littlebits @Malware1 @exterminator20 or any other staff member.
19: Is the software and FMA truly yours? Yes it is.
20: VPN software will disrupt and interfere with the scanning please turn it off, our cloud has not yet been configured to deal with encrypted connections.
21: VB projects and very new files are being detected as malicious because they have a low reputation and VB projects are open exe files which mimics malware in some ways.
If you see files that are false positives then unselect them from the scanning result.
* NOTE: IF YOU ASK A QUESTION THAT ALREADY HAS BEEN ASKED OR EXPLAINED WE WILL NOT REPLY.
We have taken the trouble and time to explain everything, so just take a few minutes and read.
Important Note: We are working on our network virtually every day as we are expanding the cloud and maintain our network this might last for a few weeks as our user base grows and more problems become visible so if the scan acts funny or hangs then there are a couple of options:
1: Our network is partly down (will come back online maybe seconds later as we are working in RT on it.)
2: You use a VPN which encrypts the connection and our cloud cannot deal with that so drop VPN before starting a scan.
3: Proxy our cloud has a problem with proxies, we are trying to fix it but this may take some time so if it works you are lucky if not then switch back to your own ip.
4: Your software firewall, or router wall or AV is blocking our program.
It might help if you switch on Hyper emulation as it also improves communications with the cloud. If thats not working then just restart and try again.
And if you want to participate and accelerate this process by helping us identify and find malware then tell me in this topic or navigate to this topic which was made for that:
http://malwaretips.com/threads/malware-freaks-specialists-and-hunters.34571
Who is already part of the M-Hunt team?
@BoraMurdar
@Fedora
@Xtwillight
Your name not here yet? PM me.
* Note we only accept serious and loyal people and people that are willing to go the distance.
So if you are planning to screw around please do not bother applying.
We need you as a user to make this a success, we have gone trough the trouble to create it, now its your turn to enjoy it. That being said if you like our software then share it, review it and support it.
If you got questions our comments please post a reply here in this topic, but please read the info above first because the odds are great that your question has already been answered.
If i missed anything then i will update this main topic and let you guys know. So please keep track of this main post. If there are updates i will also post them here.
Visit us at: http://fma-is.com and download our software.
Digital forensic intrusion analysis, security and anti-malware solutions.
Big data and ICT security is everyone’s concern… but it’s our business.
Kind Regards
Nico & FMA Team
ps:
Please if you review, advertise or make a post regarding our software please take the trouble to make yourself familiar with our software so you know what you are talking about.
Please....
So let me repeat my words one more time: WE ARE NOT USING VT, WE ARE NOT USING ANY THIRD PARTY ENGINE AND WE HAVE DEVELOPED OUR SOFTWARE COMPLETELY IN-HOUSE.
Last edited:
