FMA Intel-Secure CBAD Cloud Antimalware 2014 (BETA 2 FREE Version)

[BoraMurdar]

Hi @Nico@FMA
I am sorry, maybe this question was asked before, but why is the "Full Scan" button grayed out?

Edit : Installation was quick and nice, autoupdated to the new version.

 

[Nico@FMA]

Hi Nico, just some suggestions for you:

1. I think you should submit your software for those whitelisting programs by AV vendors, so that there would be fewer/no false positives by vendors.
2. As for the detection name thing, perhaps based on the structure of the malware, you can classify them accordingly. It would be great if Intel-Secure could let us know the capabilities of its detections. For instance, if there is a RAT on my computer and Intel-Secure detects it, it would be great if I could view the capabilities of this RAT. Intel -Secure can list the capabilities like this:

• Keylogger
• Connects to XX.XX.XX.XX
• Screen capture
• Anti-VM

That way users can use the tool to make informed decisions on what kind of threat they are facing, and perhaps this software can be part of a malware analysts' companion as well

Your suggestions are noted thanks.
1: Whitelisting is already being done the moment i put the software online, but some AV vendors are so slow that weeks after submitting it still is being detected, hence why we have digitally signed our software to overcome some of it.

2: Sure it would be great yet it is totally against the cloud nature, now in the future we will try something but names it will never give its more going to be like: Trojan, Worm, Exploit, Spyware, Adware and so on.
More categorized names.
As for malware attributes and very specific's we are working on something like that but that will take months before we can even test that.
As this requires a separate cloud just for the workings of a malware, and we are no where near that point.

Thanks anyway.

 

[Nico@FMA]

Hi @Nico@FMA
I am sorry, maybe this question was asked before, but why is the "Full Scan" button grayed out?

Edit : Installation was quick and nice, autoupdated to the new version.

Full scan will become available in full version which we hope to release within the next few weeks.
But during beta manual scan, context scan and quick scan are the only options that are available. This for practical reasons... So the beta while working is still a test phase.

 

[BoraMurdar]

Full scan will become available in full version which we hope to release within the next few weeks.
But during beta manual scan, context scan and quick scan are the only options that are available. This for practical reasons... So the beta while working is still a test phase.

OK, and what will be the difference between :
Deep (Slow) - On Quick Scan
Deep (Slow) - On Full Scan
and other combinations, you know what I mean

 

[Cch123]

Just realised this, but the digital signature which you used to sign the file is not trusted and recognised.

 

[Nico@FMA]

Full scan will become available in full version which we hope to release within the next few weeks.
But during beta manual scan, context scan and quick scan are the only options that are available.

OK, and what will be the difference between :
Deep (Slow) - On Quick Scan
Deep (Slow) - On Full Scan
and other combinations, you know what I mean

Good questions buddy so allow me to explain:

Quick scan is just a critical scan that scans really fast trough the most important sections within your pc.
Manual scan can scan ANY drive or folder you select and is a very good scan.

The additional options like:
Simple fast
Deep slow
Ultra deep very slow
These options are working only with manual scan and they tweak your local engine to submit more code per file to the cloud. Call it a aggressive setting which it basically is.
The cloud needs digital finger prints of your files and its very code in order to recreate the file and virtualize them and then test them.
The higher this setting (Simple, Deep or Ultra) the more info about that file is being sended and the more complex the malware analysis is.
Which increases the detection dramatically and is made to combat the most dangerous malwares.
But setting it on high also uses much more network resources as more data is being send and receive.
If you go to the beginning of the topic it will be explained in detail.

CBAD Hyper Emulation is a setting that will send the cloud and your local engine into overdrive or should i say into a malware slaying maniac? If you enable Ultra + Hyper then (when the full scan is enabled in the full version) will be magic.
If you need a tool to kill malware then this option will do it as this is not just malware scanning this is scanning and analysis on steroids.

Obviously the options are there and while working they are experimental and in test phase.

Cheers

 

[Nico@FMA]

Just realised this, but the digital signature which you used to sign the file is not trusted and recognised.

Yes because we made it ourself, and i am not going to pay verisign prices for a certificate if i can make it myself. Its just marketing tricks as MS by default does not trust any certificate unless they issued it.
While a digital cert does have its uses, its basicly only generating money for MS and other big companies.
Its a older article but its true... read it. It will explain the Software Digital Certificate industry a bit. Hence why we made our own digicert.

 

[BoraMurdar]

Good questions buddy so allow me to explain:

Quick scan is just a critical scan that scans really fast trough the most important sections within your pc.
Manual scan can scan ANY drive or folder you select and is a very good scan.

The additional options like:
Simple fast
Deep slow
Ultra deep very slow
These options are working only with manual scan and they tweak your local engine to submit more code per file to the cloud. Call it a aggressive setting which it basically is.
The cloud needs digital finger prints of your files and its very code in order to recreate the file and virtualize them and then test them.
The higher this setting (Simple, Deep or Ultra) the more info about that file is being sended and the more complex the malware analysis is.
Which increases the detection dramatically and is made to combat the most dangerous malwares.
But setting it on high also uses much more network resources as more data is being send and receive.
If you go to the beginning of the topic it will be explained in detail.

CBAD Hyper Emulation is a setting that will send the cloud and your local engine into overdrive or should i say into a malware slaying maniac? If you enable Ultra + Hyper then (when the full scan is enabled in the full version) will be magic.
If you need a tool to kill malware then this option will do it as this is not just malware scanning this is scanning and analysis on steroids.

Obviously the options are there and while working they are experimental and in test phase.

Cheers

Awesome, I see you guys are making this more and more sophisticated, preparing it for every scenario. Keep it up!

 

[Nico@FMA]

Awesome, I see you guys are making this more and more sophisticated, preparing it for every scenario. Keep it up!

Thanks buddy.

 

[Nico@FMA]

BAD BAD BAD NEWS,

THE CBAD CLOUD SERVER CRASHED DUE TO CATASTROPHIC HARDWARE FAILURE.
WE TRY TO FIND OUT HOW MUCH DAMAGE WE HAVE BUT THE (MEMORY BANK & DIMMS) DID SERIOUSLY KNOCK DOWN THE SERVER.
AND IT HAS ALREADY BEEN SAID THAT WE SHOULD NOT BE SURPRISED IF WE LOSE EVERYTHING.
CURRENTLY TECHNICAL STAFF IS TRYING TO AVOID THIS AND REPAIR THE DAMAGE, BUT THE ODDS ARE VERY MUCH AGAINST US.
FOR WHATEVER REASON THE MEMORY DIMMS DID CRASH AND THE DIMM BANKS SEEM DAMAGED.

SO MUCH FOR A HAPPY SATURDAY.

PLEASE DO NOT USE CBAD ANTIMALWARE TILL FURTHER NOTICE.

 

[Secondmineboy]

Oh man.

I hope you can get this fixed and you loose not that much data.

But ist always a good idea to have a Server as backup for such cases. You can get the backup Server running and work on the dead one meanwhile.

 

[Nico@FMA]

Oh man.

I hope you can get this fixed and you loose not that much data.

But ist always a good idea to have a Server as backup for such cases. You can get the backup Server running and work on the dead one meanwhile.

If such hardware failure happens then the server should just shutdown, and the tricky part is it did not shutdown while the memory was malfunctioning and things got hot, really hot. So eventually the banks where damaged as the could not cope with it anymore.
Now how what and where i have no clue... we still try to find the reason for this BAD event as its not just the hardware failure but also the server not shutting down... when the problem should have triggered a force shutdown. So the server kept running and basicly did run itself into the ground.
But as i said we still try to find out WTF happened.

 

[Exterminator]

Bad news for a very promising security program I hope you get things back up again and you dont loose everything

 

[Av Gurus]

...such a bad luck...2nd time...
Best wishes and lots of good luck in the future

 

[thepierrezou]

Bad news
I hope you will success to retrieve data.
Good luck in the future

 

[Behold Eck]

Sorry to hear about your predicament but keep on keeping on.

Good luck amigo.

Regards Eck

 

[Nico@FMA]

Bad news for a very promising security program I hope you get things back up again and you dont loose everything

...such a bad luck...2nd time...
Best wishes and lots of good luck in the future

Bad news
I hope you will success to retrieve data.
Good luck in the future

Sorry to hear about your predicament but keep on keeping on.

Good luck amigo.

Regards Eck

Thanks guys.
We will be up very soon, but damn we have so much damage it ain't funny anymore.
I personally did not sleep since yesterday morning, so go figure.

Cheers

 

[Cats-4_Owners-2]

Thank you Nico for keeping all of us in the loop of knowing the latest that takes place in the galaxy of FMA.
As you are both a developer and a parent whom understands: "The better you take care of Nico, the better you'll be able to take care of your baby", do get some rest.

 

[Nico@FMA]

Good news.

We are currently bringing back the cloud to online status, so within the next 12 hours the cloud will slowly come online as all the features and processes are being checked. Right now a scan is possible but not 100% as we bring the cloud online layer by layer to assure that everything is working correctly, so bare with us.

 

[Cats-4_Owners-2]

This is amazing, and I'm happy for you. Bearing with you is easy considering you and your team are the ones working so hard! We all support your efforts, Nico.
Coffee for everyone (now) beer can wait 'till later.