Hi Nico, just some suggestions for you:
1. I think you should submit your software for those whitelisting programs by AV vendors, so that there would be fewer/no false positives by vendors.
2. As for the detection name thing, perhaps based on the structure of the malware, you can classify them accordingly. It would be great if Intel-Secure could let us know the capabilities of its detections. For instance, if there is a RAT on my computer and Intel-Secure detects it, it would be great if I could view the capabilities of this RAT. Intel -Secure can list the capabilities like this:
That way users can use the tool to make informed decisions on what kind of threat they are facing, and perhaps this software can be part of a malware analysts' companion as well
- Connects to XX.XX.XX.XX
- Screen capture
OK, and what will be the difference between :Full scan will become available in full version which we hope to release within the next few weeks.
But during beta manual scan, context scan and quick scan are the only options that are available. This for practical reasons... So the beta while working is still a test phase.
Full scan will become available in full version which we hope to release within the next few weeks.
But during beta manual scan, context scan and quick scan are the only options that are available.
OK, and what will be the difference between :
Deep (Slow) - On Quick Scan
Deep (Slow) - On Full Scan
and other combinations, you know what I mean
Just realised this, but the digital signature which you used to sign the file is not trusted and recognised.
Awesome, I see you guys are making this more and more sophisticated, preparing it for every scenario. Keep it up!Good questions buddy so allow me to explain:
Quick scan is just a critical scan that scans really fast trough the most important sections within your pc.
Manual scan can scan ANY drive or folder you select and is a very good scan.
The additional options like:
Ultra deep very slow
These options are working only with manual scan and they tweak your local engine to submit more code per file to the cloud. Call it a aggressive setting which it basically is.
The cloud needs digital finger prints of your files and its very code in order to recreate the file and virtualize them and then test them.
The higher this setting (Simple, Deep or Ultra) the more info about that file is being sended and the more complex the malware analysis is.
Which increases the detection dramatically and is made to combat the most dangerous malwares.
But setting it on high also uses much more network resources as more data is being send and receive.
If you go to the beginning of the topic it will be explained in detail.
CBAD Hyper Emulation is a setting that will send the cloud and your local engine into overdrive or should i say into a malware slaying maniac? If you enable Ultra + Hyper then (when the full scan is enabled in the full version) will be magic.
If you need a tool to kill malware then this option will do it as this is not just malware scanning this is scanning and analysis on steroids.
Obviously the options are there and while working they are experimental and in test phase.
I hope you can get this fixed and you loose not that much data.
But ist always a good idea to have a Server as backup for such cases. You can get the backup Server running and work on the dead one meanwhile.
Bad news for a very promising security program I hope you get things back up again and you dont loose everything
...such a bad luck...2nd time...
Best wishes and lots of good luck in the future
I hope you will success to retrieve data.
Good luck in the future
Sorry to hear about your predicament but keep on keeping on.
Good luck amigo.