FMA Intel-Secure: (CCSU PR-Guard) Edition 2015

Status
Not open for further replies.

Av Gurus

Level 29
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 22, 2014
1,767
Tnx
Will try it later when come home.
 

Av Gurus

Level 29
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 22, 2014
1,767
I put it on my virtual machine with Win 7 x64 just to see if it work.
Updated and run, I think is working OK :).
Here are some pictures:

Clipboard01.png Clipboard02.png Clipboard03.png Clipboard04.png
 

Nico@FMA

Level 27
Thread author
Verified
May 11, 2013
1,687
Hello Everyone.

I have a question, to all of you so allow me to explain and state my questions.
Today we have come on a cross road where CCSU guard is reaching the magic age of 21 years old (Meaning it is becoming mature)
As we all know it was originally designed as a forensic tool and it still is, yet the UI itself gives limitless options to expand the program and making it a portal for not just forensic tools but also for diagnostic's, repair abilities and other useful utilities.
Yet while the functions inside CCSU are beyond useful it is drifting away from its original purpose.
The industrial version is done ready and will only be updated and has none of these features. It is being used by all my clients and more then 50 companies and several law enforcement departments so the industrial version stays as it is and did not drift away from its original task.
However this version is not available for "the masses" and is only being distributed within our partner network.

Yet the CCSU guard i have posted here on MT has become more and more a home version with niche options, and while its great in every regard i cannot change the fact that its not a pure forensic tool anymore.
So here is the dilemma what should i do? Should i continue develop this version and become a hybrid forensic tool, which looks more and more like a tool similar to lets say Glary tools while having the forensic and diagnostic abilities. Or should i focus on security related options, making it a Swiss army knife or to trow another monkey out there i also could make it into a program that not just has all the security related tools, but also performance, repair, diagnostic's and maintenance tools.
I personally would be in favor of turning it into a Swissarmy knife, but since you guys basically gave my program birth right i sort of did feel the need to trow the questions out there.
Also i am struggling with the name. CCSU stands for "Custom Cyber Security Utilities" And P-R Stands for Precision Research.
Not trying to be funny here but fact is that the name is no longer valid if you see its development. So somewhere in my mind i am struggling to rename my product. (Do you have a original name in mind? post it here)
I just do not know what to do at this point and i was hoping by posting this post to reach out and harvest some suggestions, feedback tips and hints.
Some of you have witnessed the program evolve from a single batch script into a fully fledged app. You all know that in terms of support i have always been open about my product and i tried to give the best support available to those who needed and this would not be possible without the following people.
Guys like: @Umbra Polaris @Huracan @Jack @exterminator20 @BoraMurdar @Littlebits @Cats-4_Owners-2 @illumination @Xtwillight and many many others have been instrumental in testing, and giving feedback.
Also special thanks to @kram7750 @Kardo Kristal @Dani Santos @MikeV for their assistance, helpinghand and advise.
You all guys have contributed to my products, it does not matter if it was helping a hand, or reviewing or even posting critical notes.
In the end everyone here on MT did contribute their own little part to the project and for that i am great full.

But to get back at the issue here i am really at a crossroad and since this version is free and made for home users i was thinking to ask you guys which direction do you want me to go? What options would you like to see i mean giving me likes on my posts GREAT.
But likes do not help me out here, so take a moment and post your comments and idea's here.

Hoping to see LOTS and LOTS of reactions.

Kind Regards,
Nico
 

BoraMurdar

Community Manager
Verified
Staff Member
Well-known
Aug 30, 2012
6,598
Should i continue develop this version and become a hybrid forensic tool
Of course you should, and it should be a paid product. It's not easy to make one, and especially to improve, support and develop future updates, bugfixes...
Or should i focus on security related options, making it a Swiss army knife or to trow another monkey out there i also could make it into a program that not just has all the security related tools, but also performance, repair, diagnostic's and maintenance tools.
That either. Several editions. First one, basic one free and other with more tools that actually do something (rather than some that promise to improve the system and PUFFF , nothing). It would be nice to see a full Total Security Suite from you Nico :)

Names : NicoSec (Utilities, AV, Maintenance, Forensic Suite) ???? :rolleyes:
 

Nico@FMA

Level 27
Thread author
Verified
May 11, 2013
1,687
Of course you should, and it should be a paid product. It's not easy to make one, and especially to improve, support and develop future updates, bugfixes...

That either. Several editions. First one, basic one free and other with more tools that actually do something (rather than some that promise to improve the system and PUFFF , nothing). It would be nice to see a full Total Security Suite from you Nico :)

Names : NicoSec (Utilities, AV, Maintenance, Forensic Suite) ???? :rolleyes:

@BoraMurdar
Thanks for your comments buddy.
However i have some questions about your comment.

In regards to the several editions, how would you envision that? Should these editions stick to one task and specialize in that? Or should the be a collection of tools to enhance its specific ability? Or what do you have in mind?
Because understand that developing wise its not that hard, yet it is a broad industry and adding tools or creating different editions can be daunting to the end user.
Look at some software developers, who make great tools or even look at AV programs, some of them are so feature rich that one can get lost between the features and that while the main program can be good.
And the last thing i want is a whole ZOO of exotic programs with all kinds of options features and abilities as it just distracts the original reason for making the program in the first place.
So could you be more specific.

Kind Regards
Nico
 
  • Like
Reactions: illumination

BoraMurdar

Community Manager
Verified
Staff Member
Well-known
Aug 30, 2012
6,598
It should be wast variety of different tools (even standalone or putted together, I prefer to have one program interface to rule them all), each specialized for different tasks.
  • Just like CCSU PR Guard, with all system drivers, system services, kernel validation, handlers analysis, logging... just rename it. And it would be one product for that.
  • Custom utility for enhancing Windows Firewall abilities
  • Full featured Antivirus, real time protection, disinfection (if you're able to code system remediation module after corruption or infection), unknown file emulation on virtual environment and detection of it's behavior.
  • Full featured fancy tool for large masses :rolleyes: defrag, clean, optimize, control.
  • probably some other, cannot come across my mind right now o_O
 

Nico@FMA

Level 27
Thread author
Verified
May 11, 2013
1,687
It should be wast variety of different tools (even standalone or putted together, I prefer to have one program interface to rule them all), each specialized for different tasks.
  • Just like CCSU PR Guard, with all system drivers, system services, kernel validation, handlers analysis, logging... just rename it. And it would be one product for that.
  • Custom utility for enhancing Windows Firewall abilities
  • Full featured Antivirus, real time protection, disinfection (if you're able to code system remediation module after corruption or infection), unknown file emulation on virtual environment and detection of it's behavior.
  • Full featured fancy tool for large masses :rolleyes: defrag, clean, optimize, control.
  • probably some other, cannot come across my mind right now o_O

Thanks that's exactly the reply i am looking for, to the point and clear as a bell.
This is something i can work with.
Many many thanks m8.
 

Exterminator

Community Manager
Verified
Staff Member
Well-known
Oct 23, 2012
12,527
Hello Everyone.
So here is the dilemma what should i do? Should i continue develop this version and become a hybrid forensic tool, which looks more and more like a tool similar to lets say Glary tools while having the forensic and diagnostic abilities. Or should i focus on security related options, making it a Swiss army knife or to trow another monkey out there i also could make it into a program that not just has all the security related tools, but also performance, repair, diagnostic's and maintenance tools.

It would be refreshing to see a program with the features you mentioned but that is actually a tool that can be used by the home user to the professional. Something that is actually useful without all the fluff and magical one button optimizations.
Like a Swiss Army knife each tool can be used and actually works.
 

Nico@FMA

Level 27
Thread author
Verified
May 11, 2013
1,687
It would be refreshing to see a program with the features you mentioned but that is actually a tool that can be used by the home user to the professional. Something that is actually useful without all the fluff and magical one button optimizations.
Like a Swiss Army knife each tool can be used and actually works.

Thanks yes the Swiss Army knife idea has my personal preference.
In terms of the tools working... thats a no brainer as my tools work beyond the reasonable doubt.
I am happy that i NEVER provided a FLUFF tool as everything works as advertised and i intend to keep it that way.

Thanks for your comment.
 

hacheafleur

Level 1
Apr 14, 2015
13
Hi Nico@FMA,
I ran FMA Intel-Secure CCSU PR-Guard 2015 it is normal that the PPA analysis Step 4 at least 07 hours?
And at the end i have 64 files on 1 folder logs 34.1Mo?
 

Nico@FMA

Level 27
Thread author
Verified
May 11, 2013
1,687
Hi Nico@FMA,
I ran FMA Intel-Secure CCSU PR-Guard 2015 it is normal that the PPA analysis Step 4 at least 07 hours?
And at the end i have 64 files on 1 folder logs 34.1Mo?

Thanks for your report about PPA. (Point to Point Analysis)
No its not normal for PPA to run for 7 Hours. However on a very poorly maintained computer with loads and loads of residue of old files and register keys it can take up a hour or even 2 hours. The situation becomes much worse if your config has serious issues.
PPA is designed to literally cross reference each file, key, process, driver and every single config setting you have.
So if this is a mess then yes PPA can take up to lets say max 3 hours on a 4GB 2GHZ Windows box.

But 7 hours? Naah then it crashed for whatever reason or keeps looping due to the windows core not being able to process the data correctly.
If i may ask could you tell me what PC you have and the config? Because PPA is known to have a problem with Home versions of Windows 7.
I just want to eliminate some things before blaming PPA engine as so far you are the first to report this.
Also did you run the scans 1 by 1 starting from 1 to step 4 and did you allow them to properly finish (They will close by them self after finish) Also do not open the logs during scans this can crash individual modules.
You might also check the Windows event viewer and see the error code why PPA stopped working.

In regards to the 34,1MB folder called logs which has 64 files yes that's normal as CCSU spits out a serious amount of data.

So please provide some more info.

Kind Regards
Nico
 
  • Like
Reactions: Cats-4_Owners-2

Av Gurus

Level 29
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 22, 2014
1,767
Is this program can work normally if there is no internet?
 

Av Gurus

Level 29
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 22, 2014
1,767
Here is the pictures of all logs.
On the left is clean and on the right are infected.
Clipboard01.png

To see what/where is infected you have to look all this logs or just some of them?
 

Nico@FMA

Level 27
Thread author
Verified
May 11, 2013
1,687
Here is the pictures of all logs.
On the left is clean and on the right are infected.
View attachment 57192

To see what/where is infected you have to look all this logs or just some of them?

Yes you can just compare them either by eye like a pro would do. Or you use a thirdparty program.
But since its a specialist tool you can just go trough them 1 by one by hand and compare them. its actually not that hard if you take the time and understand what you are looking at.
 

Av Gurus

Level 29
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 22, 2014
1,767
I found couple of malware in some LOGS but this is kind a slow.

Clipboard01.png

With other programs (like FRST) you can find staff much faster.
 
Last edited:
I

illumination

Simply put, the Swiss Army knife idea has my vote, speaking as a home user and side tech that is always in search of powerful, all-in-one tools "preferably portable".
 
  • Like
Reactions: Cats-4_Owners-2
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top