Advice Request ITbrain Anti-Malware – Solid or Not?

Please provide comments and solutions that are helpful to the author of this topic.

Would you recommend ITbrain Anti-Malware?

  • Yes

    Votes: 1 11.1%
  • No

    Votes: 8 88.9%

  • Total voters
    9
Status
Not open for further replies.

Fritz

Level 11
Thread author
Verified
Top Poster
Well-known
Sep 28, 2015
543
I've been thinking about offering my clients a security solution for a while now. Since I already use Teamviewer for customer support, it would certainly make sense to use an integrated solution. Since ITbrain Anti-Malware looks like a convenient add-on, it has certainly piqued my interest.

Unfortunately, for the life of me I can't find out much about it other than self-glorifying press releases. All aunt Google really tells me is that it's using Bitdefender definitions in some shape or form. They also sport a VB100 certificate from Virus Bulletin, but that's basically it. Complete no-show as far as other test organizations or security forums go.

I'm really interested in anything you guys can come up with, wether experience or hearsay – so feel free to chime in. :)
 

AlanOstaszewski

Level 16
Verified
Top Poster
Malware Hunter
Jul 27, 2017
775
I scanned the MalwareBlocker samples. They are 9 days old. (GitHub - MalwareBlockerYT/MalwareDeposit: Free Malware Samples)

Ad-Ware and PUPs: 3/4:
Antivirus scan for c22730cd14c9598d41eca39f716ca353ec716c86f6fc63c0fe9777c2ffad8676 at 2017-07-27 23:18:35 UTC - VirusTotal

Ransomware: 2/2

Trojans and Other: 11/13

Antivirus scan for 84a00f8d7b8a722695ceed5d79a2ca46fd7450c3e54b165ea7d8fc87c31f012b at 2017-07-23 01:25:08 UTC - VirusTotal
Antivirus scan for fd17116c744e8bc8a3c36865877fb659e8660b0711a6f6883fb0270522bbe364 at 2017-07-25 17:22:16 UTC - VirusTotal

lI0wHU0.png


I could install the Ad-Ware and run the second trojan. I run the first trojan but it said that I'm in a VirtualBox :c

The program is light. You need to install TeamViewer and log into your Web-Account. Then you can tweak the settings in your browser. You can't turn off the Realtime-Protection. You need to stop the process in the task manager. Quick Scan is slow.

Detection rate: ~ 84,21% 16/19 detected
 

RoboMan

Level 34
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,399
I scanned the MalwareBlocker samples. They are 9 days old. (GitHub - MalwareBlockerYT/MalwareDeposit: Free Malware Samples)

Ad-Ware and PUPs: 3/4:
Antivirus scan for c22730cd14c9598d41eca39f716ca353ec716c86f6fc63c0fe9777c2ffad8676 at 2017-07-27 23:18:35 UTC - VirusTotal

Ransomware: 2/2

Trojans and Other: 11/13

Antivirus scan for 84a00f8d7b8a722695ceed5d79a2ca46fd7450c3e54b165ea7d8fc87c31f012b at 2017-07-23 01:25:08 UTC - VirusTotal
Antivirus scan for fd17116c744e8bc8a3c36865877fb659e8660b0711a6f6883fb0270522bbe364 at 2017-07-25 17:22:16 UTC - VirusTotal

lI0wHU0.png


I could install the Ad-Ware and run the second trojan. I run the first trojan but it said that I'm in a VirtualBox :c

The program is light. You need to install TeamViewer and log into your Web-Account. Then you can tweak the settings in your browser. You can't turn off the Realtime-Protection. You need to stop the process in the task manager. Quick Scan is slow.

Detection rate: ~ 84,21% 16/19 detected
Thanks for the testing on the software. Can you reboot your virtual machine and check if there are leftovers or junk/malware traces/ added to the boot? SysInternals AutoRuns, ProcessExplorer and TCPView can help you with that. Also Comodo KillSwitch. :)
 

AlanOstaszewski

Level 16
Verified
Top Poster
Malware Hunter
Jul 27, 2017
775
Thanks for the testing on the software. Can you reboot your virtual machine and check if there are leftovers or junk/malware traces/ added to the boot? SysInternals AutoRuns, ProcessExplorer and TCPView can help you with that. Also Comodo KillSwitch. :)
CiCgEEb.jpg


I have many tools on my virtual machine so it's not a problem to search for processes and junk files. Nothing is in the autostart. I checked the temp and the %appdata% Folder - nothing. I did a scan with Zemana AntiMalware - nothing except the files in the samples folder. Nothing is encrypted and running.

If you could send my malware I could make a re-test. I would like to have access to the malware in this forum but i need more posts :C
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
All aunt Google really tells me is that it's using Bitdefender definitions in some shape or form.

Interesting its new to me about this product from Teamviewer, that sums it up due to borrowed license engine hence performance is not surprising.

Now the question is ITbrain AM contains any reactive components like BB or certain HIPS? The major trend mostly on those borrowed license engine is it does not create any reactive components that can help the detection.
 
  • Like
Reactions: Fritz

Fritz

Level 11
Thread author
Verified
Top Poster
Well-known
Sep 28, 2015
543
That's the thing, the whole she-bang is worthless to me if it only sports signature-based detection without any BB whatsoever… :(
 
  • Like
Reactions: frogboy

Fritz

Level 11
Thread author
Verified
Top Poster
Well-known
Sep 28, 2015
543
Thanks again @askalan, I guess we just found out why they don't care to let their stuff run by AV-C or AV-T.

Too bad, would have made for a nice and easily deployable solution at a very affordable rate. As usual, you get what you pay for.
 

Danielx64

Level 10
Verified
Well-known
Mar 24, 2017
481
Hello all,

I know that this topic is from last year but have anyone had the chance to test this out again and let us know how it goes? Has things improved?

Thank you :)
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top