The issue is actually hashes. There too many hashes at there and it's fully localized. If you want I can create lite edition. The lite edition is keep heuristics, is most power come from there. No Virusshare undefinied hashes. No old hashes older than 1 year (securiteinfoold.hdb). With this most of issues should be fixed but if you want I can create more lite edition.
Why don’t you try using Amazon AWS, they are not very expensive and will most probably offer you a credit as a startup… you can’t just keep a massive bunch of hashes in memory. Either keep part of them and upon a match, read rest from SSD or find another method such as compression to reduce the size.
Actually there undefinied hashes. I should not use it even if in cloud because they didn't show malware name so I deleted them from Lite Edition.
I have been waiting for this for a very long time. With the new update, the application name has changed again. I don't know if there are any changes on the interface yet, but
It was literally not updated for about a year or even more. I actually wanna see what's new too
You gotta follow the business components now, with which the version is aligned.It was literally not updated for about a year or even more. I actually wanna see what's new too
You’ll need to put some effort and see what’s malicious and what’s not. You can create detections like generic, agent, something like that if it’s malicious, even if there is no malware name listed.
Actually hashes only improve 1% detection of my antivirius. Most power come from YARA, ClamAV and machine learning. I didn't used my IPS (You can see IPS at otherrules) or SIGMA, SUBLIME, CAPA rules.
Actually now it's more less than 720mb.
@Shadowra You should be able to create an account for Sophos Interceptx - 30 day trial. All the information I put into the fields was fictitious (except for the email address, which I used from a "temp mail" website. Even though it asks for a real business email and phone number, putting in random things will work (for example, for the phone number I put in 1111111 lol).Download Sophos Endpoint | Intercept X Free Trial
Free Trial: Sophos Intercept X Advanced. Comprehensive Suite of Endpoint Protection Options Designed to Reduce Risk and Prevent Threats. Free 30 Day No Risk Trial.www.sophos.com
View attachment 283328
I'm not 100 percent sure but, if I remember correctly when Cyberlock take its snapshot, if there already is a infection, its going to consider the system normal, even though it is not, maybe this has changed as I am basing this on my photographic mind which ran out of film a while ago, please correct me if I am wrong
I think your right.
That's the point of the test. Does anyone else see a problem with the possibility of potentially whitelisting malware on a already infected system, especially if the user has no idea its infected and installs the application. Is there disclaimers with the product/s this could happen, open disclaimers that warn the user, that maybe they should thoroughly check their systems before hand because of? Would either product stop an active infection if placed on after the point.
That's another realistic test approach. Testing on demand " malware removal tools. Not can they just stop the malware, can they remove all/most traces, when they do, does it corrupt/damage the system/files. Is the system still stable afterwards? Important aspects not necessarily discussed here at MT in tests.Could you consider testing malware removal tools such as NPE, Kaspersy Virus removal tool, Eset Online Scanner and X-Sec as the underdog on an highly infected VM? Would be interesting. But for now just enjoy your deserved break.
