Corbitek Antimalware 2 Beta

Discussion in 'other anti-malware software' started by dreamlost88, Jan 2, 2010.

Thread Status:
Not open for further replies.
  1. dreamlost88

    dreamlost88 Registered Member

    Joined:
    Aug 17, 2009
    Posts:
    16
    Hi,

    I have released Corbitek Antimalware 2 Beta.

    Small list of changes:

    Improved service loading speed
    Improved user interface
    Improved heuristic detection
    Improved compatibility with Windows Vista and Windows 7
    Improved Real Time protection to work with other antiviruses real time protection components
    Added RNA for detecting new, unknown malware
    Added generic signatures
    Added "Send file for analysis"
    Added "Send feedback"
    Added "Quick Scan" option

    If you would like to try it, you can get it from http://www.corbitek.ro/content/corbitek-software-products

    Some screenshots: http://www.corbitek.ro/content/screenshots

    I appreciate any feedback


    Thank you,
    Bogdan
     
  2. Ibrad

    Ibrad Registered Member

    Joined:
    Dec 8, 2009
    Posts:
    1,949
    Screen shots look nice, plus does not mess with current security software is good. After beta I may want to test it some, I would install the beta but my spare test machine I kinda broke it :p

    Anyone want to try it and post how much memory it uses and test it with some malware?
     
  3. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    If it doesn't offend your project, I'll try out some simple fuzzing techniques on Corbitek,

    then on to detection.

    edit : I like this kind of gui - the arrangement, on the first window with major features set out like this.
    A couple of suggestions (just my opinion,) I would include on the first screen 'You are protected' or simply 'Protected'. Also something to tell the user when an update was made like 'Updated' with the time or date it was done or perhaps the time 'ago' it was done.
     
    Last edited: Jan 2, 2010
  4. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    I remember the previous version.

    I'd like some Wilders' members put it to the test.
     
  5. clocks

    clocks Registered Member

    Joined:
    Aug 25, 2007
    Posts:
    2,559
    Yeah. Anyone willing to test it out?
     
  6. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,190
    Location:
    USA,IA
    Is there windows 7 support?

    so this is a freeware? i bet this will give Spyware terminator some competition.

    i would suggests a HIPs be added, to what file system, system registry and processes
     
  7. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,190
    Location:
    USA,IA
    how much malware is detected? i dont see any numbers
     
  8. Ibrad

    Ibrad Registered Member

    Joined:
    Dec 8, 2009
    Posts:
    1,949
    A light HIPS would be nice :D
     
  9. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,190
    Location:
    USA,IA
    just install it, on windows 7 32bit when i opened the app i keep getting this error message


    error.jpg
     
  10. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Has anyone tried this in a VM as I'm getting an error when trying to bring up the gui after install?

    XP VM and Vista VM:

    Corb.JPG

    Warn Vista.JPG
     
  11. clocks

    clocks Registered Member

    Joined:
    Aug 25, 2007
    Posts:
    2,559
    I had issues in Win7-32 also.
     
  12. EliteKiller

    EliteKiller Registered Member

    Joined:
    Jan 18, 2007
    Posts:
    1,138
    Location:
    TX
  13. clocks

    clocks Registered Member

    Joined:
    Aug 25, 2007
    Posts:
    2,559
  14. dcrowe0050

    dcrowe0050 Registered Member

    Joined:
    Sep 1, 2009
    Posts:
    378
    Location:
    NC
    I have been trying to get this installed on my test system, I should say trying to get it to work because it installed fine on XP. But it will not run a scan, or anything. Still trying though
     
  15. UncleOrange

    UncleOrange Registered Member

    Joined:
    Jan 2, 2010
    Posts:
    12
    I use it when it is 1.0:D ,but the detection rate isn't satisfied :'( ,hope you can increase it
     
  16. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Bogdan,

    Please tell some more information about the real time protection. This is a security forum, so tease us by providing some information about:

    1. The scope of the realtime protection
    Does it protect registry keys (windows settings, startup keys), does it look at services / driver loads or startup off rare programs (regserver, 16 bits or dos box starts), execution of programs, files being downloaded, mail attachements received through pop3

    2. Explanation of features
    Way back in the eighties a lot of wash powder commercials had a magic ingredient. For instance OMO with TAED, washes whiter than white. At the moment the ad-guys are trying to sell us (men) facial cremes and anti-greying stuff for your hair. Since this is relatively new, the commercials also tell me the facial fights the 5 sigs of aging with pro-active moisteriser loaded with the refreshing power of water (? as if that is something different than washing with plain water and soap ?).

    Well your website has some magical features unexplained
    a) the various levels of heuristics (insane?)
    b) added RNA for detecting new
    c) general signatures
    d) how is the improved co-operation/cpmpatibility with other AV achieved
    e) why are you able to add value with just two people updating the data base, what is the trick compared to Dr Web, Kaperski, Avast for instance

    Thanks
     
  17. dreamlost88

    dreamlost88 Registered Member

    Joined:
    Aug 17, 2009
    Posts:
    16
    Hi,

    Thank you for trying Corbitek Antimalware. I will look into the Windows 7 issues.

    1. The realtime protection only monitors programs execution and creation of files. We don't use system wide hooks for that, hence the compatibility with real time protection components from other security vendors.

    2. a) The heuristics level:
    Low - Checks for random file names
    Medium - Checks for suspicious strings
    High - Checks the IAT(Import Address table), for each import it assigns a number and then adds them up. If the sum exceeds a threshold then it raises the alarm
    Insane - All of the above
    b) RNA - It checks if the file signature matches more than x% with any signature in the database
    c) general signatures - instead of creating a signature for the whole file, it only creates a signature for a specific section in the portable executable, if the file is a valid PE.
    d) I already mentioned that in 1)
    e) It's very very hard to keep up with the ever increasing number of malware/day (~2000) and also with the army of paid people from other well established security vendors that add signatures for their products.
    Because of that, Corbitek Antimalware 2 will be THE LAST VERSION TO RELY ON SIGNATURES FOR DETECTING MALWARE.
    Version 3 WILL NOT USE ANY SIGNATURES, instead it WILL USE AN INTELLIGENT APPROACH for detecting malware. If you need more info on version 3, please check the website as I'll post more info there.

    Regards,
    Bogdan
     
  18. dcrowe0050

    dcrowe0050 Registered Member

    Joined:
    Sep 1, 2009
    Posts:
    378
    Location:
    NC
    I finally got it working enough to browse a few malicious websites, mostly old, but any ways it notified me of malware being blocked on most of the sites but it did not try to quarantine or block them or delete them. It just gave me a notification that malware was being blocked and then it let the malware download and install without doing anything. And then I could not try to clean the malware off my system because it wouldnt scan. In my opinion this may be a decent program after all the bugs get worked out but I think its way to buggy right now. Might try to test it a little more on down the road but it needs a few things to be worked out first for me.
     
  19. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Bogdan,

    Thanks for your very informative reply. Smart to move away of signatures for a smaller security player (just to much work involved). Due to differences in security setups (e.g. running LUA), I would like to ask for an option to check on file creation and execution (same simple options MSE has got). So people with a applocker or SRP deny execution do not waist CPU cycles. I will have a look at V3

    Thanks
     
  20. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
  21. dreamlost88

    dreamlost88 Registered Member

    Joined:
    Aug 17, 2009
    Posts:
    16
    Hi,

    I have released a new version of Corbitek Antimalware 2 Beta that fixes the access violation error message when starting Corbitek Antimalware and other minor bugfixes.

    You can get it at http://corbitek.ro/content/corbitek-software-products

    Best regards,
    Bogdan
     
  22. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,190
    Location:
    USA,IA
    What does this protection rely on? def update? what?
     
  23. Habakuck

    Habakuck Registered Member

    Joined:
    May 24, 2009
    Posts:
    544
    Very good decision! :thumb:

    And i am really pleased to see that you are planing to release a native 64-bit application! That sounds pretty good.

    In my opinion your biggest chance is to develop a product that acts as a very light complementation to existing standard antivirus software which does not slow down the system and does not interfer with the existing software!
    Look at Threatfire, aka Cyberhawk or Sandboxie... They made it and you will too! :thumb:

    My best wishes for you and your project. I will try it in version 3 (x64).
     
  24. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    XP VM.

    Lots of false positives including detections of Corbitek's own files.

    Tried different heuristics levels and got the same results each time.

    Test.JPG
     
Loading...
Thread Status:
Not open for further replies.