spywar

Another really great review result...

 

Watched it..As always good review by ThePCSecurity !

Thanks for your hard work devs and testers

 

I'm gonna play with EAM 9...downloading.

Nice, we can see that they have also improved cloud based reaction playing with the BB...Even though more tests are needed but I'm sure it is.

Welcome here

Good job

In that case, Elise manually whitelisted an app

http://support.emsisoft.com/topic/13617-cubicexplorer-false-positive/#entry98357

I guess this was also able to be done automatically right ?

According to the Summary Report 2013, Bitdefender is better than Emsisoft.

If Emsisoft uses 2 engines, Emsisoft should be better than Bitdefender, but is not the case.

Absolutely not  ...

I hope no one uses it for any kind of test or whatever else  ...

Since Google bought it, many new engines are being added..........I prefer the old one 

Yes it is quite quite powerfull...I was just testing it with fresh MD5 values of fresh malware samples...Even safe samples are great covered.

"Around 2000 - 5000 files a day are being whitelisted at the moment"

so we can consider that AMN is whitelisting around 60 000 / 150 000 of new safe files each month then..

Fabian : I see your point, but wouldn't it be great to see a topic once you'll reach 10 M users ? 

Oh I can see that DB is now reaching the 50 M files.... Considering it was at 20 M at the time I started this thread...nice.

Ah yes.....I did forgot the site name, I was searching for Antimalwarenetwork.net .... thanks

I can't find AntiMalwareNetwork website with all stats etc ... Is it normal ? 

I gathered 58 fresh samples

 

http://malwaretips.com/Thread-Malware-Pack-58-fresh-samples--17062?pid=128440#pid128440

 

Did a scan with EEK updated and left 9 samples

 

did submitted those 9 and also checked all of them one per one using SHA-1 value

 

http://malwaretips.com/Thread-Malware-Pack-58-fresh-samples--17062?pid=128447#pid128447

 

Pretty impressive and agressive.

My suggestion : Why not make an upload area on the AMN website so that I can upload never seen malware by the backend.

Basically you don't have any plans on bringing the AMN even more in interaction with EAM ? It's really active with OA, nothing goes through and if one pass the OA's cloud lookup, Mamutu takes care of it....

 

I mean...even adware all all covered by AMN ! and if you take a look at some malware removal forums, you'll see ppl get infected a lot by Adware it would be pretty good to bring up this AMN to check every execution on EAM...But I bet you know better than me.

Strange that EAM asks AMN only when Behavior Blocker sees something with malicious behavior...Maybe I am wrong here ? Do you plan some more things for EAM like checking every .exe with AMN ? Thanks again.

Hi!

 

Take a look at this test on 22 samples pack from me

 

http://malwaretips.com/Thread-Malware-Pack-22-fresh-samples--16954?pid=127641#pid127641 (really fast)

 

I'm impressed by OA I must say...

 

Question is how can it identify something as malicious ? (dangerous) ? Does it look it up throught the Anti Malware Network database ? Cause I checked these files with isthisfilesafe.net and if I remember right all were caught as Malware. 

 

Thanks again for all those replies and also to the tester.

Thanks again Fabian

 

So do you get samples from virustotal continuously ? 24/7 ? I see there is a product called MalAware which essentially relies on this database for scanning. Do you plan such a scan called Cloud Scan for the future of EAM ?

Hi nsm,

 

I'd really like to do so but don't have time atm.. btw, this test showed excellent performances from Mamutu.

Thanks.

Is it possible to know how many files get whitelisted automatically everyday ? I have correctly understood that any unknown files safe or bad, get a classification by Anti Malware Network depending on many factors (BTW, bad files are classified MUCH faster than white, just because of the similarity which should really be doing great....)

thanks again.

 

Last Q : How long does a detected file need to be added to local DB ? I mean they are TONS of Adware not detected by EAM but all classified as malware by AMN. I'm sure there is something to do here. I had no adware samples not detected by AMN as malware. 

We usually apply rather complex statistical models to unknown files, allowing us to determine whether or not a file is malicious based on many different factors like location on the system, behavior on our client's machines, similarity to existing threads, user feedback, source, and so on.

And does this also apply for safe files (identified as unknown by the Anti Malware Network) ? Usually, how long does this process take ? thanks.

Hi,

 

Upgraded to V8 yesterday night. (update from V7 to V8 just to let you know). Noticed that the scanning time and cleaning process are REALLY long...Should I do a clean reinstallation ? If so, do you have a special tool for that purpose ?

 

thanks.

Since EAM does not submit a hole file ... Where do you get the files from ? currently Currently 20,581,602 files in database.