Jump to content

Cesam antimalware

Guest BlairWitch

By Guest BlairWitch
in General Chat

 Share

Recommended Posts

David H. Lipman

David H. Lipman

Posted
Posted

Latest version: 4.0, Released: 27-Sep-2008

Domain Name: CESAM-ANTIMALWARE.COM

Registrar: ENOM, INC.

Whois Server: whois.enom.com

Referral URL: http://www.enom.com

Name Server: NS1.INFOBOX.ORG

Name Server: NS2.INFOBOX.ORG

Name Server: NS3.INFOBOX.ORG

Name Server: NS4.INFOBOX.ORG

Status: clientTransferProhibited

Updated Date: 04-dec-2011

Creation Date: 04-dec-2008

Expiration Date: 04-dec-2012

So the product was created in Sept.'08 and the web site was registered in Dec. '08 and the software and site haven't been updated since.

Link to post
Share on other sites
  • Staff
Dashke

Dashke

Posted
  • Staff
Posted

Hey guys! :)

Cesam Anti-Malware is legit software and very good one. I use it all the time to cure PCs.

Wepawet - unsafe because of google analytics? :)

P.S. McAfee has a lot of fp's on them.

Online-Solutions(started to work in 2006) is also developing Online Solutions Security Suite, great security suite, that gained very high score in matousec's tests - http://www.matousec....nge/results.php

Check this too - http://startups.cesam-antimalware.com/En/

It's great database of startups.

Link to post
Share on other sites
David H. Lipman

David H. Lipman

Posted
Posted

I don't see they are "developing" anything and maybe I missed it but, I don't see any "Cesam" product on the referenced URL at matousec's tests (not that they an authority either).

When I look at CESAM-ANTIMALWARE.COM I see a site frozen in time. I would NOT use their product(s).

Link to post
Share on other sites
ShyWriter

ShyWriter

Posted
Posted

Online-Solutions(started to work in 2006) is also developing Online Solutions Security Suite, great security suite, that gained very high score in matousec's tests - http://www.matousec....nge/results.php

The above mentioned test was run almost two years ago in May 2010 (long time in viral years) and was run on a WinXP w/SP3 using IE 8 . 64 bit v2.0 is still in beta.. Current 32 bit product = "the latest official release is still 1.5 from April 2010."

A review from TECH TACTICAL:

Dec 9 2010

PrivateFirewall and Online Solutions Security Suite!

Firewalls are a critical component of a computer security system and a necessity if your computer is connected to a network or the Internet. Some firewalls are hardware-based, and are built into the network routers that enable high-speed broadband Internet connections such as DSL, cable, satellite and fiber. In this article I am reviewing the two software firewalls for 2010 – 2011 Online Solutions Security Suite and Private Firewall.

Complete review can be read at: http://www.techtacti.../new-firewalls/

Precautionary statement: Tech Tactical's ABOUT shows it as a private computer build/repair shop.. BUT, the review is professionally presented. Use site and links at your own risk.

I wouldn't touch it; i.e. OSSS (personal opinion)

Steve

Link to post
Share on other sites
  • 3 weeks later...
  • 2 weeks later...
Firefox

Firefox

Posted
Posted

I run Malwarebytes period... I dont believe in host based firewalls and Antivirus anymore :)

Be aware that Malwarebytes alone is not enought, as Malwarebytes is not an antivirus software, you still need to have an active up to date antivirus program installed.

Link to post
Share on other sites
David H. Lipman

David H. Lipman

Posted
Posted

I run Malwarebytes period... I dont believe in host based firewalls and Antivirus anymore :)

Please read:

http://forums.malwarebytes.org/index.php?showtopic=102698&view=findpost&p=507785

It'll help explain why MBAM is adjunct, supplemental, software and does not replace a fully installed anti virus application.

Link to post
Share on other sites
razoreqx

razoreqx

Posted
Posted

Thanks for the link David. I do understand the difference between AV and Malwarebytes.

I guess my point was AV is kinda like Intrusion detection systems, old and outdated.

Who really writes Virus code anymore? 99% of the malicious code I see traffic from 22,000 users is Malware. Either phishing click hijacking, CSS, or browser exploit or a combination thereof... Once in a while our AV solution (to remain nameless) will stop an execution but most of the time its detected by heuristic activity and by then you're already infected..

Link to post
Share on other sites
David H. Lipman

David H. Lipman

Posted
Posted

No, IDS and HIPS are not like AV software. Their adjunct as well. They look at activity rather than at files and addresses.

I think you are confusing many nefarious acts.

All viruses are malware but not all malware are viruses. Malware is the overarching concept of malicious files. There are classes and sub-classes of malware. They include; exploits, viruses and trojans.

Yes, actual viruses (code that self replicates) have diminished. We see Parite, Sality and Virut from time to time and may even see a trojan infected with a virus such as in the case of a zapchast.

The vast majority of malware are trojans. That is malware that needs assistance to be installed. The assistance can be via the vulnerability/exploitation vector (which uses a software vulnerability) or it can be Social Engineering (which uses a human vulnerability).

To promote this there are "kits" sold to help spread one's malware such as the Blackhole Exploit Kit. This uses the vulnerability/exploitation vector and will confront the browser with malicious exploits (JAR, PDF and SWF). To help protect the computer user one needs to detect this kind of activity. For the initial HTML code the anti virus software might detect the malicious script such as "JS/Obfuscus.AACB!tr" and then the Java Jar as "Exploit.Java.CVE-2011-3544.ll" and the PDF as "Exploit.JS.Pdfka.fpb" and the SWF as "SWF/Blacole.AT". Those are all detections the AV software can indicate that MBAM will not touch. Using AV software and MBAM is a layered approach and gives a broader-spectrum detection and prevention.

When you wrote... "phishing click hijacking, CSS, or browser exploit or a combination thereof..." you are providing samples of methodologies or ploys to spread a trojan and can play a part in Social Engineering or act in parallel to Social Engineering.

Intrusion Detection is a whole different matter.

http://en.wikipedia....etection_System

"monitors network and/or system activities for malicious activities or policy violations and produces reports to a Management Station"

http://en.wikipedia....evention_system

So a real defense is multi-layered. There is; IDS/IPS as the border/gateway, anti virus/anti malware software, content filtering, policy management, etc, etc.

To say that one will not use anti virus and just rely on MBAM shows a gaping hole in one's attempts to protect a system or systems.

Link to post
Share on other sites
ShyWriter

ShyWriter

Posted
Posted

[...]

I guess my point was AV is kinda like Intrusion detection systems, old and outdated.

[...]

Welcome to the Forums razoreqx ...

Just a piece of advice from an old, OLD fart; me; computing since 1981.. David (Post http://forums.malwar...ndpost&p=534566 ) is a VERY intelligent expert in these matters and one would do well to listen to him.. and his advice. And the second part of my advice; it ONLY takes one virus to take you down; why not be safe?? There are plenty of free versions of decent anti-Virus programs available if you're just get tried of being dunned annually for a "maintenance" fee.

Thanks for "listening." :)

Steve

Link to post
Share on other sites
BornSlippy

BornSlippy

Posted
Posted

In respect of consumer (Windows based) Pc security Viruses in the classical definition of the term are all but irrelevant. Almost all viruses worthy of the name are written to target specific systems or servers with a destructive corporate or political objective. AV’s are so called because of their origins not because their raison d'etre is to defend against viruses. For better or worse Virus has become a generic term for bad stuff and bad stuff in the real world is almost always Malware. When your AV pops up with a ‘Virus Alert’ does that mean you’ve got a virus? Do we send a sharply worded email to Avira or Kaspersky or whomever demanding they redefine their alerts? Viruses are in decline because cybercrime is almost exclusively financially driven and there are more effective and more lucrative ways of achieving this objective. We live in a world where the sophistication and potency of Spyeye, Zeus and state of the art Rootkits don’t detract from the destructiveness of Sality and the like but make them at best marginal.

This is not to say that we can dispense with an ‘Anti-Virus’ at the current time. Why? Well not because of the need to defend against viruses as well as malware. The reason is that currently Malwarebytes’ strength isn’t sufficiently broad to take on full malware protection and no consumer AV (that I’m aware of) outperforms Malwarebytes in the area that it excels.

Link to post
Share on other sites
razoreqx

razoreqx

Posted
Posted

Welcome to the Forums razoreqx ...

Thanks for "listening." :)

Steve

Thanks for the welcome and after 22 years working in this field one thing I've continued to do is listen :) I’ve never stopped learning.

I still think (what to call them?) "Commercial Security Packages" belong in a corporate environment where there are more controls over the applications and OS privileges, and policies to govern over them.

I think what drove me to my opinion about AV / security suites was more my experience with home use. Often the products completely consume the resources of the machine (sometimes even worse than malware) making legitimate applications run slowly. They also inundate the user with pop up messages and warnings, most of which are not understood, and often ignored or answered incorrectly.

Let’s take my wife as an example. I’d call her your average social media sponge, with a fairly average appetite for online shopping....In the past year I’ve had at least three "AV Security Solutions" installed on her PC. I’ve had these products at various “recommended” security protection levels and spent hours whitelisting legitimate sites and applications. What I would call “good husbandry” of all the false positives she had uncovered. . I’ve tried various OS level account privilege settings, browser settings, NOSCRIPT addons, and other safe browsing techniques, but find many of them alter sites to the point of being broken and unusable or displayable, and many of their pages fail to function.

To date she’s had Fake.AV infections at least six times, encountered countless undetectable droppers and key loggers.. The first few times she was infected I did some investigation as to how this was allowed to happen. When asked if the computer warned her about the activity I was informed she merely clicks on the boxes until they go away.

So in the last few months I have resorted to Home Server with “working” images for each of my family member’s computers. When I come home from work only to be greeted with complaints about a computers performance or inability to browse the Internet I merely drop in a bootable CD and within minutes the computer is back up and running again.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.