Avast WEBforum
Other => General Topics => Topic started by: polonus on May 05, 2007, 10:47:54 PM
-
Hi malware fighters,
We have now entered the days of multi layered defense against malware. Just the simple cocktail of AV combined with a FW won't protect us fully any longer. What about the following free solution:
- Cyberhawk (heuristic HIPS) = freeware
- PrevxHome (Violation shielding) = freeware
- Avast (Antivirus) = freeware
- GeSWall (sandbox) = freeware
- COMODO-BOClean (anti trojan background scanner)
Are there people who know how to fine-tune GeSWall. I think it is not exactly a N00B-progra, and what about Cyberhawk. What about this formula?
polonus
-
What about the following free solution
For me, polonus, too much... HIPS are very 'intrusive' applications. PrevxHome is a problematic tool (buggy?). Snad
Sandbox could be replaced by DropMyRights in some cases... COMODO-BOClean (anti trojan background scanner) is good for the ones who surf dangerously... Just my personal opinion. We must get a balance between protection and performance.
-
I have to agree with Tech, when your system becomes bogged down with security applications you spend an awfully long time keeping them up to date not to mention the intrusion some of them bring, death by pop-up asking permission and for those without experience continually answering yes seems to be a problem.
I tried BOClean and it lasted a whole hour before I uninstalled it, you can't run an on-demand scan, its configuration is I feel limited and I hadn't got a clue what it was meant to do, zero help file and sod all in the way of what it does on the web site. I will not install security applications where I have limited controls and worse still don't know what it does or how it works.
The same cyberhawk didn't last long either. I once downloaded sandboxie but never got around to installing it, as a dial-up user if I abandoned the browser cache every time my browsing would be slower continually having to load images that would otherwise be in the cache. I know it is possible to have it work with the live cache, bookmarks, etc. but to my mind that kind of defeats the purpose of it. That was the main reason I didn't bother to install it.
Have a back-up and Recovery strategy or be prepared for the grief and hassle that a re-installation ot format causes. The one application type I would recommend that isn't a security application is a dick imaging tool, Drive Image (for me) or True Image, etc. This has hauled my a** out of the fire on a number of occasions, none of which were as a result of virus infection.
Whatever you install on your system you have to be able to live with it, you control it not the other way round.
-
I tried BOClean and it lasted a whole hour before I uninstalled it, you can't run an on-demand scan, its configuration is I feel limited and I hadn't got a clue what it was meant to do, zero help file and sod all in the way of what it does on the web site. I will not install security applications where I have limited controls and worse still don't know what it does or how it works.
As far I could learn, it is only an on-access (resident) scanner. Some features seems like WinPatrol and other like a resident antispyware. I've installed and disabled it... maybe I'll uninstall in the future... I'm thinking about...
-
still have boclean on my laptop but what is it doing ???
reminds me of spyware blaster and winpatrol-they are there on your computer but also what are they doing ??? ???
and toooooooo!@# much protection on your system is too much on your system(overkill) ::) :o
-
Tech: BOClean falsely identifies most compiled AutoIt scripts as malware and shuts them down. Try dragging a few to the BOClean UI for on-demand scans.
Everyone: My brief experience with BOClean was bad. Numerous false positives. The excluder didn't retain entries. It wouldn't uninstall via Add/Remove (though the BOClean uninstaller itself worked).
Cyberhawk v2 would crash repeatedly, leaving the appearance of normality (tray icon) but no protection. It issued many false alarms, and the text of these alarms was utterly bizarre, for example, referencing a program that hadn't run all day. Cyberhawk, too, objected to AutoIt scripts, but the warning would be issued for, say, AVG Anti-Spyware, because the path to a script was in AVG's log. Sheesh.
-
I tried BOClean and it lasted a whole hour before I uninstalled it, you can't run an on-demand scan, its configuration is I feel limited and I hadn't got a clue what it was meant to do, zero help file and sod all in the way of what it does on the web site. I will not install security applications where I have limited controls and worse still don't know what it does or how it works.
<snip>
Some features seems like WinPatrol and other like a resident antispyware.
<snip>
That is the problem with this tool you are left assuming what it does or seems like it does.
still have boclean on my laptop but what is it doing ???
reminds me of spyware blaster and winpatrol-they are there on your computer but also what are they doing
<snip>
I can understand what spywareblaster is doing as by clicking on protection and then the IE, Restricted sites, Mozilla/Firefox you can see what it is trying to combat. I can't say anything about winpatrol, I've never used it.
The GUI in BOClean looks ugly like something designed in the 90s or by a student in their spare time. The overall impression is one of basic and doesn't give you that warm feeling of a well designed security application, just my impression.
-
<snip>
Everyone: My brief experience with BOClean was bad. Numerous false positives. The excluder didn't retain entries. It wouldn't uninstall via Add/Remove (though the BOClean uninstaller itself worked).
<snip>
Exactly the same experience when trying to use Add Remove programs, failed, but the BOClean uninstall entry was fine, I did have to clear one file from the folder and delete the folder though.
It is also little things like this that don't give much confidence in the product.
-
- Cyberhawk (heuristic HIPS) = freeware
- PrevxHome (Violation shielding) = freeware
- Avast (Antivirus) = freeware
- GeSWall (sandbox) = freeware
- COMODO-BOClean (anti trojan background scanner)
Put all of this on a new computer and you might as well chuck it away and just use that old 486 sitting under the stairs you never got round to throwing away- it'll be a lot quicker.
Just use avast!, update everything when a patch is needed, don't download dodgy files and you'll be fine.
::)
-
I've never been able to test CyberHawk. Tried it on a couple computers that wouldn't boot into Windows after installing it. After restoring to the last known good configuration I've never tried it again.
Prevx impressed me in that it recognized some pretty esoteric software while scanning for known applications but it is resource heavy, using 45,000+ RAM on the computers I tried it on. And, of course, it's time limited to 30 days from its first malware detection.
I've never tried GeSWall, but am currently trying out BOClean on a few computers. I supppose its doing something in the background and its not slowing the computers noticeably.
-
think after all that non-positive sayings on the actions on boclean-i'm going to uninstall it 8)
any problems with uninstalling boclean you know of ???
-
think after all that non-positive sayings on the actions on boclean-i'm going to uninstall it 8)
any problems with uninstalling boclean you know of ???
Just keep in mind, however, that several people posting in this thread apparently don't know enough about computers to be able to keep themselves safe using more advanced technology - i.e. anything more complicated than an antivirus scanner appears to be beyond them.
If you're happy with BOClean and are having no problems with it, I say keep it. It's been a relatively effective piece of software, from my personal experience.
Regarding the OP: I'm not familiar with GeSWall, but Cyberhawk requires little to no tuning, unless you run some more "special" apps on your computer. There's been relatively little false alarms on my end (the one notable FP being when it tried to kill my Warcraft banlist program because it injects a DirectX API hook into the main Warcraft program), but if they do pop up, tell CH to remember your answer, click "Allow", and you're done. Assuming you know it's a false alarm, of course.
-
i think i will just leave it on for the time being until i heard farther things positive or negative about it
and what is a computer..is this what this thing is ??? ::)
-
any problems with uninstalling boclean you know of ???
I haven't tried to uninstall it so no problems here at all. I'm still testing it.
Just keep in mind, however, that several people posting in this thread apparently don't know enough about computers to be able to keep themselves safe using more advanced technology - i.e. anything more complicated than an antivirus scanner appears to be beyond them.
Any help you can offer in cleaning computers of malware, fixing installation problems, etc would be welcome. Perhaps you could be a bit more proactive in rendering help within your abilities, whatever those might be.
Edited to remove statements verging on flames while retaining the intended sarcasm ;D
-
Just keep in mind, however, that several people posting in this thread apparently don't know enough about computers to be able to keep themselves safe using more advanced technology - i.e. anything more complicated than an antivirus scanner appears to be beyond them.
I know enough about computer to keep myself safe using the simplest of technology: a good firewall and a secure web browser. I don't even rely on an anti-virus- there are so many new variants coming out every day, even the best AV won't catch all of them. I rely on safe browsing practice. You can load your computer up with Trojan detectors, HIPs, sandboxes but you'll take a major performance hit, and you won't be any more secure that just using a secure OS and browser and avoiding malware in the first place, IMO.
Old Polonus was a bit over the top in suggesting all of the apps he mentioned: hence my facetious response. I've experimented with a sandbox, HIPS, Trojan detectors in the past, and wouldn't tell anybody they don't have the right to do the same. Just stating the conclusion I've come to... ;)
-
Just keep in mind, however, that several people posting in this thread apparently don't know enough about computers to be able to keep themselves safe using more advanced technology - i.e. anything more complicated than an antivirus scanner appears to be beyond them.
Considering your lack of time here in these forums to get any idea of what the posters in this topics experience might be, to tar everyone as being incapable of using anything more complex/complicated than an anti-virus is out of order.
Had you said 'Just keep in mind, however, that several people reading this thread, etc. etc.' would have been nearer the mark, but you didn't, effectively a slur on the posters in this topic.
You say "It's been a relatively effective piece of software, from my personal experience" and we accept that statement, we don't say anything about your experience as we simply don't know what that might be and don't make assumptions.
-
Just keep in mind, however, that several people posting in this thread apparently don't know enough about computers to be able to keep themselves safe using more advanced technology - i.e. anything more complicated than an antivirus scanner appears to be beyond them.
I read something once that mentioned something about stones and glass houses etc. Wonder if that applies to this statement.... ??? ??? ???
-
Just keep in mind, however, that several people posting in this thread apparently don't know enough about computers to be able to keep themselves safe using more advanced technology - i.e. anything more complicated than an antivirus scanner appears to be beyond them.
Strange way to appear in a forum... It's a pity. Besides, you're wrong, there are a lot of knowledge and help on avast forums, you can test the number of happy users...
Some people are never satisfied, some people are always sad...
-
"Is this the room for an argument?" . . . everyone take a deep breath and relax.
No names... I tried BOClean and it lasted a whole hour before I uninstalled it, you can't run an on-demand scan, its configuration is I feel limited and I hadn't got a clue what it was meant to do, zero help file and sod all in the way of what it does on the web site. I will not install security applications where I have limited controls and worse still don't know what it does or how it works.
As far I could learn, it is only an on-access (resident) scanner.
still have boclean on my laptop but what is it doing
Please forgive me if you have already read and digested this info but http://www.comodo.com/boclean/boclean.html and support/configuration at http://www.comodo.com/boclean/supboc.html are very clear and informative as to what BOClean is, does & doesn't do.
Solcroft's comment may be presumptuious and blunt but perhaps he/she took a 'mile' having been given at least an 'inch'.
Anyway, to the point. I use BOCLean at home (with Avast! Home) and on a corporate network (with CA Antivirus) and for me, its great strengths are that it uses almost no resources, does not require user intervention (except to make an addition to the exclusion list) and can be configured to be invisible to the user. Now it's free as well which is almost too good to be true.
Happy trails
Vlad
-
I don't believe anyone is looking for an argument and I believe we are relaxed.
You could simply have posted the relevant information links and been done with it, but your comments just elicit a response as I said, I don't feel we are arguing just making the point that the poster doesn't know anything about those he slights and I believe we are calm and relaxed.
I don't know how long these links have been up but a prior look at the Comodo site basically referred you to the original BOCllean site. The first link is to generalised more like advertising/PR/Press release. The second link is much better.
-
Hi Vladimyr,
The only hickup with BOClean is that I cannot update it on the one normal user account, and have to go back to the admin account on my XP computer, even while I gave the update program particular privileges in the COMODO FW, but apart from that I am satisfied.
-
almost no resources
But does it do anything at all that WinPatrol is not doing or avasts is not scanning?
Security needs some resources... miracles do not happen every day: a software that does everything and consume nothing...
-
Anyway, to the point. I use BOCLean at home (with Avast! Home) and on a corporate network (with CA Antivirus) and for me, its great strengths are that it uses almost no resources, does not require user intervention (except to make an addition to the exclusion list) and can be configured to be invisible to the user. Now it's free as well which is almost too good to be true.
Agreed. I also have it in both environments and I like the extra layer of protection on computers where the users are not always as careful as I prefer. But I would like a little more feed back from the program - even a simple clock showing total time active, or a scanned file count, would give me greater comfort.
As to the previously made comments, all I can say is I know Tech's abilities, I know DavidR's abilities, and I know FwFrank's abilities.
I don't know solcraft so I searched the forum for an indication of his superior abilities. Didn't find it. Searched the web for other forums he might be on. Found one about body building and injecting steroids (probably not the same solcraft) and a web design site.
Now don't misunderstand. I'm not criticizing his ablitiies because I don't know what they are. I am saying if he chooses to criticize the likes of Tech or DavidR or FwFrank then he should be specific and he needs to show what he's got. If any of us makes a mistake in the help we've given and he, or anyone, has a specific way to remedy it or prevent a problem we might have caused then for sure post it. If he has better methods or deeper insight into a problem, then post it. Since I seem to be a member of the uneducated I'll add that I would love to learn more from him.
But a general statement that the un-named "they" don't know security is not productive.
-
Hi DavidR
First, don't take the Monty Python quote, or me, too seriously (none of my family do!)
But I was serious when I said "Please forgive me if you have already read....." because I had read these pages back on April 27, following this post from Polonus http://forum.avast.com/index.php?topic=28016.0 so I apologise for presuming that you and/or others would also have seen them.
Polonus
Re BOClean updating. Have you tried the fix http://www.comodo.com/boclean/supboc.html > 'Cannot get BOClean to update on "limited user accounts"' about 1/4 way down the page?
Tech
"Almost no resources" - in terms of CPU cycles. Of course it uses some memory as well. But does it do anything at all that WinPatrol is not doing or avasts is not scanning?
I've not used WinPatrol, but if Avast! and its VDB were always 100% failsafe, then nothing else would be necessary.
cheers,
Vlad
-
That is why the forum smilies are for ;D ;D or <G> that indicate it is humorous, not to be taken seriously.
However, to suffix it with ". . . everyone take a deep breath and relax" kind of takes the edge of any implied humour as the statement indicates you feel we aren't relaxed and should take a deep breath.
The thread was effectively dead when you first posted, everyone had said their piece and no response from the original poster of the comment. So as I said simply posting that information would have ended it there. Personally I'm done with this as there are much better things to be getting on with.
-
Tech "Almost no resources" - in terms of CPU cycles. Of course it uses some memory as well. But does it do anything at all that WinPatrol is not doing or avasts is not scanning?
I've not used WinPatrol, but if Avast! and its VDB were always 100% failsafe, then nothing else would be necessary.
Thanks. I'd rather stay with WinPatrol: easy configuration, not that much resources (similar to BOClean as far I can see) but I can understand what is going on...
-
Hi DavidR
Personally I'm done with this as there are much better things to be getting on with.
Agreed, and thanks for the "smiley science" tip.
cheers
-
Just a bit of "FYI" about the Comodo BOClean program. I downloaded it. I am running WinXP SP2 all current updates. I noticed later that when shutting down my computer it took almost 3 minutes to do so where it had only taken about 45 seconds prior to using this program. Finally after a couple of weeks I uninstalled the program. Now my pc is back to shutting down in the 45 sec time frame it used to do prior to me using BOClean.
Not trying to stir up any trouble over this, just wanted to relate my experiences and what I did to put things back to normal. :D