Author Topic: Who has this formula and know how to fine-tune it?  (Read 9456 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33449
  • malware fighter
Who has this formula and know how to fine-tune it?
« on: May 05, 2007, 10:47:54 PM »
Hi malware fighters,

We have now entered the days of multi layered defense against malware. Just the simple cocktail of AV combined with a FW won't protect us fully any longer. What about the following free solution:
- Cyberhawk (heuristic HIPS) = freeware
- PrevxHome (Violation shielding) = freeware
- Avast        (Antivirus) = freeware
- GeSWall     (sandbox) = freeware
- COMODO-BOClean (anti trojan background scanner)

Are there people who know how to fine-tune GeSWall. I think it is not exactly a N00B-progra, and what about Cyberhawk. What about this formula?

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67247
Re: Who has this formula and know how to fine-tune it?
« Reply #1 on: May 05, 2007, 10:58:34 PM »
What about the following free solution
For me, polonus, too much... HIPS are very 'intrusive' applications. PrevxHome is a problematic tool (buggy?). Snad
Sandbox could be replaced by DropMyRights in some cases... COMODO-BOClean (anti trojan background scanner) is good for the ones who surf dangerously... Just my personal opinion. We must get a balance between protection and performance.
The best things in life are free.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86131
  • No support PMs thanks
Re: Who has this formula and know how to fine-tune it?
« Reply #2 on: May 06, 2007, 01:44:38 AM »
I have to agree with Tech, when your system becomes bogged down with security applications you spend an awfully long time keeping them up to date not to mention the intrusion some of them bring, death by pop-up asking permission and for those without experience continually answering yes seems to be a problem.

I tried BOClean and it lasted a whole hour before I uninstalled it, you can't run an on-demand scan, its configuration is I feel limited and I hadn't got a clue what it was meant to do, zero help file and sod all in the way of what it does on the web site. I will not install security applications where I have limited controls and worse still don't know what it does or how it works.

The same cyberhawk didn't last long either. I once downloaded sandboxie but never got around to installing it, as a dial-up user if I abandoned the browser cache every time my browsing would be slower continually having to load images that would otherwise be in the cache. I know it is possible to have it work with the live cache, bookmarks, etc. but to my mind that kind of defeats the purpose of it. That was the main reason I didn't bother to install it.

Have a back-up and Recovery strategy or be prepared for the grief and hassle that a re-installation ot format causes. The one application type I would recommend that isn't a security application is a dick imaging tool, Drive Image (for me) or True Image, etc. This has hauled my a** out of the fire on a number of occasions, none of which were as a result of virus infection.

Whatever you install on your system you have to be able to live with it, you control it not the other way round.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.11.2500 (build 21.11.6809.528) UI 1.0.683/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67247
Re: Who has this formula and know how to fine-tune it?
« Reply #3 on: May 06, 2007, 03:23:38 AM »
I tried BOClean and it lasted a whole hour before I uninstalled it, you can't run an on-demand scan, its configuration is I feel limited and I hadn't got a clue what it was meant to do, zero help file and sod all in the way of what it does on the web site. I will not install security applications where I have limited controls and worse still don't know what it does or how it works.
As far I could learn, it is only an on-access (resident) scanner. Some features seems like WinPatrol and other like a resident antispyware. I've installed and disabled it... maybe I'll uninstall in the future... I'm thinking about...
The best things in life are free.

drhayden1

  • Guest
Re: Who has this formula and know how to fine-tune it?
« Reply #4 on: May 06, 2007, 10:24:36 AM »
still have boclean on my laptop but what is it doing ???
reminds me of spyware blaster and winpatrol-they are there on your computer but also what are they doing ??? ???
and toooooooo!@# much protection on your system is too much on your system(overkill) ::) :o
« Last Edit: May 06, 2007, 10:31:30 AM by drhayden1 »

Manitoban

  • Guest
Re: Who has this formula and know how to fine-tune it?
« Reply #5 on: May 06, 2007, 02:49:07 PM »
Tech: BOClean falsely identifies most compiled AutoIt scripts as malware and shuts them down. Try dragging a few to the BOClean UI for on-demand scans.

Everyone: My brief experience with BOClean was bad. Numerous false positives. The excluder didn't retain entries. It wouldn't uninstall via Add/Remove (though the BOClean uninstaller itself worked).

Cyberhawk v2 would crash repeatedly, leaving the appearance of normality (tray icon) but no protection. It issued many false alarms, and the text of these alarms was utterly bizarre, for example, referencing a program that hadn't run all day. Cyberhawk, too, objected to AutoIt scripts, but the warning would be issued for, say, AVG Anti-Spyware, because the path to a script was in AVG's log. Sheesh.
« Last Edit: May 06, 2007, 02:53:35 PM by Manitoban »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86131
  • No support PMs thanks
Re: Who has this formula and know how to fine-tune it?
« Reply #6 on: May 06, 2007, 02:50:52 PM »
I tried BOClean and it lasted a whole hour before I uninstalled it, you can't run an on-demand scan, its configuration is I feel limited and I hadn't got a clue what it was meant to do, zero help file and sod all in the way of what it does on the web site. I will not install security applications where I have limited controls and worse still don't know what it does or how it works.
<snip>
Some features seems like WinPatrol and other like a resident antispyware.
<snip>

That is the problem with this tool you are left assuming what it does or seems like it does.

still have boclean on my laptop but what is it doing ???
reminds me of spyware blaster and winpatrol-they are there on your computer but also what are they doing
<snip>

I can understand what spywareblaster is doing as by clicking on protection and then the IE, Restricted sites, Mozilla/Firefox you can see what it is trying to combat. I can't say anything about winpatrol, I've never used it.

The GUI in BOClean looks ugly like something designed in the 90s or by a student in their spare time. The overall impression is one of basic and doesn't give you that warm feeling of a well designed security application, just my impression.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.11.2500 (build 21.11.6809.528) UI 1.0.683/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86131
  • No support PMs thanks
Re: Who has this formula and know how to fine-tune it?
« Reply #7 on: May 06, 2007, 02:54:40 PM »
<snip>
Everyone: My brief experience with BOClean was bad. Numerous false positives. The excluder didn't retain entries. It wouldn't uninstall via Add/Remove (though the BOClean uninstaller itself worked).
<snip>

Exactly the same experience when trying to use Add Remove programs, failed, but the BOClean uninstall entry was fine, I did have to clear one file from the folder and delete the folder though.

It is also little things like this that don't give much confidence in the product.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.11.2500 (build 21.11.6809.528) UI 1.0.683/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Who has this formula and know how to fine-tune it?
« Reply #8 on: May 06, 2007, 03:19:22 PM »
Quote
- Cyberhawk (heuristic HIPS) = freeware
- PrevxHome (Violation shielding) = freeware
- Avast        (Antivirus) = freeware
- GeSWall     (sandbox) = freeware
- COMODO-BOClean (anti trojan background scanner)

Put all of this on a new computer and you might as well chuck it away and just use that old 486 sitting under the stairs you never got round to throwing away- it'll be a lot quicker.

Just use avast!, update everything when a patch is needed, don't download dodgy files and you'll be fine.

 ::)
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

mauserme

  • Guest
Re: Who has this formula and know how to fine-tune it?
« Reply #9 on: May 06, 2007, 04:00:16 PM »
I've never been able to test CyberHawk.  Tried it on a couple computers that wouldn't boot into Windows after installing it.  After restoring to the last known good configuration I've never tried it again.

Prevx impressed me in that it recognized some pretty esoteric software while scanning for known applications but it is resource heavy, using 45,000+ RAM on the computers I tried it on.  And, of course, it's time limited to 30 days from its first malware detection.

I've never tried GeSWall, but am currently trying out BOClean on a few computers.  I supppose its doing something in the background and its not slowing the computers noticeably.

drhayden1

  • Guest
Re: Who has this formula and know how to fine-tune it?
« Reply #10 on: May 06, 2007, 04:04:32 PM »
think after all that non-positive sayings on the actions on boclean-i'm going to uninstall it 8)
any problems with uninstalling boclean you know of ???

solcroft

  • Guest
Re: Who has this formula and know how to fine-tune it?
« Reply #11 on: May 06, 2007, 04:29:19 PM »
think after all that non-positive sayings on the actions on boclean-i'm going to uninstall it 8)
any problems with uninstalling boclean you know of ???
Just keep in mind, however, that several people posting in this thread apparently don't know enough about computers to be able to keep themselves safe using more advanced technology - i.e. anything more complicated than an antivirus scanner appears to be beyond them.

If you're happy with BOClean and are having no problems with it, I say keep it. It's been a relatively effective piece of software, from my personal experience.

Regarding the OP: I'm not familiar with GeSWall, but Cyberhawk requires little to no tuning, unless you run some more "special" apps on your computer. There's been relatively little false alarms on my end (the one notable FP being when it tried to kill my Warcraft banlist program because it injects a DirectX API hook into the main Warcraft program), but if they do pop up, tell CH to remember your answer, click "Allow", and you're done. Assuming you know it's a false alarm, of course.
« Last Edit: May 06, 2007, 04:33:23 PM by solcroft »

drhayden1

  • Guest
Re: Who has this formula and know how to fine-tune it?
« Reply #12 on: May 06, 2007, 04:37:49 PM »
i think i will just leave it on for the time being until i heard farther things positive or negative about it
and what is a computer..is this what this thing is ??? ::)
« Last Edit: May 06, 2007, 04:47:13 PM by drhayden1 »

mauserme

  • Guest
Re: Who has this formula and know how to fine-tune it?
« Reply #13 on: May 06, 2007, 04:41:47 PM »
any problems with uninstalling boclean you know of ???
I haven't tried to uninstall it so no problems here at all.  I'm still testing it.

Just keep in mind, however, that several people posting in this thread apparently don't know enough about computers to be able to keep themselves safe using more advanced technology - i.e. anything more complicated than an antivirus scanner appears to be beyond them.
Any help you can offer in cleaning computers of malware, fixing installation problems, etc would be welcome.  Perhaps you could be a bit more proactive in rendering help within your abilities, whatever those might be.

Edited to remove statements verging on flames while retaining the intended sarcasm  ;D
« Last Edit: May 06, 2007, 06:11:29 PM by mauserme »

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Who has this formula and know how to fine-tune it?
« Reply #14 on: May 06, 2007, 05:20:25 PM »
Quote
Just keep in mind, however, that several people posting in this thread apparently don't know enough about computers to be able to keep themselves safe using more advanced technology - i.e. anything more complicated than an antivirus scanner appears to be beyond them.

I know enough about computer to keep myself safe using the simplest of technology: a good firewall and a secure web browser. I don't even rely on an anti-virus- there are so many new variants coming out every day, even the best AV won't catch all of them. I rely on safe browsing practice. You can load your computer up with Trojan detectors, HIPs, sandboxes but you'll take a major performance hit, and you won't be any more secure that just using a secure OS and browser and avoiding malware in the first place, IMO.

Old Polonus was a bit over the top in suggesting all of the apps he mentioned: hence my facetious response. I've experimented with a sandbox, HIPS, Trojan detectors in the past, and wouldn't tell anybody they don't have the right to do the same. Just stating the conclusion I've come to...  ;)
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog