which realtime?

ok mods please dont go straight for the lock button
i am currently using threatfire which as far as i know is good at stopping malware when run or something.
i heard about BOclean doing something in a similar way and i want to know the differences. i DONT want fanboys saying this is better than that blah blah blah
i would like an expert for some advice to tell me whether one has a significant advantage like stopping it before it starts or stopping once it starts. i know they dont work in the same way but they have a similar effect.
is there a comparison site or something i can look at?
on comodo site it says BOclean is the best protection against *rootkits*, does this mean its better than threatfire?
please dont rant and rave about who does what better just please tell me the differences between the two and if there are any significant advantages

 

what i also forgot to ask was: is ok to use both? would i gain advantages from having both?

 

BOClean is now integrated into the latest beta of Comodo Internet Security. It's going to be discontinued as a stand-alone product. So, ThreatFire should continue to serve you. It's very good at what it does. Look for posts regarding ThreatFire from Kees1958. He has many excellent tips in how to get the best from the program.

 

They are very similar, either would give you some added protection.
I use TF and it very rarely gives popups , which is a good thing in this type of app.
It also lets you set custom rules , and gives details on what running on your system at the moment , which is handy sometimes.

 

Hello there,

I don't know what your full security set is like, but have you given a thought to light virtualization? I'm talking about applications like Shadow Defender, Returnil which will create a virtual volume (all activities between reboots of your computer will be deleted including ANY malware that might have slipped through for whatever reasons) and simplify your life. I am presently running an antivirus and Shadow Defender only, I'd say my machine is 99,9% safe.

There are of course other possibilities, like sandboxing(Sandboxie, Defense Wall) which will give you the same degree of security without clogging your system with too many real time applications.

 

They are totally different.

BOClean a signature based memory scanner.
TF is a behav blocker. TF better than BOClean IMO.

 

osaban i have sandboxie but im not usin it because its 3x as slow.
my setup is
avira free
threatfire
comodo firewall/hips
spyware terminator
and various on demand scanners
also i have sandboxie but arent using because of such slow browsing

 

Good post, IMO.

 

so threatfire behavior blocker is not good? and also i heard comodo antivirus wasnt quite up to scratch yet dont want to sound like a comodo basher but is it good quality? is there any comparison its entered?
EDIT: also by entire suite you think i should go for the beta with boclean intergrated or use 3.8 and wait for full 3.9 release

 

Maybe not, but from what I hear and believe, it's always improving as well as getting new features to be even more effective. If I would use a single product to protect my system, it would probably be TF.

If I would personally go with a free setup, I would go with what I'll now paste from my own list :

"SpywareBlaster
PC Tools Anti-Virus | Avira AntiVir Personal /\ COMODO Internet Security - AV only and possibly D+ as well when v4?
ThreatFire
(Prevx / Prevx CSI) **
Opera | Browser Defender/LinkScanner Lite *
Secunia PSI
Rising PC Doctor
((Panda Anti-Rootkit))
((SUPERAntiSpyware Free))
((Malwarebytes' Anti-Malware))
((Dr.Web CureIt!))
((Norton Security Scan and Clean))


* = Browser addons

** = Free detection - eventual fee for removal (atleast supposed to be free before for easy adware infections and new MBR infections)

(( x )) = On-demand security software - installed if prefered to have/when needed"


For paid, just look in my sig. on XP.

 

There's nothing wrong with TF at all. But with CFP/defense+ active, it is largely redundant, I think. Defense+ (another name for a type of HIPS) will probably cover most - if not all - that TF would.
Boclean as a standalone monitors memory and intercepts and kills recognised trojans that attempt to start. It is not a scanner, but purely a realtime trojan zapper, it was considered very good. As part of CFP I am sure it helps make the "suite" more competent. (That's how I look at it. You have a firewall, a HIPS, a buffer overflow protector, and a trojan hunter, all in one app called a firewall. If it works well for you, it's a keeper.)
Personally I'd do something similar to what ssj100 advocates, just using CFP and Avira, if that is the sort of line you want to go down, and you should be pretty darned secure.
That the items in my own sig are different doesn't make them necessarily better (nor worse); just different, and with a similar level of protection, probably, but most of all, they work well on my system and I have learned enough to know what they tell me.

 

I think you will be VERY happy with the latest beta. It is very, very quite. Also now there is one click Allow and one Click Block Alerts by default now, So no need to worry to keep blocking and blocking or treating as, etc like previous versions.

v3.9 Beta 3 came out yesterday... let me know if you want a copy.

Cheers,
Josh

 

I'll gladly receive that copy - haven't installed Beta 2 anyway.

 

Betas are for testing and may not be stable and could posssibly crash your system. Unless you can recover from a crash with an image and/or data backup, I would steer clear and wait for the release. This goes for any beta or RC and has nothing specifically to do with Comodo.

With a properly configured browser, Avira and Threatfire with a hardware firewall would be enough. The same could be said of running Avira with Comodo which already has been suggested.

I also wouldn't give up on Sandboxie. It could be a conflict somewhere with your other security programs causing the browsing slowdown.

And please check out mine or Tarq57 signature's for a linky to Secunia. You can do an occasional online scan at least once a month or download an install it. It helps keep your programs updated which goes a long way in being secure.

 

I understand that Sbie can take a little longer to start up an application but the OP mentioned slow browsing with it which most folks don't have. I currently have a security app. conflict with Sbie that slows my app. startup time from 7-10 seconds. It's being worked on though. My normal (no conflict) sandboxied Firefox statup is 3 seconds.

 

I only use an icon to start FF sandboxed. My current conflict is rare and it's with OA. I may have to give the forced sandbox a try for the heck of it. There also may be a workaround on Sandboxie's side that I need to try that helped 1 person.

 

well i dont know if something is conflicting, and i dont know how to find out but load up was 16 seconds last time i tested and loading something like google takes about 5 seconds when its normally about 2. i got pizzed off using it and decided id use it only for "the dark side of the internet"

 

You should also give Drive Sentry a try. I'm currently using it and I love the Auto Advisor thing as well as the black- and whitelist. The Auto Advisor is great because it automates decisions for unknown (neither on the black- nor whitelist) programs. I also love the behavioral heuristics of DS. When CIS 3.9 becomes final, I will read user comments about it, and if the comments are favorable, assuring me that CIS 3.9 works perfectly without causing damage to the computer, then I will uninstall DS and install CIS 3.9. CIS is well-rounded, i.e., covering registry changes, file changes, global hooks, installation of a device driver, and buffer overflow. The new one-click Allow/Block everything will give DS and GeSWall some competition.

 

Definitely.

Cheers,
Josh

 

Are you talking about loading your browser in a clean sandbox to your homepage (google) or just surfing page to page?

When testing for a conflict, you can disable some of your security apps and then try sandboxing your browser. This is best done if your behind a hardware firewall (router) or just Windows firewall. It's also good to know your system is not infected before disabling your security softwares.

For what it's worth, the newest (not released yet) Sandboxie has helped my conflict with startup times of 2 seconds but I'm still testing.

 

have recently tried it again and not much slow down, and it was normal browsing that was the slowdown.
whats this force to sandbox? how you do it?

 

Have a look at the "Forced Programs" on this page. http://www.sandboxie.com/index.php?ProgramStartSettings To get to the feature open Sandboxie Control - click Sandbox - hover over Defaltbox or whatever your sandbox name is - click Sandbox Settings and then expand or click Sandbox Start - click Forced Programs.

Also pay attention to the first note on the bottom of the page. Once you force a program to run sandboxed, it will start sandboxed even when you click the normal browser icon. The note has a link explaining how to temporarily disable the function.

Also, I'm testing a non-released version of Sandboxie and I don't have to use the Forced Program feature to get fast browser/apps. startups.

 

yah but thats premium only rahyt? nvm thanks anyway