Boclean or Treatfire

Discussion in 'other anti-trojan software' started by Badcompany, Sep 20, 2008.

Thread Status:
Not open for further replies.
  1. Badcompany

    Badcompany Registered Member

    Joined:
    Nov 18, 2005
    Posts:
    752
    Location:
    RUNCORN UK.
    Hello Forum,
    By adding BoClean or Threatfire to my security set-up is it a over kill, Or will it complement my Antivirus.
    Badcompany.
     
  2. emperordarius

    emperordarius Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    1,218
    Location:
    Who cares
    Outpost should have a built in HIPS, so Threatfire is not needed.
    I doubt that BOClean would catch anything, Avira+SAS should cover just about everything.
     
  3. risl

    risl Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    581
    I'd say you are completely fine with your current setup. What I would do is try to keep real-time guards as minimalistic as possible, but have some additional on-demand scanners for occasional checks.
     
  4. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    IMO,Neither as above posters said.Avira premium,SAS Pro and outpost = Solid protection.
     
  5. Badcompany

    Badcompany Registered Member

    Joined:
    Nov 18, 2005
    Posts:
    752
    Location:
    RUNCORN UK.
    Thanks for the replys, I stay with what I have.
    Badcompany.
     
  6. hex_614

    hex_614 Registered Member

    Joined:
    Jul 17, 2008
    Posts:
    155
    Location:
    Manila, Philippines
    THREATFIRE
     
  7. Kyle1420

    Kyle1420 Registered Member

    Joined:
    May 27, 2008
    Posts:
    479
    Last edited: Sep 21, 2008
  8. Halo326

    Halo326 Registered Member

    Joined:
    Aug 27, 2008
    Posts:
    106
    That statement is back from 07... {Snip - focus on the topic, not your fellow members.... - Blue}
     
    Last edited by a moderator: Sep 21, 2008
  9. Kyle1420

    Kyle1420 Registered Member

    Joined:
    May 27, 2008
    Posts:
    479
    I was explaining that they work in different ways. He could run both of them as they do not work on the same level, He could run BOclean and an AV because they don't run on the same level etc.
     
  10. Halo326

    Halo326 Registered Member

    Joined:
    Aug 27, 2008
    Posts:
    106
    BOCleans memory usage is very high. Last time I installed (the latest version) it was using 30,000K.
     
  11. Kyle1420

    Kyle1420 Registered Member

    Joined:
    May 27, 2008
    Posts:
    479
    That's ok, Different programs run different on different computers, On my Machine it uses 15-18mb of RAM. How ever I do not believe that there is another alternative to BOclean.
     
  12. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    BOClean just scans what is allocated to the memory space, just as "ordinary AV´s" does, only that AV´s also checks read/write to the HDD as well.

    Or do you imply that there´s some other unorthodox technique that BC utilise for its detection capabilities?

    Sometimes an executed process is just a process - nothing more or less.

    /C.
     
  13. Kyle1420

    Kyle1420 Registered Member

    Joined:
    May 27, 2008
    Posts:
    479
    I mean that, Once scanned by the AV it will be allowed access to resources to modify disk ram etc. Sometimes Malware never even has to touch your disk - It just "Installs" itself on the memory.

    BOclean actively runs in the memory scanning all lines of code for suspicious activity's and terminates anything that is "Nasty"

    More detailed information can be found here: http://www.comodo.com/boclean/boclean.html

    Comodo is working on an "Memory Scanner" Some what similiar to BOclean (Of course they will work on a very light performance) They won't be running needless proccesors such as Webshields, Email scanners, P2P scaning etc etc.. Because to do any damage, The malware must either be loaded on the RAM or the Disk.

    For those of you that don't know - BOClean was designed by Kevin McAleave, He has joined the comodo team on the basis that he will share his work with comodo as long as he is able to have his own standalone version of his software.

    EDIT:: When I say "Webshield" I mean the file level. To block against XSS and exploits etc etc Comodo is going to have an "On access server" that will scan in real time sites that a user is about to visit for suspecious activities and also automaticly. (NOT LIKE A SITE ADVISOR) It will be similiar to an Antivirus scan, except scanning the web for malware and exploits etc etc
     
    Last edited: Sep 23, 2008
  14. Kyle1420

    Kyle1420 Registered Member

    Joined:
    May 27, 2008
    Posts:
    479
    BOclean should not replace an AV. It is another layer of security that works on a different level.
     
  15. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
    There certainly are. TrojanHunter is one.
     
  16. hex_614

    hex_614 Registered Member

    Joined:
    Jul 17, 2008
    Posts:
    155
    Location:
    Manila, Philippines
    use norton antibot instead. it really works.
     
  17. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    Not sure about Twister AV but I keep coming back to the fact that you have Outpost 2009 and ask myself is either really needed? To much security can lead to issues. ;)
     
  18. Someone

    Someone Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    1,106
    Do AVs in general have a memory scanner similar to what BoClean have? Or does BoClean scan the memory in ways which AVs do not?

    Thanks
     
  19. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    AFAIK, BOClean uses signatures for detection of malware running in memory, just as AV´s does, so there´s no difference. However, in another forum/thread I´ve announced the search for a security application that monitors malicious behaviors in the physical runtime memory (and not in the filesystem/disk). AFAIK BOClean doesn´t support this technique.

    /C.
     
  20. Someone

    Someone Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    1,106
    How come Kyle says it works differently to AVs?
    I'm confused...:doubt:
     
  21. Kyle1420

    Kyle1420 Registered Member

    Joined:
    May 27, 2008
    Posts:
    479
    Cerxes, You are completely wrong. BOClean will catch Malware that AV's cannot detect simply because it runs at a different level of your system.
    Also BOClean uses hueristics.

    I am not going to go into extreme detail to this as everything can be found on comodo's product website under "Antimalware - BOOclean"
     
  22. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    You starting to sound like a broken record...

    Instead of just quoting the marketing blah blah at Comodo, please explain the definition of "different level of your system". And Kyle, don´t quote the content at Comodo, I want to hear your explanation...

    Using an algorithmic pattern for tracing so called "zero-day" malware has been used by most AV´s for several years so I´m afraid there´s nothing unique here either Kyle.

    But please do, I´m eager to hear your explanations about this issue...

    /C.
     
  23. Someone

    Someone Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    1,106
    I looked at the website, and it says "BOClean watches memory, registry, and the file system waiting for malware to load up and then shuts it down before they have a chance to operate... In addition, we remove all of its hooks and restore your system to its original condition AUTOMATICALLY." and "Our BOClean software protects you against a full spectrum of malware, automatically removing these programs from memory, your hard disk and your registry without the need to reboot or drop your internet connection. BOClean safely neutralizes these threats instantly without any risk of damage to your files or computer." and "Antivirus software frequently fails to detect, and more often fails to effectively clean most malware. BOClean runs automatically in the background without interfering with your work and kills malwares INSTANTLY the moment they activate without giving them the chance to invade your machine. BOClean also eliminates the need to stop what you're doing to secure your machine after it's too late."

    I don't see how this is different to an AV, don't they also scan memory, hard disk and registry?

    I find this a bit misleading though:
    "BOClean will SAFELY remove malware without the need to reformat and reinstall the operating system as has been recommended by some "security experts"."

    Reinstalling Windows is the only 100% way of ensuring your computer has no malware, so how come those security experts are being questioned (with the quotation marks)?

    Thanks
     
  24. Kyle1420

    Kyle1420 Registered Member

    Joined:
    May 27, 2008
    Posts:
    479
    @Cerxes
    I do not have the time or interest to argue with childish remarks. Just straight to the point and no games.

    One reason I am not going into detail about BOclean is, Imagen how many people on the forums ask that question every day. The best way is to link them up to previous answers.

    http://www.comodo.com/boclean/boclean.html
    http://forums.comodo.com/empty-t26486.0.html
    http://forums.comodo.com/empty-t8376.0.html



    @Someone. It's because it destroys malware as it's loaded so that it won't make any changes.
    BoClean scans items in the memory, AV's scan items being loaded into the memory (They also put files into the memory and see the behavior).


    There are different levels on your system. [DISK] {Memory} - And then the outside- |Internet|.
    Malware doesn't always store it's self onto your hard [DISK]. And there for your AV will not detect it.

    Simple way to check this is by looking at how you AV scans in realtime. It will only scan the file system and the items loaded into memory from the [DISK] but if they aren't on your [DISK] and only exist on your {Memory} then your av won't scan it.


    Also Please don't get me wrong. In no way should BOClean replace your existing AV software, It should only be an addition.
     
    Last edited: Oct 1, 2008
  25. Someone

    Someone Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    1,106
    I read the links, but they don't explain
    Of course every scanner will detect some malware which another scanner will miss, but the links don't tell me that BOClean is monitoring something totally different which AV's do not.

    Thanks
     
    Last edited: Oct 1, 2008
Thread Status:
Not open for further replies.