CyberHawk new version released

Discussion in 'other anti-malware software' started by aigle, Mar 16, 2007.

Thread Status:
Not open for further replies.
  1. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Version 2.0.3.18
    http://www.novatix.com/Cyberhawk/Updates/

    Released on 14-03-2007
     
    Last edited: Mar 19, 2007
  2. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Installed it, running OK so far. Seems lighter than previous version.
     

    Attached Files:

    Last edited: Mar 17, 2007
  3. EASTER.2010

    EASTER.2010 Guest

    I had some reservations about this to even considering removing other security apps to make room, but out of complete surprise i find it co-exists fabulously. And most of you know just how many othe programs i keep running resident, like KIS6, ST, SSM, Snoopfree, AVG "guard" Plus SAS "Guard" that i knew something would surely choke at some point.

    Nothing doing, Cyberhawk (newest Version) is doing a fine work minus the previous bugs before, Good work this time around.
     
  4. EASTER.2010

    EASTER.2010 Guest

    I challenge you bold souls to throw even some leaktests at Cyberhawk along with trojan simulators and report your results.

    It will take me having ti fire up Power Shadow to unleash the more clever real-life hitters but thats my next step in seeing how far along CH is progressing in it's interception capabilities but so far it seems to breeze thru most the simulators at this time.

    This is where the metal really meets the bone for authentic confidence in a design like this one is claiming to accomplish.

    Let's give it a once over and see if it has any blind spots, whatta ya say?

    For honesty sakes i let (allow) ST (first) then SSM (second) pass the malicious entry to system for Cyberhawk review.
     
    Last edited by a moderator: Mar 17, 2007
  5. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Easter, you must have a great computer:eek:
    Dual core at least, lots of ram too.
    Do all those programs run together? I assume not, but it's always best to ask.
     
  6. EASTER.2010

    EASTER.2010 Guest

    Someone, i will be perfectly honest with you ok? I can only hope when i visit Evansville Indiana again soon i can gather up newer more fashionably stable motherboards, rams etc. to really piece a nice computer together.

    As it stands, all this you see and read about from my testings of these reports are only on a single core DURON 1250 of all things with a mere 512 MB RAM that the best i could muster would be to add another 512 to the On-Board 256 stock version of a PCChips boards. It does contain an alternate windows 98 dual drive for strorage purposes and thats the bottom line period. Really.

    I defrag this drive Maxtor 30GB almost daily after wiping it with Restoration to keep performance tolerable and reg clean it religiously daily because i move files continuously.

    If anything is to be said for all this it has to be the security products themselves because they function well or they get dismissed, purely put.

    And to answer honestly YES, they "ALL" run together smoothly with the only exception that i occasionally use KIS6 On-Demand because there is plenty enough HIPS to fill in the SDT Table for now. And believe me staying with Serice Pack SP1 has saved me a lot of grief on this XP pro unit.
     
  7. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Easter, did u try some actual malware against it?
     
  8. EASTER.2010

    EASTER.2010 Guest

    Yes i have "BUT" with Power Shadow enabled just in case because theres no recourse, no even system restore that could recover a severe hit like some malware are designed to totally disable or erase points, I hit it with Haxdor and Rustock a plus some other hair raising malwares where one of them BSOD'd my screen, a really vital protection mechanism builtin into PS that makes it invaluble indeed is when you suffer from a severe hit that knocks out your screen fully inoperable or BSOD's you, Power Shadow completely restores the previous setup saving you a ton of possible misfortune. That mystery app is indeed a true life preserver for a system, at least where my testings are concerned, because once a malware snags your kernel in an unfashioned attacked meant to take your system completely down, Power Shadow rescues you from certain frustration.

    I just experienced that event first hand and am now glad i didn;t take chances on depending on something else to bail it out of certain malfunction.
     
  9. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    I think Easter's strategy is to cover at least every handle in the SDT table and he does not mind overlapping functionality.
    ;)
     
  10. EASTER.2010

    EASTER.2010 Guest

    Indeed and i have no fear of it either as long as no two hookers vie for a single instruction line which doesn't seem to happen. I'm no code specialist in that Table but from actual experience i've not once encountered an overlapp where competing apps disagree over the same hooks which could possibly force a BSOD or other. I can't expalin why but i know there are some code experts here educated enough in this type of code section who could offer a reasonable explaination to that type of mixing of HIPS/Hooks apps. I imagine it would be of some interest to many of us for a better detailed reason why they can cover alongside each other while still protecting those vital areas of potential misuse.

    BTW, Cyberhawk seems to have returned to it's former self and intercepts instantly when both System Safety Monitor and Spyware Terminator are allowed passage of malware, not all, just the ones i been able to form an initial opinion on so far.
     
  11. EASTER.2010

    EASTER.2010 Guest

    I wish i could attach .csv logs because they are so much neater in appearance to review but have to settle for .log format. These are my results from the same collections. Hope they make some sense for you. The first is with AVG 7.5 followed by SAS but the format is horrible and probaby not interesting to read.
     

    Attached Files:

  12. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Don't take my other post wrong, i'm really amazed. You got some pc management skills:thumb:
    I'm curious about another thing: SSM is the one that alerts first?
    Is it always one of them that alerts first, or it appears to be random?
    TIA
     
  13. lu_chin

    lu_chin Registered Member

    Joined:
    Oct 27, 2005
    Posts:
    294
    Actually I am running KIS, Avira, NOD32, Outpost, A-squared, AVG AS, SAS, DW, Sandboxie, SSM all in realtime. They don't crash or hang the machine but I am not sure whether there are any "unseen" conflicts or not. Maybe I will give CH a try too.

     
  14. EASTER.2010

    EASTER.2010 Guest

    Someone?

    I am going to find time to study this hopefully at some point to better clarify that behavior, on this unit anyway XP Pro SP!, Spyware Terminator is "first" to alert followed by "System Safety Monitor" when testing demo malwares. That needs to be clarified because real malware might be picked up differently from another source like CH, or SSM. Theres never enough time to do it all because i have to sleep at least a few hours :isay:

    But that's the order of motion i found so far, ST,SSM, then Cyberhawk, which by the way seems very good now compared to previous versions and i do run all 3 "resident" HIPS, i don't think you could do that safely with an AntiVirus because they have more activities to have to work thru such as unpacking and signature matching.

    Oh, Cyberhawk's community sig matching capabilities still are accurate enough and seem up to task when whisking away to quarantine some match.
     
  15. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Again! I wan running Opera USB ( version 8.54 build 7730) when I received the alert from CH that Opera is logging keystrokes.
    I think they again broke something that was fixed in last vesion.
     

    Attached Files:

  16. one111

    one111 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    92
    There seems to be a conflict with SnoopFree with this new version which I wasn't having with the old one

    Each one is trying to reconfigure or terminate the other. In the meanwhile ProcessGuard is stopping this from happening
     
  17. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Kerio was behaving suspicious too. My firewall!
     
  18. EASTER.2010

    EASTER.2010 Guest

    I also use Snoopfree too with no problems whatsoever. Different configs behave differently depending on which security programs are compatible or not. That much is been made clear to all of us by now.
     
  19. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    I got no ther issues so far with all my setup in the sig.
     
    Last edited: Mar 18, 2007
  20. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    One more Keylogging alert for VirualBox!
     
  21. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    Overkill. You only need one AV/AT/AS in real-time and even that trio can be too much. Try disabling some of the running Monitors and see your computer speed up!

    Back on topic; I found the new version of CH causing freezes so uninstalled it.
     
  22. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    Anyone using BOClean with this version? Do they get along? :)

    Seeing BlackCats post this is exactly the type of thing I don't want to see, which is why I have been so cautious about installing CH
     
  23. EASTER.2010

    EASTER.2010 Guest

    lu_chin? I admire your guts and the courage to push the envelope as far as possible as the system can handle.

    Still with all the assorted programs for security when i go bot hunting i use Power Shadow. Right now i don't have the stomach to encounter some new snake that might bite the wires off my only machine. The other machines won't be available untill April, then i can loosen the grips some.

    Now on the other hand you take a fcutdat who goes headlong naked as a jaybird into a nest of bots and thinks it's hilarious to pick up all those pieces. Gotta hand it to him, he's definitely a champ in bot hunting bare bones.

    I will the day i don't depend on a single machine for all my important duties.
     
  24. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    I will like to know if anyother person is also getting false positive keylogging alerts with this version.

    Thanks
     
  25. QBgreen

    QBgreen Registered Member

    Joined:
    Jan 1, 2005
    Posts:
    627
    Location:
    Queens County, NY
    The latest version (2.03) flagged Outpost Pro 3.51 as a keylogger on my wife's machine.
     
Loading...
Thread Status:
Not open for further replies.