Playing with Cyber Hawk

No problems here with Cyberhawk so far. Just updated to latest version and had to reboot, but everything seems fine. As I mentioned earlier, running CH with AVG Security Suite and no noticable slow downs. CH memory usage at around 17MB, and VM around 9. As far as uninstall, that went well when I uninstalled version 1.2.036 a few days ago, and checked files and registry to see what was left. Not much, so uninstall I thought went quite well. As far as myself or someone else being used for rabbit eye testing, well it was my choice to try this software, and I will let Novatix reps answer that. Some people have claimed Zone Alarm has done that with there free version, but all I can say is, unlike Zone Labs, Novatix seems to fix any problems with their free product very quickly, and I haven't heard about or seen any major troubles posted here in this Forum because of them. System Restore not initializing was my only concern with 1.2.0.36 version, and I was quite pleased with how that particular problem was fixed so fast. I guess time will tell what any future problems may come, but CH did do very well in the new testing that can be found on AV Comparitives website. Hopefully, Novatix will keep addressing anyone with or without problems here, and also reassure us that we are not rabbit eye testers. My belief is that they will. Just after I finished this post I saw CH has posted back already, and my belief has now grown.

 

Thank you for your kind words, Duke1959. We appreciate it!

Becky

 

Hello, VaMPiRiC_CRoW, thanks for your interest in Cyberhawk.

Regarding HacDef, could you please explain what you consider a pass and what you consider a fail? In our lab, Cyberhawk effectively kills processes hidden by this rootkit, including bots and spyware that use hxdef functionality in their code. If you have a version that we have not seen, we would be very interested in the results.

Regarding the Paq Keylogger, we are looking further into its functionality. While it is tough to decide on whether or not it is more of a policy decision (the trial version is clearly installed by the user with a nice setup routine and includes a simple uninstall routine), it is a keylogger. In our lab, it often logs only half the keystrokes. Even if it is an ineffective keylogger, we will look further into this one.

APT -- we are aware of the many ways to kill a process. We have developed and implemented a long list of methods to kill even 'immortal' malicious processes ourselves and still respect the stability of the system! While fewer prockill methods are effective against our newest publicly released version, we are developing improvements into upcoming versions and hardening upcoming releases. Thanks for the note on APT.


Thanks again,
Kurt Baumgartner
Chief Threat Analyst -- Novatix

 

Quick question -- Why do you think that Cyberhawk should react more quickly to this software? What has Martin's performed prior to Cyberhawk preventing it, has it logged your keystrokes at this point?


Kurt

 

About Hacker Defender I consider a pass if CH block the execution of the file 'hxdef100.exe'.

I just downloaded the Hacker defender 1.0.0 revisited from this page "The Hacker Defender Project - Downloads".

 

I also started testing CyberHawk yesterday and it has not shown any major issues: light on resources and has not had any conflicts so far with Nod32 / Jetico 1.0.1.61 / SSM (latest free version).

Trying to update 37 to 39 release, it keeps stating that I have the latest version...
My default browser being Opera not IE, might have something to do with it?

I did download the full 1.2.0.39 installer but I wonder (as I can find no instructions whatsoever in your support site) how can I use it to upgrade, should I uninstall the previous, just stop CH and run it...

Thanks in advance!

Roger

 

Before CH prevent it, I typed a lot of things and also clicked on my mouse a lot of times on Martins Undetectable Keylogger.

So my question is, if your program have a keyboard filter, why it not detected it more quickly?
And on alert message, you can say that the program is listen the Keyboard to provide por information...

SnoopFree Privacy Shield does not detect this program.

 

They say no need to uninstall previous one but I personally like to uninstall previous first because it was having system restore issue.

 

Hi, I have seen this keylogger to bypass most of security software, so if it bypasses CH, it,s no wonder. After all CH is just a relatively new software. Give them some time and I hope this software will go ahead.

 

Thanks. I never knew this testing. That is nice to see that CH is really good.

 

I know that, but we are only talking about that to improve it

 

That,s quite right!

 

I was a fan of CyberHawk. But DSA and CB do not go well together. Due to the post in this forum, of I have I have decided to give SSM free a try. It took me one hour to train it for all my applications.

I always was a fan of usable /easy to use applications. I think CB has done a stunning job by developing a user friendly protection.

I did some test and SSM also protects against dll-injection. So I ditched CB in favoor of SSM. Can somebody tell me whether the modules (startup protection, services and registry) stay available in the free version or do are they set inactive after a 'trial'period?

PS.

I lost the bet of my son who uses SSM + BufferZOne free (he claimed that you can train any classical HIPS in one hour). I always was a fan of user friendly security aps (therefore I was using CB + DefenseWall). Now for the first time in my life I am a 'classical SSM HIPS user'. Feels funny but SSM and DW go along fine.

Regards

 

SSM has no trial period but there is a free version. Registry modules is very limited in free version.
I installed SSM and CH together just yesterday.

 

CH finally started warning about the new available version a couple of hours ago.

I managed to run the new installer without uninstalling the previous version (my System Restore is currently disabled).

It does upgrade the existing version but I would advise disabling SSM free Registry module first, to let it perform all necessary updates to the registry.

Also tested it against SSM keylogger leaktests and CH did catch the 4 of them (while SSM free only detects # 3 and 4).

 

I was just seeing some sites in Opera and Cyberhawk started to use all the CPU!
I had to use kill its service...

If I can help the Cyberhawk team to see what happened...

 

CH (CyberHawk) did splendidly in the AV-Comparatives professional testing site. In case you've never visited AV-C...

+Main AV-C website

+Click "Comparatives" button in left-hand column

+Scroll four-fifths of the way down the page until you see line entitled "Comparative of various protection tools October 2006"

+On that line, click "Report (PDF)"

 

Well i bit the bullet again and reinstalled CYBERHAWK 1.2.0 version. I understand there is probably an even more updated version available but felt it high time after some months without it to see how far along it's been improved.

Shutdown SSM which is a mainstay on all my boxes then installed. I am pleased at this point early on that it is performing just as formidable as it began in early stages so far as interception abilities.

My biggest encouragement is always been and now i see remains the excellent TERMINATOR feature of CH. I never been more proud of that action in any HIPS integrated to date. Very effective in many tests i put it thru already and it continues to coexist safely without issue so far.

I am new to the community aspect that now is employed into it and applaud that addition to it's already effectiveness. At this point all i can say is keep up the good work. This safety program and System Safety Monitor are back together again and i couldn't be more satisified with those results. Needs mention also that they both share duties AVG Anti-Spyware (Resident guard) flawlessly which i find nothing short then amazing! Normally combining a trio of such can oftimes make for conflicts but nothing doing here. They form a Triple Control Shield that cannot be compromised with what is available (at-this-time) for intruder coders crafts.

That is CONFIDENCE and SAFETY in it's purest form IMHO.

This is a technology that is been way overdue for years and i'm happy to see some serious efforts and concerns have been exercised inti making CYBERHAWK everything it is designed to be.

 

Thanks Bellgamin, I missed reading that.

 

Can you guys access the CH website??

I get a page with this line: "This is a marker file generated by the precompilation tool, and should not be deleted!" and nothing else.

 

i can access the cyberhawk website.

 

I tried with Opera and Firefox but still can't access the website.
Will try tomorrow.

Thanks for the reply.

 

I get the same thing.
Thats weird because yesterday I had no problem going to the CH website.

 

Working here.

 

I went to www.novatix.com and also tried www.novatix.com/cyberhawk and both times resulted in...

This is a marker file generated by the precompilation tool, and should not be deleted!