Can BoClean run alongside AV’s such as AntiVir and Norton?
Also, well done on a great product abd welcome to the Comodo Team.
I am not Kevin… but the answer really is this: BOClean must run alongside AV’s such as AntiVir or Norton. BOClean is part of a proactive defence…
Can’t say I’ve ever seen any posts at Wilders, which was more or less the official Boclean forum, complain about compatibility issues with any AV’s. I’m sure I’ll be corrected if there were.
As for running alongside of Norton I think I’d rather run away from it ;D
there is still a chance it will conflict with some programs. it did conflict with SpySweeper if i remember rigth…
There is nothing wrong with Norton… If you never want to get rid of it.
and if you want to get rid of it you have to sell your soul to Satan first.
Hiya! Like Cajun said, BOClean was designed to work alongside an antivirus rather than replacing same. Now that I’m on board with COMODO, once we get COMODO BOClean 4.23 done and released, my attention will then turn to turning CAVS into what BOClean could have been had I had the time to write more code instead of being chained in the laboratory handling malware all the time. So not so far down the road, BOClean will be inside CAVS and we’ll have a truly comprehensive FREE solution covering everything from file infectors to those “no big deal” COOKIES that are the claim to fame of way too many AS’s out there. Literally “all in one” … and for those who prefer their BOClean as a “side dish,” we intend to keep it that way as well.
But for now, my recommendation remains what it always has been … your best defense is a good ROUTER (“hardware firewall”), a good SOFTWARE firewall (COMODO is the best one I’ve seen) a good antivirus (we’re working on it but for now, there’s several others out there) and of course BOClean just in case anything gets past the others. But since BOClean was never intended to replace and antivirus and bad things can happen when you have more than one AV on a system, BOClean was always designed to stand completely clear of file hooks and other things that AV’s need to do just to be certain that we never messed them up. 
Thank you Kevin for good information. I’ve always been unsure what is important to have, except for a firewall and antivirus. Now I am less unsure. So for the following weeks, maybe the best defense will be Comodo Firewall 2.4 (also a hardware firewall, though I don’t have any), an antivirus solution (I don’t know which one but I go with Antivir currently) and Comodo BOClean 4.23. But later, the way to go will be Comodo Firewall (3.0?) + CAVS (with BOClean integrated)! Sounds great to me. Really looking forward to see what you guys at Comodo come up with.
I have never been keen on any kind of security suite or otherwise having all my protection programs from the same company; however I am that impressed with Comodo’s firewall recently taken on and have been a BOClean user for quite a while, that with Mr McAleavey’s valued presence in the Comodo organisation, I will certainly be giving the revamped CAVS a try, when it’s ready.
COMODO PFW 3 is coming along rather well from what I’ve seen … Egeman and crew are among the most talented people I’ve EVER met and I sit in AWE of how much they get the clue. Same for so many of the other people I’ve met and have been working with the past couple of weeks. I’ve been in this longer than Bill Gates has been - no lie … when the 3 version comes out, I expect folks will be absolutely floored at its capabilities. I sure was!
I’m obviously not at liberty to detail too much, so let’s put this on a philosophical level which is PRECISELY the reason why PSC ended up in COMODO’s hands instead of someone else … and we DID shop around what we had to several major AV and AS companies and sadly, not a ONE of them got the clue. They looked at what was already released, looked at it all within their continuing 1981 mindset of “after bad things have happened, might want to SCAN the machine and see what’s up.” That might have worked in the days when viruses were spread by floppies and generally the infection was contained to those few machines which actually SHARED that infected floppy … but the “intarwebs” changed everything and unfortunately, the “file scan” crowd failed to evolve very much. Using a memory event to trigger a file scan, or even a memory scan based on an unpacked file signature isn’t much in the way of evolution. What if it won’t UNPACK? Now what? 
So here we are better than 25 years later with everyone else “in the business” still applying the same “solution.” After all, when all you have is a hammer, then every problem looks like a nail. There’s been some press lately from some advisory group saying “battle is lost if we have to wait for a signature” and yes, BOClean like everyone ELSE is “signature-based” too. However the MAJOR difference is that while we have file signatures in our code that are no more effective than anyone else’s in our database for BOClean (legacy code dating back to 1998) we ALSO have memory signatures based on the “naked lady” as Melih so eloquently described it which have no relation to a “file signature” at all.
The ADVANTAGE here is that our memory signatures were based on tangible bits of the “naked code” and are also based on how the particular malware authors had their own “thumprints” in their works (not to be compared with “traditional signatures”) and that, by its unique design and our own studying of the AUTHORS rather than their code has avoided many a “zero hour” because we anticipated their NEXT move based on their egos or flaws in how they wrote code. But all of this is STILL “reactive” even though it’s considerably more “proactive” and effective.
Still isn’t good enough … it’s “signature based” … and so we hear all this “heuristics” and “behavior” nonsense … sorry, BOClean was the FIRST to do “behavior” and we learned years ago that “heuristics” only results in oodles of FP’s. Anyone in the AV industry knows this to be true, don’t wanna hear the argument. It’s merely an excuse for continuing to spin in a 25 year old rut.
NO “after the fact” solution is any good and hasn’t been for YEARS now. The article about the futility of “signatures” was never lost on me or on COMODO. And THERE is the reason why COMODO got PSC … not so much for our “tired old stuff” but because they actually saw our (as did everyone else) FUTURE stuff which I never had time to do because I was overwhelmed in handling the forever-increasing malware explosion. ONLY COMODO seems to have noticed the difference.
So without giving away any secrets, let’s just say that I knew years ago that “file-scanning” was a waste of time - nobody bothers to do it until a machine is SO hosed that the user actually notices something ain’t right. TOO LATE! What we did with BOClean years ago was to apply an automatic means of detecting nasties but even there, it was possible for a handful to live for a day or two before we found out about it and updated our database since we had a lot of major customers and the tools that could troubleshoot “mystery meat” for admins when there was something we hadn’t seen before. LATELY, even that isn’t an answer considering the damage a new nasty can do if it wasn’t a repack of the same old, same old as had traditionally been the case, even recently. Our database is pretty small in number of “uniques” and that’s testimony to how WELL we did compared to file scanners … but even THAT is changing for the worse lately. The number of daily “uniques” stands as testimony that even BOClean’s days are over. Still, we do better than the others out there as far as “currency” goes.
The ANSWER, as it was with BOClean as originally designed is PREVENTION. And that border has moved. Tremendously so! “After the fact” is now not only the “wrong answer” but it’s a DANGEROUS one. But after 25+ years of mental conditioning of the “AV way”, the public just cannot embrace the concept of preventing bad things from happening in the first place and still gladly embrace a 25+ year old ritual and call it “security.” COMODO however, comprehends this. But people still won’t accept a strictly HIPS/PREVENTION concept and so we need to continue to provide these “after the fact solutions” because it’s hard to re-educate people that the entire world has changed and all they hold dear is about as useful as a pre-9/11 world. And that “scanning” is no longer useful at all as a means of protection. Cleanup perhaps, but NOT protection.
Where I’m going with this though is that I piped on the good ship COMODO not only willingly, but with a MISSION. And COMODO and I agree that everything we consider “normal” just won’t cut it anymore. The 3.0 version of the firewall will be an earth-shaker in its capabilities … the REST of the pie is there largely to assuage folks by doing a cleanup of a pre-existing mess … but in the end, just as my buddy Wayne of TDS fame showed with ProcessGuard … the OLD answers just didn’t cut it anymore. And what COMODO is up to and has in the works will make THAT revolution seem like more of the same as well … but folks will need to be guided towards an entire new regime of thought towards TRUE security and Melih and COMODO are up to this task unlike ANY other operation. THAT is why I’m here!
Keep an eye on COMODO, all ye doubters … heh. The BEST is yet to come! And I’ve SEEN it. And am adding MY toys and tricks to it all as well … things I never had a chance to implement. And like I said, the talent under THIS roof is nothing short of AWESOME! But your AV, your AT, your AS (including BOClean) are artifacts of a bygone time … only reason why COMODO is keeping any of these around is first, people WANT that which is comfy and familiar even though messes today are no longer WORTH trying to cleanup - if a machine is hosed, it’s best to just nuke it … that’s what happened to our former BOClean corporate customer “sugar daddies” - THEY got the clue … and COMODO got the clue as well … and so BOClean and the CAV will get a WHOLE lot better … but the reality is that PREVENTION is the only valid answer anymore where it’s a 25:1 ratio of malware to usefulware these days …
GLAD to be part of the SOLUTION myself.
Hi Kevin
your enthusiasm is infectious, can’t wait for all the new goodies.
It’s QUITE for real … for all the fantasies some folks may have about “getting rich in the AV/AT biz” as a “cottage industry” such as Nancy and I did, or many of our “competitors” … all of us in the “AT/AS” business were small players ranging from a maximum of 13 people, as we once had but in the end it was just ME, or any of the others with a handful of people … reality is the “malware explosion” has been just SO out of hand lately that NOBODY could keep up … I did as much work as Symantec and it was just ME vs. HOW many? And yet, I beat their pants off … but in doing so, had to take more and more shortcuts to keep up - BOClean was headed towards “starting to suck” and we REALLY needed to find money, someone with resources, anything so we could KEEP our promise as the rope began to slip out of Nancy’s and my hands. Otherwise, we would have just had to throw in the towel. There’s only so many hours in a day and I was working ALL of them.
And NO time to write new code given all that was happening. Rock, hard place. We’d all but given up … what BOClean and everyone else was trying to do was just losing the war.
I unintentionally maligned our folks in the CAVS division perhaps by my statements … and CAVS has taken some serious slams at the hands of the “experts” (as has BOClean) who still believe AV’s are RELEVANT in to BEGIN with anymore and then proceeed to advise us which one we should buy. (?!)
COMODO AV has been slammed in recent reports and I’m too busy right now with getting BOClean into COMODO’s hands to get out … I haven’t had a lot of time to pay attention to what I’m here to DO - namely assist some VERY good people at making CAVS a better deal than BOClean was. So lemme take a sec to point THERE as well … there’s NOTHING wrong with the file scanning subsystem of CAVS and its capabilities … it’s comparable, if not better than KASPERSKY and other well-known AV’s … and far BETTER than the “free qwap” people get just because it’s free … PROBLEM really with CAVS is that as a relative newcomer, it’s been seriously lacking in SAMPLES.
Cluephone! COMODO acquired our “assets” and a MAJOR part of that is our last ten years of samples!
NOTHING wrong with CAVS, in fact it has MANY of the same hands in it which made COMODO firewall what it is today … only LACKING really as I’ve seen it (and I’ll Really dig into it once COMODO BOClean 4.23 is out) is that it doesn’t have any of the old antiques the TESTERS have in their “instant review kits” … been there, done that, can’t compare a square peg to a round one and yet they still do.
But yeah, I don’t believe in AV’s, AT’s or AS’s myself … I do NOT have any AV, AS or AT on this machine I’m typing at ya at … just BOClean and a good hardware router which is very well coded to stop anything I don’t want happening. ONLY on the lab rats have I ever had to run an AV and that was only after a ■■■■■■ file infector got loose whilst testing malware … BOClean not being an AV in the first place, needed a delouser for file infector. Used F-PROT. Heh.
But yeah, CAVS doesn’t “test well” … but ya know? “The kids” now have access to not only what WE did, but CAVS is picking up BOClean since it’s had a little inspiration among the “crew” now. And CAVS is already getting “smarter” … given my low opinion of “scanners” in the first place and that CAVS has the LATEST … if you’re not depending on a folder full of “oldies” perhaps it’s ready NOW!
Except for “testers” of course … but I’d trust it here if I needed an AV.
Kevin, do you have a " targed date " for a BETA of your version of CAVS ??? I don’t want to push you … 88)
Greetz, Red.
Rednose, just a question: how does it work to combine two antivirus programs? Do you have avast running as usual, having CAVS deactivated but sometimes start it on demand? Does it work to start it then?
it doesnt work, they will conflict. and your protection igainst virusses will be decreased. So its not a good idea to have more then 1 antivirus program. (unless 1 of them is disabled).
and why have 2 antivirus programs anyway thats just silly.
and its not a good idea to have more then 1 antispyware (with real-time-protection enabled) either.
Kevin, once Windows Vista dominates the market over Windows XP (A few years yet). How many viruses have you found that work under Windows XP to work under Windows Vista without being re-compiled for Windows Vista?
I was really happy to think that anti-virus companies may be able to speed up real-time scanning on Windows Vista machines because they don’t have to detect OLD viruses.
oOeagleOo is right, don’t use 2 real time antivirus scanners at the same time But …
Avast 4.7 is my real time antivirus scanner. I use Comodo AntiVirus 2.0 Beta strictly as an on demand scanner, so with everything off including HIPS. And I used a Startup Manager so it doesn’t even load at startup
See also these topics :
https://forums.comodo.com/index.php/topic,7827.0.html
https://forums.comodo.com/index.php/topic,6182.0.html
Greetz, Red.