Topic: cyberhawh2

[daveeb]

suspending it has no effect on anything else.  the prog just wont open. i've also still got system restore turned off after the virus.  i've tried a reboot to no avail. i'll have to try safe mode. failing that H-E-L-P.    Nope refused to uninstall said windows installer service cannot be accessed

for some reason i cant reply any more in thread 1.

[Simon]

That's because I merged it into the original Cyberhawk thread - sorry for confusion.  Let me have a think about this, and I'll come back to you as soon as I can find anything out.

:argh:

[Simon]

In the meantime, try disconnecting form the internet, then disable all your other security software (AV, Firewall etc) and try to reinstall Cyberhawk on top of itself.  Maybe something prevented it from installing properly?

[daveeb]

stranger and stranger. after the third reboot i can now get online and also cyberhawk opens.  i'm torn now about whether to try to uninstall it from add/remove (which now opens also)  :?

[Simon]

Something else to try, Dave (don't worry, we can do this!)  :blush2:

Boot up in safe mode, then go into My Computer > Manage > Services and Applications > Services then right click and disable the Cyberhawk service. Then you should be able to reboot and uninstall it with Add / Remove Programs.

[Simon]

Ahh, you beat me to it.  Umm, well that's up to you.  I did a test with a test trojan I found at http://download.trustware.com/ and it flagged up an alert which neither my AV of Anti-Spyware software detected at that precise moment.  Of course, it may have just beaten them to it, but I have proved to myself that it could be useful.

[Clive]

I tried using Add/Remove to get rid of it and it started to remove the files  but then stopped before it completed the task.  It then told me to close down Picture Package (it wasn't open!) and AdWatch.  At that point I started up system restore.

[daveeb]

i may decide to remove it.  The security status page is reporting :

events analysed  102,936,901,246 !!!!!  :shock:
programs protected   234,062, 243
suspicious activities   1,066,549
malware blocked    153,601

now i could be wrong but i dont think i have 234 million progs on my pc.  what sort of readings do you have with it my finger is hovering on "remove"  

[daveeb]

I tried using Add/Remove to get rid of it and it started to remove the files  but then stopped before it completed the task.  It then told me to close down Picture Package (it wasn't open!) and AdWatch.  At that point I started up system restore.

it won't let me remove it at all  :shock: windows installer service cannot be accessed. tried a different old prog i didnt want and that went ok so add/remove is working.

i found the official novatix manual.  says to uninstall use add/remove. Fantastic.  I also note it sends info on all intrusions back to novatix.   I'm starting to feel like a lab rat  

[Simon]

I have just found the security status page, and I think it's the total number of events analysed - ever - anywhere!  It works by way of the 'Cyberhawk Secure Community'.  I have just discovered this myself, so this may put some people off - I am now undecided as to whether I want to continue using it myself:-

What is the Cyberhawk Secure Community?

The Cyberhawk Secure Community is a worldwide network of active users who volunteer to aid in identifying new threats. Any time a suspect alert is triggered in Cyberhawk, information related to this event is automatically reported to Novatix for analysis through a secure connection. Any information collected is held completely confidential and is used solely for the purposes of researching new or previously unknown threats, gaining an understanding of their behaviors, and developing new protection against them. Information collected may include the Cyberhawk alert that fired, the history of relevant events leading to that alert, the decision taken, and any relevant IP address information. This immediate confidential feedback on potentially dangerous new threats allows Novatix to advance its ActiveDefense technology to block these threats. So as threat strategies evolve and new security penetration tactics emerge, Cyberhawk technology will remain at the forefront of the solutions that defeat those threats.

So, basically, if it finds something on your PC, it sends the information to the 'community', so as to protect others and to remain updated.  You can switch off this facility, but then the program won't be updated, and will gradually get more ineffectual.  The big question, of course, is what information it's sending, and is this, in itself, a security compromise?  I'm sure that other security programs operate in a similar way, but don't bother to tell the user.  At least, Cyberhawk are being up front about it.  :|

Dave, if you want to uninstall it, you may have to go via the Services route I mentioned above.

[daveeb]

just beat you to it there simon    i'm going to try your suggestion, but i fear the worst.

[Simon]

I'm starting to feel like a lab rat  

I'm starting to wish I hadn't found the bloody thing!  

[Lona]

I'm starting to feel like a lab rat  

I'm starting to wish I hadn't found the bloody thing!  

I told you before Simon, you're  

[daveeb]

Phew. That worked. the cheeky s0ds took me to their website straight after the uninstall to fill in an exit questionnaire.  I don't think so.  To my way of thinking this was nearly as bad as the other dodgeware i've just got rid of.

But again thanks for the last tip simon, i would never have thought of it.  

 :wink:

[Simon]

What surprises me is that it seems to be quite popular among the anti-spyware comminuty, but I would have thought that the fact that it sends information about your PC goes against all anti-spyware ethics.  :|

I should go and have a lie down now, Dave!