BOClean, ewido, and Trojan Hunter

I'm curious what experiences users have regarding these three products,

BOClean
ewido security suite
TrojanHunter

and how they would rate and compare their effectiveness as well as the features and benefits of each.

 

of the three i have only used Ewido. My stepson had been downloading music off of the net and got so infested with malware that his comp almost wouldn't run. I tried several AT's but the only one that would run on this infested comp was Ewido. It scanned for almost an hour and picked up and deleted 142 trojans,worms and other garbage. I will definatly recomend Ewido, It is the only one that didn't let us down on that particular comp.There are other good AT's out there I'm sure but I know Ewido works.

bigc

 

BOClean is real-time protection only, it has a Guard but no demand scanner (though that may change in the future).

Trojan Hunter has a much smaller sig base and is more of a specialist anti-trojan.

Ewido, like A2, has a very large sig base and can catch a lot in the general spyware area as well.

I use Ewido and A2 so I can't really comment too much on the others.

 

Hi,

I have all three. None have ever detected any piece of malware since I began using Kasperky AV. Ewido has an on-demand scanner which I run now and then and it may find some tracking cookies. So it is tough to say which is better, since Kaspersky usually finds everything first. Ewido uses less CPU cycles while BOClean spikes when running ProcessGuard. For this reason, I am running Ewido instead of BOClean in real-time.

Rich

 

I have ewido but it has never caught anything major on either mine or my kid's pc because either McAfee or avast! respectively, generally nail them first. Other than that I am sure all three programmes mentioned are great at what they do. I like to have a dedicated anti-trojan alongside an AV as a second line of defence, although it could be argued that one of those alongside processguard is more than enough.

 

Hi There

BOClean - BOClean has no "trial version" available, and as I have an issue with the concept of purchasing software without the facility to try it first, I (sadly) crossed it off my list.

Trojanhunter - (trial version) When I tried this one out I was very impressed with its ability to deal with Trojans (just as it says on the tin), but I found it that it slowed my system down too much. In fairness though, I have not seen this to be a widely reported problem with the app.

Ewido - tried the evaluation copy which is fully functional for 14 days, after which the real time protection is disabled but on demand capability remains. Excellent piece of kit. Regular, fast updates, powerfull and effective tool, shame the interface is a bit clunky. I bought the license for this one and have not regretted that decision. In addition, Ewido was the first tool which we found to actually help in fixing the Aurora/nail infections that were appearing on floods of HJT logs, although others such as KAV and AVAST are reported to have caught up. A point about Ashars' comment on KAV. I think that KAV is one of the finest AVs around alomg with NOD32, however I have found KAV to be very resource hungry and though undoubtedly thorough, too slow for everyday use. In addition, I practice and reccomend the "layered defence" strategy as being in most cases the optimum strategy at least to start with. I do not expect an AV to detect TRojans, nor an AT to deal with Virii, if they do, then regard that as a bonus, but dont rely on it - you may get caught out.

You might also consider TDS3, very powerfull but quite an intimidating tool to use initially. For me, it was a toss up between TDS and Ewido and in the end it was purely a matter of personal choice that I went with Ewido - you may find it doesnt suit you.

In summary -
1-try before you buy,
2-seek opinions and advice but make up your own mind from your experience
3-use what you feel most comforatble with
4- and most importantly - whatever you have, keep it updated.

HDRiderUK

 

I've used full versions of BOClean and Ewido. Both are decent options. While potential users tend to focus on the lack of a trial version for BOClean, be aware that BOClean's licensing is quite favorable. As noted in the EULA:

Both BOClean and Ewido are effective. The absence of a file scanner in BOClean is not terribly relevant given an AV scanner is generally available, and as has been described elsewhere, single file scanning is available from within BOClean, see here

On my own systems, BOClean is my realtime AT. Whether it fits your needs depends on your objectives.

Blue

 

BOClean does have a single file scan feature.

http://www.broadbandreports.com/forum/remark,13460020#13460900

 

Primrose...that rocked my world

Thanks for that invaluable info.

 

Thanks everyone, I appreciate all of your replies.

It sounds as if ewido is the most popular and most widely used, but I'm guessing that could also be due to the free trial period and relative ease of use. I'm not sure if TrojanHunter has a free trial period or not, and from researching it a little it sounds as if things like updates aren't exactly the easiest to execute, etc. I'm a little more curious about it's overall effectiveness, though, since it appears to have a smaller signature base....and also, how effective and useful all 3 apps are at dealing with nasties like rootkits and keyloggers (if they do) as well as trojans.

Also, has anyone tried the free F-Secure Blacklight for rootkits, or heard how they plan to intend to market or distribute the product once it's out of beta?

 

Not so! It can scan single files.

 

Now this has got me thinking...if BOclean does indeed have an effective file scanner built in ALREADY, then why don't the makers just put in an option to use it as a standard filescanner from the shell? I mean, even if it is indeed fooled by some camouflage trickery like the developers claim, its memory scanner would catch the malware if executed. What's the harm in sticking in a feature?

 

Look at this post that Kevin posted in another thread, he makes perfectly clear what he thinks of filescanners.......in his usual very entertaining style.

 

Because we don't feel that the scanner is up to the standard we have established with our real-time protector. So it's not something we would want to tout as anything beyond an "undocumented feature".

Also...a note to the thread in general. We do offer a no-questions, no-hassles 30 day money back guarantee for BOClean and NSClean-new version out soon, very soon(get a free one if you buy now)- and IEClean for that matter. It can be like a trial without the hassle of needing a registration code to install (and later lose?), bacuse you paid up front so we don't have to do the codes. We really honor it too...ask around if you have doubts.

 

1st: trojan hunter has a 30 day trial available from http://www.misec.net

2nd the not so easy updates are for the trial only. once you're licensed it is very easy to update using its built in liveupdate wizard

3rd i've found all 3 very effective in handling all kinds of malware
i have all 3 installed and have tested them, both on my own comp and doing log fixes.. my feeling is that boclean really excels on removing infections
ie it can remove what it detects....

is ther some reasons why you dont consider TDS ?
these 3 + tds are really IMHO the only anti trojans worth my dough..

 

From everything I have read, TDS is more complicated and more for "technically advanced" users and not as user friendly for novices, which I am. This doesn't mean that I wouldn't consider it, but I would need to be reassured from the masses that all of the reviews which indicate this are incorrect.

I did download the trial version of ewido, to give it a shot. It seems sound so far, with no problems with the installation, and the guard started right up and is working fine. Also, the updates are frequent and fast. A couple of things that I noticed....after scanning, there is no "recap", indicating things like time of scan, number of files scanned, etc. Also, the last scan I ran did something rather odd: it took about 50 minutes to scan right at half the files (50%), I got up, went to the bathroom, was gone about 30 seconds, came back, and it was finished! Is that somewhat standard and customary, because it seemed a little odd, in all honesty.

 

You must have missed the "View reports button" which will make statistics available.

It's just a GUI-bug (fixed in the next version), it does scan all files.

 

The "View reports button" must be either in a newer version (I downloaded version 3.0, demo) or is a feature included with the full, pay version. I just double checked and there is no such button on my current trial version.

Thanks for the heads up regarding the GUI-bug, though, I greatly appreciate that.

 

It's there right after the scan has ended at the bottom in the grey-bar, it might be called "Reports" only in 3.0. The trial of 3.0 which is a full version for the first 14 days has this option too.

 

It says 'Show Statistics' on mine!

 

You are welcome..and with BOClean you get a photo of the author.

http://www.dslreports.com/forum/remark,13380680#13381159

 

Hmmm.....guess I must have gotten a version different from others, then. I downloaded version 3.0, demo, directly from ewido's web-site. Oh well....

Don Pelotas.....I didn't check after my last scan, but I will be sure to do so after my next scan. When I launch the main program, I get a screen with these options:

Status
Update
Scanner
Analysis
Quarantine

Status is the main interface, with the security status, status of database, additional and license information. No option for "statistics" or "reports".

Update just provides access to online update for the latest signatures.

Scanner just provides the opportunity to manually run a scan (with selected options for scanning)

Analysis provides a few links underneath:
startup (detailed list of startup processes)
connections (protocol/address)
processes (processes/PID)
quarantine (list of quarantined items)

That's it. So I guess the "reports" summary is something that needs to be viewed immediately following a scan. I'll be sure to look for that next time I run a manual scan and will let you know what I discover. Thanks.

 

Just do a right click scan of any file and you will see what we mean.

 

How did you know I've always wondered what Kevin looked like

 

Ah yes, Kevin and his choochoo. Never saw him move so fast that early in the morning than the day they told him to start that train up.