Boclean & Unhackme

Discussion in 'other anti-trojan software' started by jonnypop, Jul 24, 2005.

Thread Status:
Not open for further replies.
  1. jonnypop

    jonnypop Registered Member

    Joined:
    Jun 17, 2005
    Posts:
    16
    Does anyone know if Boclean covers all the rootkits that Unhackme guards against? Or is worth it to purchase Unhackme in addition to Boclean and run both together.
     
  2. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Hi johnnypop,

    Both products list the same rootkits as "covered". However, my guess is that they are trying to detect them in different ways. UnHackMe, apparently is using several methods including registry dumps as well as their own driver to detect shadow processes. I am not sure how BOClean detects these processes. But here is a quote from a message that Kevin left on DSLReports:

    As for myself, I prefer ProcessGuard's (licensed version) approach which is to prevent rootkits from installing in the first place, as opposed to detecting them after the fact. However, I did purchase UnHackMe, because I like the company. :)

    Hope this helps,
    Rich
     
  3. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    UnHackMe detects things generically, where BOClean detects them with signatures, so they would be complimentary to eachother.
     
  4. john2g

    john2g Registered Member

    Joined:
    Feb 10, 2002
    Posts:
    207
    Location:
    UK
    I think you will find that BOClean detects rootkits both by signatures and heuristics.
     
Thread Status:
Not open for further replies.