looking for a great antitrojan

Discussion in 'other anti-trojan software' started by mantra, Jan 25, 2005.

Thread Status:
Not open for further replies.
  1. ghodgson

    ghodgson Registered Member

    Joined:
    Dec 20, 2003
    Posts:
    835
    Location:
    UK
    Hi folks, I run Ewido and a squared. But please read this Boclean review link which rates Boclean as mediocre and outdated, and only has 4,200 trojan signatures. Oh and please dont shoot the messenger as I am quite neutral in this discussion. Although I do see the review is 6 months old.
    Gordon

    http://www.anti-trojan-software-reviews.com/review-boclean.htm
     
  2. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    Like a lot of people around here my vote would go to: BOClean, TDS-3 and Ewido. BOClean & TDS-3 have been around since the dinosaur's ruled the world and know how to navigate the murky trojanwaters. You can't go wrong with these two. BOClean is a set & forget program and have a very light footprint, you don't notice it. TDS-3 have a lot of feature's which can be intimidating at first, but actually is quite easy to use.
    Ewido is young and upcoming and if they continue to develop they could become a very serious competitor, they update daily and have a large database and is very easy to use.:)
     
  3. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    Hi Gordon

    BOClean have just been updated to 4.12 (the engine), and the trojan signatures count is "4968 UNIQUE trojans (24,849 trojans, worms, rootkits, adware, spyware, keyloggers, "dialers" and other malware in total, including all variants)" as of today. :)
     
  4. ghodgson

    ghodgson Registered Member

    Joined:
    Dec 20, 2003
    Posts:
    835
    Location:
    UK
    Dear Don, Thanks for the info, so the review IS quite out of date. I would consider buying Boclean but I have to say that with Spybot [tea timer activated], Adaware, Ewido, and a squared free, spyware blaster, spyware guard and NAV and NIS [ I am considering getting rid of the Norton stuff] I havent had any crud on my machine in a long time---touch wood, so would it be worthwhile I ask myself.
    Gordon :doubt:
     
  5. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    Gordon, if you have the full version of Ewido then i would stay with them, they are very good IMHO. :)
     
  6. muf

    muf Registered Member

    Joined:
    Dec 30, 2003
    Posts:
    926
    Location:
    Manchester, England
    Forget about how big they say the database is. Some AT's have to have a unique signature for every variant of a trojan. So if there are 30 variants then that will mean 30 signatures. Some AT's use just the one signature that detects all the 30 variants. So that means just 1 signature. I remember Kevin from BOClean saying that if they added up how many different variants BOClean could detect then it would be over 250,000. Each of BOClean's signatures can detect multiple variants, so as a consequence we users don't know how many different variants it can detect. But they do say how many unique trojans it detects. If they advertised that BOClean can detect over 250,000 trojans would that make it the best? Maybe in your eyes if it's the biggest number that is important to you.

    My point? Stated size of database doesn't always give you an accurate comparison due to the way different vendors AT's populate their databases.

    ghodgson,
    You said in your post the following comments:

    "I run Ewido and a squared"

    "But please read this Boclean review link which rates Boclean as mediocre and outdated, and only has 4,200 trojan signatures."

    "Oh and please dont shoot the messenger as I am quite neutral in this discussion".

    Neutral? Don't make me laugh. Why say something on a public forum that could undermine the reputation of this application. Neutral people don't do that!

    muf
     
    Last edited: Jan 27, 2005
  7. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    it is his opinion that he is neutral, he just pointed out to a outdated review of Boclean. we all know the positive sides of Boclean.

    it is a public forum, so members and even guests are entitled to give their opinion one something as long as it inside the perceptions of the TOS.

    you are correct though about the database issue, the biggest database is not a reason for having the best scanner with support for the most unpackers or whatever.

    the way of posting the sigs of some apps database could be misleading even that is correct.

    at the end, if Kevin says it could detect 10000000 variants, I presume you would just take over his opinion? Cause Kevin said Boclean can detect 250.000 variants... could be but one thing I learned, don't believe everything someone says. without the proof those statements are useless..

    but Boclean is a very good product, top rated, never used it but if so many users do say it is a good product: that I do believe, I wouldn't believe it if only Kevin was saying it ;)

    just my two cents

    Inf.
     
  8. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Gordon,

    I wouldn't say the review is out of date, but I do think they missed the boat on BOClean.

    I use it for it's resource footprint and raw AT performance. Given that you already have Ewido and a², and all the other stuff, adding BOClean would be a circumstance of diminishing returns. I like to run my PC light, and if this is one design objective, BOClean achieves that quite well and I recommend it.

    Blue
     
  9. Randy_Bell

    Randy_Bell Registered Member

    Joined:
    May 24, 2002
    Posts:
    3,004
    Location:
    Santa Clara, CA
    Although I use TrojanHunter {TH} and NAV for my protection, after reading that review my impression is that some of the statements are questionable. I understand BOC is going to be implementing a file scanner, so that criticism {lack of file scanner} will no longer be valid; and it is a continuing debate, as to the usefulness of file scanners compared to other methods of protection.

    I suspect the fact that BOC *is* a memory scanner accounts for why, as others stated here, it can detect multiple variants with one signature. I suspect variants usually differentiate themselves in the file signature more than the process signature. It is quite easy to modify the file {the executable} via exotic runtime-packing and encryption techniques, skillful hex-editing, etc. I suspect it is quite another matter to modify the process signature without creating a whole new malware process. Thus a process scanner {a.k.a. memory scanner} will require fewer signatures to detect the same number of variants. ;)

    I might add that BOC also seems to do well against adware and spyware, as, one does not see a lot of HJT-Logs published from BOC-users that contain running spyware processes.

    Warmly, Ran
     
  10. ghodgson

    ghodgson Registered Member

    Joined:
    Dec 20, 2003
    Posts:
    835
    Location:
    UK
    Thanks for the input guys. I do seem to have ruffled some feathers here. as i said I have absolutely no axe to grind with Boclean, nor was I promoting Ewido or A squared, just quoting the progs I use. I have never used Boclean so I Could not comment upon it. I was merely pointing out the review I found. If some people dont like what was written in the review that is hardly my fault.
    Gordon
     
  11. WilliamP

    WilliamP Registered Member

    Joined:
    Jun 1, 2003
    Posts:
    2,208
    Location:
    Fayetteville, Ga
    I have the full version of Ewido for several weeks and have had to shut off Ewido Guard because it would take over the CPU 100%. I would have to reboot to get it to stop. It got too frequent. I E Mailed support and after a couple of weeks I got a reply that they got my E Mail. Thats it.
     
  12. peter.ewido

    peter.ewido former ewido team

    Joined:
    Nov 10, 2003
    Posts:
    737
    Location:
    Brno, Czech Republic
    Hmm, very strange... The confirmation mail is an auto-reply so "a couple of weeks" seem almost impossible to me. Btw. you got a reply with the request to send us a list of your installed security applications but unfortunately we never got a reply ;( Could you please check if the mail maybe got lost in a spam folder or something like that?
     
  13. WilliamP

    WilliamP Registered Member

    Joined:
    Jun 1, 2003
    Posts:
    2,208
    Location:
    Fayetteville, Ga
    I never received the E Mail you mentioned. The one I did receive didn't say anything, except to appologize for the long delay in responding.
     
  14. peter.ewido

    peter.ewido former ewido team

    Joined:
    Nov 10, 2003
    Posts:
    737
    Location:
    Brno, Czech Republic
    Just looked at your ticket... Please scroll down a bit ;)
     
  15. WilliamP

    WilliamP Registered Member

    Joined:
    Jun 1, 2003
    Posts:
    2,208
    Location:
    Fayetteville, Ga
    I am sorry Fish but I no longer have the E Mail.
     
  16. Mr2cents

    Mr2cents Registered Member

    Joined:
    Sep 18, 2004
    Posts:
    497
    I'm a happy boclean user. Imo you can't go wrong with tds3, trojanhunter, or boclean. All are tremendous antitrojans programs. I can't comment on ewido or a2 squared as I've never used them. Ewido isn't windows me compatable..or so they say. I like boclean because of regular updates, and low system resources. I don't notice any slowdown in peformance on my puter.

    Although this is debatable. tds3 is probably the best there is. However, it uses a lot of resources. I only have a intel 700 mhz processor with 192 mb of ram. Boclean just gets the job done....and that's my verdict and I'm sticking to it :D
     
  17. ghodgson

    ghodgson Registered Member

    Joined:
    Dec 20, 2003
    Posts:
    835
    Location:
    UK
    Dear Mr2 cents , I whole heartedly agree. If it does the job and you are happy then thats all that matters. its all about personal choice and reliability.
    regards Gordon
     
  18. tazdevl

    tazdevl Registered Member

    Joined:
    May 17, 2004
    Posts:
    837
    Location:
    AZ, USA
    Anyone know how often Kevin releases updates for BOClean?
     
  19. john2g

    john2g Registered Member

    Joined:
    Feb 10, 2002
    Posts:
    207
    Location:
    UK
    Virtually everyday, if you mean definition updates.
     
  20. controler

    controler Guest

    I don't think Kevin is a human at all. I think he is from a different world.
    He works night and day and does not play much but has a ton a money in savings LOL
    I know he and TDS have been around for along time and have friends from the underworld but have the old fashioned values.
    I do not know about Magnus. I have not chatted with him much.

    I am sure all three are aware of the latest threats and are trying their hardest to compensate for them.
    The bad guys don't have to worry about how well their programs play with Windows slash new builds. The good guys do. and so they are limited in what they can do.


    Don't worry about goback, Ghost image programs. If you have data that needs to be saved on your drive . back it up on another drive.
    They are cheap these days.
    Then reformat every three months or sooner depending how paranoid you are.

    It is not that tough.
    I know common computer users don't have that option yet but is sure doesn't take much to teach them now does it?


    Bruce
     
  21. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    I agree in what you are saying Controller regarding Tds and Boclean.

    But I don't like formatting my puter every three months.
    Every time I try to beat myself in a contest: every period between two formats has to be longer then the previous, cleaner then the previous and faster then the previous... I do think this is more fun and tempting. And a real challenge.

    cheers
     
  22. tazdevl

    tazdevl Registered Member

    Joined:
    May 17, 2004
    Posts:
    837
    Location:
    AZ, USA
    LOL daily program updates would be a bit above and beyond. Thanks for the scoop, just ordered it and haven't played with it.
     
  23. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,448
    Location:
    Sky over the Wilders Forest
    Yes Kevin updates nearly everyday and sometime twice a day. Check the update threads here and you will see.

    On putting your data on another hardrive good idea. Make it external and Ghost an image to it. Or use backup software that comes with these External Hard Drives. Make sure you have a cleaned up image you do not want to image a load of malware. I just fired up and loaded up my new One Touch Maxtor on my Emachine it went real smooth. Sorry off topic.

    Back on topic sort of, Bruce, reformat every three months o_O . My approach is do that as a last resort. Keep your system cleaned up watch what you download. Do maintance including keep the dust out the inside... I'll stop there but it is not the end of what you need to do...I have not reformated my old Compaq in a couple of years. No problems except for rare software conflicts that are recoverable. When the system tells you something is not right either through 3rd party utility or XP OS itself. Address it rather quickly and most will be fine.

    :oops: :oops:

    Sorry mods. way off topic I will stop now.
     
  24. spyaccess

    spyaccess Registered Member

    Joined:
    Jan 14, 2005
    Posts:
    11
    Location:
    Toronto
    hehe... looks like I am not up to speed on Trojan defense... back in the day it was alright. What about their Outpost firewall, are they not supporting that either? o_O
     
  25. Chris12923

    Chris12923 Registered Member

    Joined:
    May 31, 2004
    Posts:
    1,097
    Agnitum does support and is still developing Outpost firewall which is a top rated firewall as well as being fairly easy to use. I highly recommend it.

    Thanks,

    Chris
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.