Re:Anti-Trojan discontinued (question from notageek)

I'm still trying to think if I ever tried this Anti trojan program (not a²). Was this Anti trojan that was discontinued the one that cost like 20 bucks or something like that? (notice trying to change the subject about if a² is going to be out or not)

 

Hey Notageek.

I'm not sure what the price was for Anti Trojan but if I remember correctly,the logo was a wooden horse.
It looked a lot like rocking horses I remember from early childhood.
It's a unique logo.
I think that was the first anti trojan program that I ever downloaded.

 

Antivirus is not enough!

Viruses are only half the story!


Your PC may be virus-free, but you can still be infected with Trojans.


Your door may be locked but your windows are wide open...


..more



What are Trojan Horses?
They are very dangerous! Trojans or often called backdoors are programs which will most be sent via email, instant-messengers or filesharing-tools. If you run a trojan file it will install itself on your computer to get run every time you boot up your machine. Trojans opens a port (channel) on your system which can be used by an attacker to connect to your computer. Trojans can enable almost everything for an attacker to do harmful things like viewing/modifying/deleting data, watching you when you are working or surfing the web, etc. Depending on the trojan there can be thousands of functions built in which can be remotely used by any attacker to spy you.


..more



What is Anti-Trojan?
Anti-Trojan 5.5 is a powerful trojan scanner and remover which detects more than 10000 different types of trojan horses. It uses three methods to find them. The first is the portscan which gives you information if there are open ports on your computer. The second one is the registry scan which searches through the system registry database for trojans. The third and the most important part is the disk scan. It scans your harddisks for dangerous trojan files and removes them safely.


..more



Protect your system NOW! - $29.95 buys protection

 

Latest version:


Anti-Trojan 5.5
Build: 421

Number of trojans in the signature-file:


10557 Trojans


Test it 14 days for free!



And you know the rest of the story..as of sunday last

 

This is not quiet right. The Anti-Trojan guys also counted non-trojan files like clients or edit servers as a "trojan". So "real" figure is much less. But anyhow this is history now.

wizard

 

So true..so true..but that is in fact what was publised on the site..with you and I knowing the numbers never do mean squat..they all do that and even now bitdefender is lowering the amount of bad boys they even care to address..

http://www.bitdefender.com/knowledgebase/script_view_document.php?id=79&language=en


In the past did you ever tell Anti-Trojan developer he had screwy numbers ? or did you just think it necessary now to place that wealth of info in the tombstone.

 

>This is not quiet right. The Anti-Trojan guys also counted non-trojan files like clients or edit
>servers as a "trojan". So "real" figure is much less. But anyhow this is history now.

And others count one and the same trojan in several states several times . So what do you try to say?

@notageek:

http://web.archive.org/web/20020821204654/www.anti-trojan.net/at.asp?l=en

 

Thanks.

Primrose are you a salesman for an AT company?
I don't feel the need for me to spend any money on an AT yet. I think McAfee and NOD will do good at getting what it can.

Andreas that link was the A² web site. It takes me to this right here http://www.emsisoft.com/en/

 

Never happen notageek..they all have enough salesmen.

I am sure what you have with McAfee and NOD will do you just fine.

 

I might buy an AT sometime. I think as soon as a trojan hits me I'll wake up and smell the coffee and buy one.

 

All the AT and AV companies are doing a good job improving and updating their products..I think it will be a while until you have to worry about your surfing habits geting you into a situation you can not handle now.

And if you have difficulity with the products you use now..you certainly know where to go to ask for help.

 

I would much rather be hit by the most destructive virus than a Trojan. What’s the worst that a virus can do? Reformat your hard drive? No big deal, just restore a back up. (You all do regular complete backups, right?)

What can a Trojan do on the other hand? Nothing. You can have one in your system for years and not know it, not a single file is destroyed. BUT, all the while, if it was put there by an Identity Thief, it can steal your social security number, credit card numbers, passwords, etc., in other words, someone else becomes you, and it can cost you thousands of dollars and take several years to regain your good credit. Until AV’s become truly competent at detecting Trojans I truly believe in the anti-Trojan software. Even a firewall and AV together, in my opinion, is not enough. Tis better to be safe than sorry. An ounce of prevention is worth a ton of cure. Etc, etc.

Acadia

 

This is true but how do you get trojans? Can you get them from looking at web pages?

 

Yes, via exploits in IE. One of the most recent patches stated "even if IE isnt used as the default browser"

Or by exploits in the OS - as soon as DCOM became public, a certain trojan writer created a DCOM exploit GUI, so anyone could just put in an IP, and if vulnerable, upload their favourite trojan.

Or by stupidity.. ok thats not nice.. by being social engineered, a trojan EXE is often renamed to .SCR and sent that way "look at my sexy screensaver"

An undetected file binder could drop the trojans, a lot of AV's and even AT's arent detecting enough binders. There are literally hundreds out there, a binder stub is an extremely simple program - all it does is "drop" 2 or more bound executables and launch them. One is usually a legitimate app, the other is a trojan and is launched hidden with the SW_HIDE command. (PS only TDS-3 has generic binder detection, and detects hundreds of binders)

 

Cause noone else need it . Comprehensive on access scanner would detect the file drop . But well ... hopefully this will change with TDS-4 .

And by the way:
TDS-3 is not the only one detecting binders in a generic way .

 

Andreas,

That's great, we look forward to seeing this capability in your a2 scanner.

 

Many attackers do not use file binders/joiners anymore because this makes it more difficult to camouflage trojans: not only the trojan itself but also the binder must be made undetected.

Instead they use commercial installers like Install Shield or Wise. Such installers are usually not detected as malware.

A good on-demand file scanner like the one used by Kaspersky AV can "look through" installer files (i.e., it can scan the individual components of the installer package). Moreover, the AV's on-access file scanner will usually detect a known trojan which is installed (= copied to the hd by the binder or installer) before it can be started. The file scanner may not detect the trojan if it is compressed, crypted or otherwise modified. In such case, a memory scanner may help.

There are still some less known ways to bypass an on-access file scanner. I will not disclose them in accordance with guideline no. 4 ;-)

Moreover, I have a question: Taking into account that it is possible to install a trojan in a way that it is autostarted before the windows login takes place I wonder whether you are aware of any on-access file scanners which are autostarted after the windows login has taken place.

 

>There are still some less known ways to bypass an on-access file scanner. I will not disclose
>them in accordance with guideline no. 4 ;-)

3 ways come into my mind . But well ... it depends on how intelligent the on access scanner is .

>Moreover, I have a question: Taking into account that it is possible to install a trojan in a way
>that it is autostarted before the windows login takes place I wonder whether you are aware
>of any on-access file scanners which are autostarted after the windows login has taken place.

Well ... it depends on how the on access scanner is implemented. In case of KAV 3.x for example KAV will block the access to the file if no Guard GUI is found that could display an alert .

 

Hhe scanner won't have this feature - but the guard has .

 

Whatever. Anyway it sounds like you have a lot of work to do so we'll leave you to it, and we all look forward to testing your vulnerability-proof on-access scanner if it's ever released.

 

looks and sounds like wayne & co are sharpening their teeth( fangs?)

 

I guess you have hallucinations that you read words that aren't wrote there .

 

Illukka,
No, we just have work to do.

 

I'll still stick with my Av's I have now. If I get a trojan than I'll spend the money on an AT.

 

Hmmm ... and how will you recognize if you are infected or not?