Trouble with Tauscan update

Discussion in 'other anti-trojan software' started by Acadia, Dec 17, 2002.

Thread Status:
Not open for further replies.
  1. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    I'm waiting for an answer from Tauscan tech support but in the mean time thought I'd try here and see if one of you ever ran into this problem. Yes, I can always get Tauscan to download the latest update EVENTUALLY, but it always takes 2 or 3 tries! Any suggestions other than "Wait for tech support to answer"? Thanks very much.
     
  2. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Hi Acadia,

    Just have been trying to reproduce your problem: sorry to say, but all went smooth first time - no problems at all.

    regards.

    paul
     
  3. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    Yeah, I've only had Tauscan for a couple of months but it's been this way since day one; ALWAYS have to update 2-3 times before the update finally shows in the Database. Thanks for your time.
     
  4. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Acadia,

    mmm..doesn't seem an Agnitum/Tauscan server issue.

    Anyway: as long as Tauscan isn't able to cope with polymorphic trojans, the app is virtual useless - sorry for stating this bluntly :rolleyes:.

    regards.

    paul
     
  5. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    That's quite alright. Actually, I use BoClean as my full time/real time scanner, I only use Tauscan once a week to scan my whole system.
     
  6. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Got it ;).

    regards,

    paul
     
  7. DrSeltsam

    DrSeltsam Guest

    >Anyway: as long as Tauscan isn't able to cope with polymorphic
    >trojans, the app is virtual useless - sorry for stating this bluntly
    >:rolleyes:.

    By the way ... there isn't ANY polymorphic trojan or backdoor :eek:).
     
  8. Jellyroll

    Jellyroll Guest

    >By the way ... there isn't ANY polymorphic trojan or backdoor :eek:). <



    LOL well for sure Tauscan wont find them if there is.
    Sorry Mr Haak, while I consider you to be one of the best in the world of computers imo Tauscan needs major improvement. Polymorphic needs addressing before not after.
     
  9. DrSeltsam

    DrSeltsam Guest

    >Sorry Mr Haak, while I consider you to be one of the best in the
    >world of computers imo Tauscan needs major improvement.
    >Polymorphic needs addressing before not after.

    I think there won't be "real" polymorphism for trojans. Polymorphic means that a random encryption and decryptor is chosen or generated every time the malware starts.

    So the trojan had to generate a copy of himself every time the trojan is started. In fact it had to replicate it self.

    But per definition a trojan doesn't replicate - thats the great diffrence between worms/viruses and trojans.

    I polymorphic trojan builder is possible (MoSucker 2.2 claimed to have a polymorphic trojan builder for example) ... but imho no polymorphic trojan.

    And by the way ... if there would be a polymorphic trojan no current anti trojan scanner would be able to find them using file scanning cause at the moment no one of them has a 32 Bit emulation to step through a polymorphic encryption :eek:).
     
  10. Jellyroll

    Jellyroll Guest

    >And by the way ... if there would be a polymorphic trojan no current anti trojan scanner would be able to find them using file scanning cause at the moment no one of them has a 32 Bit emulation to step through a polymorphic encryption :eek:). <


    agreed Mr Haak. If I may ask for my personal knowledge........would a boot ploymorphic be able to replicate itself?? As a boot virus does.
     
  11. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    symantics, Andreas, no more, no less ;).

    regards.

    paul
     
  12. Jellyroll

    Jellyroll Guest

    would also agree with Paul since polymorpic is a fact not an illusion. an if I may ask please, at the moment is the safest hex just to disable WSH?? Thank you
     
  13. DrSeltsam

    DrSeltsam Guest

    >agreed Mr Haak. If I may ask for my personal
    >knowledge........would a boot ploymorphic be able to replicate
    >itself?? As a boot virus does.

    What do you mean if you say boot polymorphic? A polymorphic boot virus?
     
  14. DrSeltsam

    DrSeltsam Guest

    >symantics, Andreas, no more, no less ;).

    Do you know even one "polymorphic trojan" at the moment?
     
  15. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Andreas,

    That's why I mentioned symantics ;). For that reason, we might talking about different ways of interpretation. Anyway, in my book: yes. For some reason or another I do think you do as well ;).

    regards.

    paul
     
  16. Jellyroll

    Jellyroll Guest

    Mr Haak I am not nearly as knowledgeable as yourself so please bear that in my as I try to offer an explanation.

    A boot virus is a sense replicates itself each time the computer is turned on...granted its not actually replicating itself since its always there...however, many anti virus programs never see the boot virus during a normal scan an the boot virus then must be removed by way of a boot start-up disk or a msdos scanner that has the sig of that particular boot virus. so my question is would it not be possible that a ployporhic boot trogan could do the same as a boot virus....replicate itself each time a computer is turned on my hiding itself lets say in somewhere in the os.
    my question is sincere Mr Haak.....I am very curious about this.
     
  17. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    Currently, most of the security sites that I frequent do indeed recommend disabling or removing WSH. Just in case you're not sure how to do it, many sites will tell you how. Take care.
     
  18. jellyroll

    jellyroll Guest

    >Do you know even one "polymorphic trojan" at the moment? <


    Yes. if you were to count the one that was made by the person you discovered the exploit. Granted its not in the wild. But thats not to say it never will be
     
  19. Jellyroll

    Jellyroll Guest

    must be off to class now. Mr Haak thank you for taking of your time to reply. An for being patient. Merry Christmas
     
Thread Status:
Not open for further replies.