Why Anti-Trojans?

I am a bit of confused about the real need of Anti-Trojans.

I have used first Kaspersky Personal Pro 4.0 and then F-Secure 5.40 as my backup Anti-Virus some half a year. During that period they detected some 10 trojans and backdoors. All that time I had Tauscan 1.6 as my Trojans detector, but when I made full scan to my PC after Kaspersky or F-Secure with Tauscan Anti-Trojan, it detected none such kind of infections. So I decided that a very good Anti-Virus is enough for me when it is capable to remove trojans and backdoors too.

Can anyone show really independent tests were for example KAV, F-Secure, RAV or DrWeb are within with other most respected Anti-trojans in the market?

PS. For me if someone detects 95% and the other 90 % isn't enough to convince me that I really need that kind of stuff, because it may still be within natural variation in that case!

"The truth is out there, but it hurts"

Best Regards,
Firefighter!

 

Hi Firefighter,

If my AV detected 90% of all trojans, I would still use an AT.
Why?
Because specialists have a tendency to concentrate on one subject and because I like a layered defense.
Or, as Paul says it: Don´t put all your eggs in one basket.

Regards,

Pieter

 

Hi Ya Firefighter

At first of all I feel need to remind all trojan horses are not intruders but installed as default by M$; one of those is Telnet.exe in system folder. Patch for disabling it available at M$ sites. Not a one antiprogram recognizes it as a trojan untill you use any antitrojan program heuristic option for scanning. (not sure they find it at all ). Trojans open ports, they connect to the net; only scanning all your computers 65 535 ports you make sure there are no trojan horses running, there are no open ports/backdoors. Use a portscanner like ANTS 2.0.
Second thing I have to remind is that trojan horses are not viruses at all; they are server applications connecting to the net for several different purposes, all evil.
I do not tell all of this because you might not already know all this, but because of "newbies".

Take care ^Ari^

 

KAV (and F-Secure which uses the KAV engine) is properly the best anti virus program for trojan detection. But for nearly all other av programs this is (still) not the case. So a 'normal' antitrojan program besides KAV does mostly not make any sense (but it also does not do any harm ).

I personally think that the only antitrojan program you can benefit from running together with KAV is TDS-3 due to a lot of tools that help to find also 'unknown' systems which might not be detected by KAV.

wizard

 

To everyone from Firefighter!

As I have said earlier I appreciate your opinions but the facts are those what I am most interested in!

So can anyone show different independent tests, where for example the av:s I mentioned above are with the best possible anti-trojans so I can make my own decision about the real need of anti-trojans? My PC has so small hard disk that there is an other use of different programs than pure waste!

"The truth is out there, but it hurts!"

Best Regards,
Firefighter!

 

believe the proof of it is in are you well protected . I chose to follow the wizards advice sometime back and in addition to my KAV have added TDS3 as an additional layer of protection. My system is a lite one and so for me I do not want to follow the trend of loading it up with two or three diffirent anti virus programmes and trojon programmes .when that which I have, does all that the advocates of many programmes achieves. For me the facts speak for themselves, and that is in the results that I have in safe cyber journeying. Simplicity is a wonderful thing .

 

Firefighter.

I think I see what you are asking about.

A test with AV programs and AT programs regarding trojan detection?

I personally don't know of any such test.
But if there is one,I also would be interested in looking at it.
I'd be curious to see how KAV performed in a trojan test compared with AT programs.


I have layered protection(TDS-3,Trojan Hunter,NOD32).

But I am curious.

 

Hi everyone..

Well I can say from experience that there are plenty of trojans on my drives that are not detected by antiviruses - sometimes for a long time perhaps forever, and are detected by TDS. I see many collectors hunting down these trojans for that exact reason. They are rare and not detected by antivirus scanners.

Luckily, many are detected by TDS generic detection, or by memory scanning. Having something like Port Explorer never hurts either, it is part of my analysis routine and rarely is there no prior indication of a trojan before I start adding detection.

 

Are the tests done here http://www.hackfix.org/miscfix/icons-av-all.shtml reliable on this subject?

 

http://www.anti-trojan-software-reviews.com/past-trojan-reviews.htm

and an old test from 2001:

http://www.claymania.com/tests-trojan.html

 

To everyone from Firefighter!

Hi, I have read only one big combined AV and AT test on the Technodrome24 sites made about 5/2002. It has been removed now, but the best 2 AV:s (Kaspersky engine) detected over 99 % of those 4 386 Trojans and Backdoors when the best AT, TDS 3.2.0, detected only 47,42 % of those things.

If that is b... s...? So there have been some 9 months time to proof something else, but nothing has happened!

I think, that here is something suspicious!


"The truth is out there, but it hurts!"

Best Regards,
Firefighter!

 

Well whether the results at Hackfix are reliable or not no one has answered but according to their tests:

None of the AT programs - Cleaner, Tauscan, PestPatrol, or PC Doorguard found 100% of the trojans but Antidote, Kaspersky, McAfee, Norman and PC Cillin did catch 100%.

 

To everyone from Firefighter!

I have to add that I have seen those old tests, but I want to see those tests made after last spring.

Why I want that kind of facts? I have read so many times lately, that several AV-producers have done serious improvements to trojans detecting, that's why!

"The truth is out there, but it hurts!"

Best Regards,
Firefighter!

 

Ummm Firefighter did you go to the page I posted? Those tests were done this month and the anti-trojans tests were done in the last 3 months here: http://www.hackfix.org/miscfix/icons-at.shtml

How much more recent do you want than the last couple of weeks on some of these tests or are you saying you don't believe these tests or what

When does last spring come on your calendar because on mine last month came after last spring?

 

To Msingle from Firefighter!

Sorry, I couldn't at first see those AT results. It seems to me that there is not much extra value with an anti-trojan compared with a good antivirus.

So why to use such things, if the results are so contradictonary?

"The thuth is out there, but it hurts!"

Best Regards,
Firefighter!

 

Firefighter,
Try this link: http://www.staff.uiuc.edu/~ehowes/trojans/tr-tests.htm
This is a completely independant review.
Unfortunately most reviewers ar not always what they appear to be and vested interests are put above objectivity
Comparing AT to AV is a bit like comparing apples to pears.
Try the trial version of TDS3 and you will soon start to appreciate the differences


Added URL tags

 

Anti-Trojans are looking for a different thing than a anti-virus, you can write detections for any detection program, but that doesn't mean it is doing the job for which it was designed. It is like being a Firefighter and trying to use a 2" hose to do a job that a foam machine was designed to do. You might be able to knock out the fire, but it is better to have the right tool for the right job.

As to what tool is the right tool for AT's for you, well that depends upon what level of protection you are comfortable with, a brush fire requires different protection levels than a Hazmat Fire. Depends upon what kind of things you use your computer for. Try two or three and find the one that is a comfortable fit for yourself. I have my preference which is TrojanHunter, each release gets better and better, while the complexity of it is what you make of it. The Customer Support is outstanding.

 

To Pilli from Firefighter!

Unfortunately that test you served was over one year old, during the last year it has happened so much with several av:s trojan detecting capability and removing.

So far my first choice against trojans is an av, that uses Kaspersky engine, unless someone is capable to justify really better choices.

"The truth is out there, but it hurts!"

Best Regards,
Firefighter!

 

Firefighter,

You talk a lot about statistics and proof in your posts. What proof or statistics do you have that Kaspersky is all you need?

If you say it's because Kaspersky caught something that something else didn't on my computer that's highly subjectible to a lot of different things and isn't really provable at all.

If one person's experience was proof then the free AVG would be all anyone needed because most AVG owners will tell you that it caught things that McAfee/Norton/Kaspersky/Nod didn't catch.

So where's the proof with test results/stats to back it up that Kaspersky is all you need?

 

KAV is a combined AV + AT and one of the better as tests show, but not always THE best.
As written in so many postings and answers here and everywhere all depends on various factors.
So also for the same reasons was advised various times not to rely on one single product in each class for viruses, worms, trojans, but at least the best in it's class (each separate preferly) and backed up (second opinion idea) by some other and doing online scans regularly as well.
Lots of fine programs are mentioned and described in the forums here, by people who know what they're talking about.

 

To Msingle from Firefighter!

I have said earlier in the Wilder's Forum that I can't use Kaspersky 4.0 as my resident, because I have a cellular phone modem connection to the web and KAV stops the connection all the time! That's why I have to use it as one of my backups.

My resident av is Avast 4 Pro and so far I am very pleased with it!

About Kaspersky as an antitrojan, it's only one choice among others, but I haven't seen an other av in independent tests that is better against trojans as KAV. That's the only reason, why!

"The truth is out there, but it hurts!"

Best Regards,
Firefighter!

 

Antirtojans are a waste of money and a fad.

Tauscan in particular is a terrible product - truly awful.

Check this link to see how bad it and the manufacturer are.

http://www.agnitum.com/forum/showthread.php?s=79c1baac9a70f8c0455f402e2a6b4ae1&postid=45372#post45372

Rather than update their database of trojans - they just lie, saying they have - shameful!

Stick with a good antivirus from a propper company. F-Secure is fantastic.

 

I fail to see why you think so, given the information you provided.

You mean it didn't work on your system. Others may be very happy with it.
Although I think there are better ones for my system as well.

That is a pretty serious accusation. I hope you realize that.
I feel you should have pursued that in the thread you referred to, if you really think that that's true.

I'm glad you found at least one product you trust.

Regards,

Pieter

 

I particularily don't think of AT's as a Fad, I mean I been involved with using one or another of them for over two (approaching three) years. But AV's are considered not necessary by some and Firewalls are thought to be useless to others. KAV is a fine product, but it scans only for some of the things that a dedicated AT scans for, thereby it is not covering the majority of new released or modified trojans which are out there. Whereas a good AT will at least alert you to make furthur inquiries if something is not right, if not detect the new trojan outright based on behaviors of the process.

 

To Jamming from Firefighter!

You wrote:"KAV... is not covering the MAJORITY of new released or modified trojans..."

Can you show some tests, where that kind of "truth" is available?

I have read plenty of tests, in PcFlank's, Claymania etc, where Kaspersky was at least the second all the time with at:s and av:s. For me that's enough.

"The truth is out there, but it hurts!"

Best Regards,
Firefighter!