ADinf Comments?

Discussion in 'other anti-virus software' started by JimIT, Jun 3, 2003.

Thread Status:
Not open for further replies.
  1. JimIT

    JimIT Registered Member

    Joined:
    Jan 22, 2003
    Posts:
    1,035
    Location:
    Denton, Texas
    I'd like comments about this software:

    www.adinf.com

    If anyone has experience with it/testimonials/usefulness, I'd appreciate feedback.

    Thanks!
     
  2. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    I did a search to discover which Topic would be most appropriate for asking a question about File Integrity Checkers {FIC}. Lo & behold, I found this old post which was done by JimIT (blimee!) waaaay back in 2003 anno Domini. Amazingly, it never drew a reply.

    AFAIK FanJ, Technodrome, & JVMorris (is he still around?) are the *resident experts* on FIC in general, & Adinf in particular. Although I am far from being an expert, I thought it might be best to resuscitate this thread rather than start a new one.

    I DO have a couple of questions that have been badgering me for quite some time. I am hopeful that bumping this thread back to life will bring about answers, not only to my questions, but to JimIT's question, as well.

    First off, here's a bit of GENERAL background about FIC...
    Some Firewalls (Outpost, for example) maintain checksum-type integrity checks of some of the various applications you run.

    For home users, the FIC programs I know of are AdInf (~$25 -- by the DrWeb follks), Sentinel ($10 by Runtime -- the programer thereof visits Wilders from time to time), & Fingerprint (a freebie). Also, NIS Filecheck is a *golden oldie* with a long & glorious history here at Wilders. FanJ is a knowledgeable & vigorous proponent thereof.

    Okay, here are THREE questions...

    _/JimIT wants to know more about AdInf. Since he asked for that info nearly 2 years ago, he probably already has his answer. Even so, I hope someone else will add to the knowledge of all of us concerning AdInf -- the Russian perfecto.

    _/I solicit comments & suggestions as to WHICH file extensions should be guarded by an FIC. Concerning which, here is my present list of extensions that my FIC is guarding: bat bin drv lib pgm xlw ocx dll ini dos pif scr sys com exe vxd. If you think I should add or delete something from this list PLEASE let me know.

    _/I further solicit opinions as to whether you think Process Guard, Prevx, etc. make it unnecessary to run an FIC.

    I do hope that this thread doesn't return to oblivion for yet another 2 years. If so, by then BG & M$ will no doubt have totally eliminated malware, & Wilders will have become a forum for discussing plant propagation.*puppy*
     
  3. JBB

    JBB Registered Member

    Joined:
    Sep 9, 2004
    Posts:
    51
    Bellgamin,

    I was wondering have you (or anyone else) tried a program I recently came across called XIntegrity 1.6 ? I have not tried yet.
     
  4. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    I haven't tried it, but Xintegrity 1.6 is definitely an industrial-strength FIC, & looks like a good one. It ought to be, since the price is ~$47 USD. Claims...
    Sounds VERY promising. Let's hope someone here has trialed it & is good enough to share their opinion thereof.
     
    Last edited: May 18, 2005
  5. JBB

    JBB Registered Member

    Joined:
    Sep 9, 2004
    Posts:
    51
    I. -- Some basic questions about Fingerprint software:

    1) Does it maintain a database? (I would assum that it would, but just thought I'd doublecheck by asking you this.)

    2) Will it detect both the Addition and Deletion of "Files", since the last scan check?

    3) Will it detect both the Addition and Deletion of "Folders/Subdirectories" added, since the last scan check?

    4) Does it work on Win 98 PC's ?

    5) Does it have its own scheduler for scheduling scans or does it use the Win98 task scheduler?

    6) Do the scans run in the background with effecting performance on the PC too much?

    7) I there an option to scan upon boot-up of windows?

    :cool: Does it have both a GUI and command-line interface?


    II. -- Have you heard of and what do you think of 'Integrity Master", by Stiller Research?

    III. -- In terms of ADinf32, why is it that I do not find it listed on any of the common download sites like Cnet's download.com, pcworld.com, zdnet, etc. o_O
    --- Do you know whether it can be bought in the U.S. and if anyone has purchased it and been satisifed with it and its support?
     
  6. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Yes

    Yes

    No. However, if a folder appears or disappears, & IF such folder contained a guarded file extension, then you will get notified about the file (not the folder). On the other hand, AdInf DOES report any & all such details.

    Yes

    Has own scheduler.

    Unless your computer is a real wimp, there should be very little degradation of its performance by Fingerprint's background scan.

    You can schedule any desired profile to be scanned under several optional times or occurrences -- including at start-up.

    GUI only

    Heard of it. Never tried it.

    AdInf can be purchased from its website HERE. They use ShareIt (part of the well-known element5 outfit) for credit card sales. There are several AdInf users here at Wilders. Try a PM to Technodrome and FanJ -- both of them are very knowledgeable.

    AdInf is a product of DrWeb's outfit (Dialogue Science) and is VERY much *industrial strength*. It fully interfaces with DrWeb, and also with McAfee & a couple of other AVs. That is, AdInf can be set to *command* DrWeb as to when & what to scan. Thus, AdInf can be used so that on-demand scans by your AV are done only when/where needed (if you wish).

    As to why AdInf doesn't list themselves with outfits like Cnet -- your guess is as good as mine. I *think* it's because they take little interest in learning about (or kow-towing to) *big name outfits* in USA. Neither does DrWeb. Neither do many other well-known, overseas malware outfits.
     
    Last edited: May 20, 2005
  7. FanJ

    FanJ Guest

    Hi Bellgamin,

    A more general thread about ADinf32 will soon be up.

    Cheers, Jan.
     
  8. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    ...and thanks Jan for doing a ver nice job!

    All interested, please have a look at this extensive review.

    regards,

    paul
     
  9. JBB

    JBB Registered Member

    Joined:
    Sep 9, 2004
    Posts:
    51
    Bellgamin,

    Found out that XIntegrity 1.6 (which works also with Win 98 ) does not detect new and deleted files (only detects changes to existing files). You have to get XIntegrity Professional to get the additional feature of detecting new and deleted files. However, XIntegrity Professional will not work on Win 98. So this is an issue for me, since I use a Win 98 PC.

    It's too bad, it looked like it was going to be a very good solution for a FIC on a Win 98 PC. I liked the fact that it would make backup of files that could optionally be used to restore the changed file back to its prior image before the chnage.

    However, for me its useless on a Win98 PC, since I need to also know about new files created and deleted files between scans. I just can't understand the reasoning behind this feature limitation in the XIntegrity 1.6 product!
    Really frustrating!
     
  10. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Have you checked out FanJ's description of AdInf? It's grrrreat!

    As to the fact that Xintegrity can backup files -- that feature sounded good to me, also, at first. Then I remembered what my Uncle George taught me when I was knee-high to a jack rabbit. To wit, he said: "When you go to a restaurant specializing in steaks, don't order fried chicken."

    POINT IS: there are specialized FIC's & there are specialized back-up programs. Generally, a specialized back-up program should do a better job at backing up (faster, better compression, more options, etc.) than an Integrity Checker will do.

    In my case (also on the recommendation of FanJ, as I recall) I have for a looong time used a superb backer-upper called ERS. It has saved my glutes many many times. Works great on Win98, too. Give it a trial. It's like the tar baby in B'rer Rabbit -- once you grab hold of it, you won't be able to let it go. :cool:
     
  11. FanJ

    FanJ Guest

    I really apologize that I left you all so long waiting !

    But finally it is here:
    https://www.wilderssecurity.com/showthread.php?t=72131

    Hi,
    I find it a little bit difficult to answer because I myself use two (in fact three) file-integrity-checkers:
    1. NISFileCheck
    For its great info and strong HASH algorithm.
    2. ADinf32 Pro
    For its checking of all files !
    3. CRC32 check in TDS-3
    For quick checking of several files.

    Some more about this:
    As with all my scanners (AV/AT/etc) I want at least two that do the job more or less (of course no two AV's resident at the same time, but I can use both BOClean and TDS-3 resident if I choose so).
    I like both the info from NISFileCheck and ADinf32.
    But I like the info from NISFileCheck sometimes more because for example it gives in one view the checksums (old and new), size etc.
    As for file-types:
    I let NISFileCheck check for at least : exe dll ocx vxd sys bat com.
    And I have added manually lots of more files.
    Bellgamin posted several good suggestions (!!) for other file-types.
    Probably I myself would have added several of them too, but I have choosen not to do so because ADinf32 already checks all files.
    It's all a personal choice.

    Even more difficult to answer for me.
    I feel that I am not the right person to do so, simply because I cannot run for example ProcessGuard on my W98SE system.
    A few things however I think I could say:
    ProcessGuard is an extremely good security program.
    There is a difference between ProcessGuard and most file-integrity-checkers:
    ProcessGuard works pro-active and most file-integrity-checkers not.
    That is a very important difference !!!
    If I myself would have a system on which I could run ProcessGuard, I definitely would do so.
    But even then I myself would use file-integrity-checkers, simply because I want to know what is happening on my system with respect to files.
    Again, it's all a personal choice (just like adding a registry-integrity-checker in the mix ;)).


    =====

    Something different:

    We talked about ADinf32.
    An alternative could be Inspector which comes with KAV Personal Pro.


    =====

    Thanks Bellgamin !!! :D


    =====

    Thanks Paul !!! :D
     
    Last edited by a moderator: May 22, 2005
  12. JBB

    JBB Registered Member

    Joined:
    Sep 9, 2004
    Posts:
    51
    Bellgamin,

    1) How does LAN64 (used with adinf32) compare with MD5 and SHA ? .. In terms of strength and speed of execution?

    2) In terms of Fingerprint does it work on and desgined to work on Win XP also?

    3) What is the web site for the Fingerprint software?
     
    Last edited: May 22, 2005
  13. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    MD5 is an alogrithm that uses the binary bits of a given file (call it File A) in order to calculate a *value* such that it is a mathematical near-impossibility that ANY other file (such as File B) could yield an identical value -- unless File B were, itself, identical to File A in every respect, down to the bit-by-bit level.
    Notice that forgery/collision is extremely difficult -- NOT impossible.

    There are algorithms that are even HARDER to forge than MD5. SHA-1 is a bit harder than MD5. LAN64 is even harder than SHA-1. And there are algorithms that go well beyond both of these in terms of hardness. With each additional level of hardness, however, comes added cpu time to calculate. For the average home user who doesn't have things like secret Swiss bank accounts, criminal connections, or other disgustingly nasty things to hide, MD5 is more than adequate.

    Yes

    Go HERE then scroll down to Fingerprint.
     
    Last edited: May 23, 2005
  14. diginsight

    diginsight Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    225
    Location:
    Netherlands
    I visited the Xintegrity site, but there's no comparison chart between the regular and pro version. I also don't understand their pricing. The Pro version is UK Pound 95 and the regular version UK Pound 24.95, although some download sites list it for $ 24.95. Support is only available via e-mail.

    I could locate only one review which wasn't very promising:
    "Didn't work for me..." - [snipped] [March 1, 2005] Product Rating: 1/5
    For some reason, the software would hang execution part-way through adding files to it's database. Not a good sign...
     
  15. JBB

    JBB Registered Member

    Joined:
    Sep 9, 2004
    Posts:
    51
    Bellgamin,

    I have just one last question, before trying the "FingerPrint" pgm:

    1) In addition, to adding specific extensions to scan for,
    ..... Can you also add a full specific file (or filename) to scan for in a specific directoryo_O
     
  16. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    In a word, YES.

    In the screenshot below, please note that:
    1- You set up a given scan by directory -- at any directory level you desire.
    2- You can check or uncheck the block as to whether to include subdirectories & files within the chosen directory.
    3- You can specify files extensions to be included or excluded
    4- Not shown, but also available for configuration is the ability to specify, one-by-one, the sub-folders & files to be included or excluded within the directory.

    In other words, you have almost unlimited ability to configure scans, establish groups of scans, modify scans, delete scans etc etc etc.

    By the way, there are several other screens in Fingerprint but I haven't shown them all since this is after all an AdInf thread. I'm gratified that the Mods have been generous in cutting us some slack in this area.
     

    Attached Files:

  17. JBB

    JBB Registered Member

    Joined:
    Sep 9, 2004
    Posts:
    51
    Well I downloaded and tried FingerPrint, but I am having the following problem the below problem using FingerPrint v2.1.3, on a Win 98se PC.


    Problem:
    I can't create a Group Profile because when the Group Profile Screen is displayed on my Win 98 PC, it is missing the 3 buttons on the bottom of the screen for OK, Cancel and Schedule. Since, there is no menu bar on this screen, I can't even click a menu choice for OK.

    -- Are you using Vers 2.1.3 of FingerPrint on a Win98 SE PC?. .... If yes, did you ever encounter this problemo_O


    Also strange is the fact that ......
    According to screen in help documentation there should be buttons on the bottom of the Main screen (i.e. Run, etc.), but when using Fingerprint on my Win98 pc, I have no such buttons on the bottom of the main screen. Instead I have to go to the menu bar and choose Action, 'Run" to run a profile.
     
Thread Status:
Not open for further replies.