Any Experience with A2 Anti-Trojan?

Discussion in 'other anti-trojan software' started by profhsg, Jun 16, 2004.

Thread Status:
Not open for further replies.
  1. profhsg

    profhsg Registered Member

    Joined:
    May 18, 2004
    Posts:
    145
    Have any of you had any experience with A2 antitrojan? The feature set seems interesting, but I'm wondering about how well it does its job of detecting and blocking trojans.

    Thanks in advance.
     
  2. killian_sh

    killian_sh Registered Member

    Joined:
    May 5, 2004
    Posts:
    26
    Location:
    Virginia
    I use a2 free so I don't have the real time scanner for blocking Trojans,but I'm really please with it's detecting abilities.
     
  3. 0pium_Dealer

    0pium_Dealer Registered Member

    Joined:
    Jun 20, 2004
    Posts:
    106
    I was infected with the pc-Invader trojan recently, a2 didn't spot it. Kept saying my PC's clean.

    Found the git using Spy Sweeper.... :) :)
     
  4. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    I use it, and it's very nice...

    The new version will be out soon... ;)
     
  5. anybody

    anybody Guest

    i use the free version. The AT is ok but the resource it consumes during scan is horrific and causes my NOD32, BOClean and ZAP and explorer to skyrocket in the resource usage and my laptop to crawl. This is very wierd. The resource usage reported by windows task manager could be wrong. When I open the nod32 gui screen, it slows like hell. But, task manager says it is using 30MB of memory. May be 29MB of virtual memory. This abnormality is very annoying and is caused only by running A2 in scan mode.
     
  6. Slovak

    Slovak Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    515
    Location:
    Medina, Ohio
    It isn't too bad, but if you're looking for a free one then I would suggest EWIDO over A2, does a much better job in my opinion, but it is only an on demand scanner. If you want real time continious protection, then get TDS3.
     
  7. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    my thoughts exactly, me too choosing ewido above a2. too much false positive fixes... you can view it yourself in the update section here in forum.
     
  8. MorrisAO

    MorrisAO Registered Member

    Joined:
    May 31, 2003
    Posts:
    14
    Location:
    Perth, Western Australia
    Slovak's suggestion of using TDS3 I will backup. I've been using it for years, and consider it the best AT available. But then again that's just my opinion :)
     
  9. o0--0o

    o0--0o Guest

    "If you want real-time protection, then get TDS-3"

    This is a strange recommendation. TDS-3 does not offer a good real-time protection but only execution protection (which is based on the TDS-3 file scanner, not the mem scanner). The lack of a full-fledged guard may be considered one of biggest weaknesses of TDS-3. That's why DCS is developing TDS-4 ActiveGuard.

    If you need something better than TDS-3's execution protection you should wait for TDS-4 or get BOClean (it does not have a full-fledged guard but its execution protection allows for mem scanning; with respect to DLLs it seems that only file scanning takes place), Trojan Hunter (its "guard" is similar to execution protection but also allows for memory scanning) or ewido plus (this is a real guard; the guard merely works as a file scanner (not as a mem scanner) but it features generic emulation and code-based signatures -- note: some problems still need to be fixed with respect to the speed of the guard).

    Moreover, it should be kept in mind that the real-time protection of an AT (unless it allows for memory scanning) is most likely inferior to Kaspersky's real-time protection. This is due to KAVs excellent static unpacking engine and its huge signature database. The only exception to this rule may be ewido since it uses several alternative, code-based signatures. (However, there are still some problems to be solved. For instance, the rebasing vulnerability has reappeared.)

    In summary, I would currently go for BOClean or Trojan Hunter if I needed real-time protection on top of Kaspersky's on-access scanner. Both ATs offer added value since their real-time protection scans the memory. (Unfortunately, the signature quality of both ATs is not the best yet.)
     
  10. Slovak

    Slovak Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    515
    Location:
    Medina, Ohio
    EWIDO just recently released their Pro version which offers real-time protection as well. I am using it currently and the only problem I have so far is with file monitoring set to active i get system slowdowns, so I have it disabled.
     
  11. erikguy

    erikguy Registered Member

    Joined:
    Jul 5, 2004
    Posts:
    236
    Location:
    Salem, OR
    A2 has a HUGE database of trojans compared to anything but TDS. And with the new version 2.0 coming up, more than TRIPLING it's signatures of not just trojans but malware too to 70,000 I think it's the definite "choice". I also think a2's approach to protection is much better (no disrespect to anyone that has posted here). What they call the "system firewall". It does not close or stealth ports like an internet firewall (I don't like internet firewalls because they interfere with internet applications, so I manually closed all ports on my computer) instead it watches the specific points where malware enters the system and thus prevents intrusions from all sorts of malware and not just trojans. I only have the free version of a2 so I don't know how well it's system firewall works but I currently use another one and I think it's great. And about the resource usage... You gotta expect some slow down, expecially for a really great scanner. Especially the really fast ones such as Spybot. For one, you benefit from high resource usage in that the scan ends quicker. Two, it's not like you'd be using your computer during an anti-virus/anti-trojan scan anyways. Another thing, I've heard people say that their Task Managers must be "wrong" or whatever but in reality it's not. People don't think to figure in disk usage. While the processor usage may only say 30% your hard disk usage may be going through the roof which would mean that if you tried to open a program or anything your hard drive would give you some priority over a scanning program but both would be slow until the program loaded into memory. And that's my two cents.
     
    Last edited: Aug 16, 2004
  12. 4A6F4A6F

    4A6F4A6F Registered Member

    Joined:
    Dec 23, 2003
    Posts:
    34
    but a²...
    - use very weak signatures
    - the memory scan is not really good (maybe this is not real mem scanner)
    - no unpacking engine
    - their system firewall or so is not ready (only a kind of beta)
     
  13. Rita

    Rita Infrequent Poster

    Joined:
    Jun 28, 2004
    Posts:
    6,863
    Location:
    wilds of wv
    hi anybody
    i like a2 also but it makes everything load at a crawl when i'm doing a scan also --so i try and do nothing else while i'm scanning
    rita
     
Thread Status:
Not open for further replies.