Any good free trojan cleaners/detectors out there?

Discussion in 'other anti-trojan software' started by Slovak, Mar 9, 2004.

Thread Status:
Not open for further replies.
  1. Slovak

    Slovak Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    515
    Location:
    Medina, Ohio
  2. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    I'll run down on the free ATs I know of.

    1. Ewido. Never tried it. Might be good. They claim to have over 30,000 dynamic signatures. Here's the link http://www.ewido.net/en/

    2. a2. It's still under development. I haven't really tried this either. Here's the link http://www.emsisoft.com/en/software/free/
    This is the signatures from a2
    Trojans    19620
    Dialer    3129
    Worms    1524
    Viruses    0
    Spyware    9

    There's another one but not worth mentioning it.It's slow and unreliable. HTH
     
  3. Comp01

    Comp01 Registered Member

    Joined:
    Sep 4, 2003
    Posts:
    638
    Well, a2 free is probably the best one (I use it) in my opinion, some protection is better then none, plus a2 free ver2.0 is supposedly coming out later on? Which will include a background guard.
     
  4. peter.ewido

    peter.ewido former ewido team

    Joined:
    Nov 10, 2003
    Posts:
    737
    Location:
    Brno, Czech Republic
    @Comp01: have you ever tried ewido? i guess not :(
     
  5. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    Well if Ewido has over 30,000 dynamic signatures and a2 has only 24,282 signatures, looks like ewido might have the upper half. But I'm not sure if Ewido has over 30,000 signature.
     
  6. tobias

    tobias Registered Member

    Joined:
    Dec 14, 2003
    Posts:
    5
    yes, ewido has over 30k signatures....BUT:

    you can not just compare two scanners by the amount of signatures!

    what's about quality of signatures? or unpack engine?
     
  7. ShotgunGirl

    ShotgunGirl Guest

    Tobias, certainly agree with your assessment of the need for quality. Have you tested the two products? If so, please share your compared results: un-packing, engine speed, etc.
    The jest of your statement leads one to believe that ewido is lacking in compare to A2 ?
    My question is not in bias since nither product is on my machines. Thanks
     
  8. tobias

    tobias Registered Member

    Joined:
    Dec 14, 2003
    Posts:
    5
    i see that...

    what is better...checksum or fuzzy signatures? generic unpacking or nothing?

    then i must say that i developed the engine for ewido security suite;) and then read again
     
  9. chameleon0

    chameleon0 Guest

    @tobias

    You know and I know that a2 (v.1) is currently no match for ewido security suite. But the average user does not. Isn't it interesting what marketing can do?

    I am wondering why ess has never been tested by a major German magazine like pcwelt or computerbild. Is it difficult to get tested by them?

    Moreover, I am wondering whether you have ever considered writing an article about signature quality/scan engine technology/static & dynamic unpacking for Virus Bulletin magazine or the like? I'm sure such article would be pretty interesting.
     
  10. ShotgunGirl

    ShotgunGirl Guest

    Tobias, thanks for your response. An my compliments for helping bring a freeware scanner to the community. It is sorely needed.
    Since you answered my question with a question which is no answer at all., please understand that in no way was a debate trying to be launched...mine was a sincere question. My use of Trogan Hunter and TDS meets my needs.
    Will wish you the very best in the future.. and leave this subject alone. Had downloaded ewido before seeing your response and erased it without testing the product after seeing your response. It may become the very best but I'll never use it.
     
  11. tobias

    tobias Registered Member

    Joined:
    Dec 14, 2003
    Posts:
    5
    sorry, these questions were meant as rethorical questions:

    if you want to have facts:

    it's a fact that unpacking is necessary
    it's a fact that signatures are better than checksums
    it's a fact that fuzzy signatures are better than normal signatures


    more facts:
    ewido has unpacking an fuzzy signatures
    TDS has text signatures but no file unpacking (but memory scan)

    a² has no unpacking and most detection is done by checksums
    trojan hunter has checksums and no real file unpacking (only some upx)
     
  12. chameleon0

    chameleon0 Guest

    " Had downloaded ewido before seeing your response and erased it without testing the product after seeing your response. It may become the very best but I'll never use it. "

    Sounds like a Trollish dialect to me ... Or is it just a misunderstanding?
     
  13. chameleon0

    chameleon0 Guest

    TDS uses MANY MANY text-based signatures + heuristics which makes it relatively difficult to circumvent the scanner. Moreover, TDS has a huge signature database and, therefore, detects many less-known trojans.

    Not only TDS but also TH has a memory scanner (even a resident mem scanner plus a module scanner both of which TDS has not). And moreover, Magnus claims that TH uses some fuzzy sigs. TH also seems to use additional sigs + advanced heuristics for some popular trojans.

    In summary, I believe that TDS and TH will be a more difficult match for ess.
     
  14. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    Sorry if I'm out of line here but this person asked about free ATs not ATs you have to pay for.
     
  15. chameleon0

    chameleon0 Guest

    @notageek

    That's correct. ESS is probably the best free AT scanner which is available at the moment.

    (My last post merely added a few more "facts". I cannot always _bash_ TDS and TH ;-)
     
  16. IceTech

    IceTech Registered Member

    Joined:
    Mar 8, 2004
    Posts:
    10
    Location:
    I AM CANADIAN!
    ;) Sounds like Ewido can bat in the big leagues with the big boys! It's about time someone sponsored another freeware AT. Relative merits or demerits are not the issue here. The primary question has been answered with a resounding yes.

    It's good to see a new player. I will give him a try-out. :)
     
  17. ShotgunGirl

    ShotgunGirl Guest

    Chameleon0, your following comment was totally un-called for:

    " Sounds like a Trollish dialect to me ... Or is it just a misunderstanding"

    Tobias is an obviously highly experienced person whom I have no reason to doubt so why waste my time testing a product he helped make and test? My satisfaction with TDS and Trogan Hunter leaves me with no desire to purchase other products. SIMPLE.
    Guests are allowed to post at this forum an we are both guests an as such my intentions are to be respectful to everyone here, friendly and civil to the best of my abilty. You will not see me name-calling anyone ever.
    Am not a newbes. Can think independently. An ask questions accordingly. My quest to seek better products is an open-minded approach.
    There are real people behind computer screens an its not my place to judge anyone's reasons or motives. Such behavior can result in flame wars that disrupt forums, waste time and take away from the intent of seeking information in a pleasent enviorment
    There was a time when no form of explanation would have been offered but its a beautiful day and my mood is exceptionally pleasent.
    An may you also have a wonderful day
     
  18. ShotgunGirl

    ShotgunGirl Guest

    Chameleon0

    On second thought have decided to leave the forum entirely. There is no time in my day for slanderous name calling by others
    As a decent person you still are given my very best wishes.
     
  19. chameleon0

    chameleon0 Guest

    @ShotgunGirl

    It's great that you clarified this one. I also wish you happy day.
     
  20. chameleon0

    chameleon0 Guest

    @ShotgunGirl

    Aren't you overreacting a little bit? Please take into account my above reply and also the fact that I am just a guest (not a moderator or something like this).
     
  21. Slovak

    Slovak Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    515
    Location:
    Medina, Ohio
    Darn, I ask for info on a free anti-trojan software, and get a war started instead o_O Not exactly what I asked for, or intended to get as replies. So what is ESS as the one person replied? The Ewido one?
     
  22. peter.ewido

    peter.ewido former ewido team

    Joined:
    Nov 10, 2003
    Posts:
    737
    Location:
    Brno, Czech Republic
    yes, ess = ewido security suite
     
  23. zorrozorrito

    zorrozorrito Guest

    I have used EWIDO and a2, in this moment only EWIDO found two trojans: Trojan.Win32.Fudor and Backdoor Clandestine. I think EWIDO is very good, because I have a free program, ON TOP, that includes this trojan and I have used many antitrojan softwares that never detected these two trojans. All I can say is that the two antitrojan mentioned are free, so that let's use them!!! :D
     
  24. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Ladies and gents,

    There's no need in any way to turn a discussion into a flame war - please respect different opinions. We wouldn't like to see this thread closed because of this discussion turning into something that even comes near to a flame war, but if it comes to that, we'll have no choice.

    Back on subject:

    Having tested Ewido briefly, as well as looking at the techniques used, it's for sure a very promising software indeed.

    Tobias,

    Looking forward to some licenses as soon as the on-freeware versions will be released ;)

    regards.

    paul
     
  25. Slovak

    Slovak Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    515
    Location:
    Medina, Ohio
    Thanks for all the replies, I am trying ESS out now, I just can't afford TDS-3 at this moment, but have used it for the trial period and will eventually end up purchasing it.
     
Thread Status:
Not open for further replies.