Discussion in 'other anti-trojan software' started by Slovak, Mar 9, 2004.
I'll run down on the free ATs I know of.
1. Ewido. Never tried it. Might be good. They claim to have over 30,000 dynamic signatures. Here's the link http://www.ewido.net/en/
2. a2. It's still under development. I haven't really tried this either. Here's the link http://www.emsisoft.com/en/software/free/
This is the signatures from a2
There's another one but not worth mentioning it.It's slow and unreliable. HTH
Well, a2 free is probably the best one (I use it) in my opinion, some protection is better then none, plus a2 free ver2.0 is supposedly coming out later on? Which will include a background guard.
@Comp01: have you ever tried ewido? i guess not
Well if Ewido has over 30,000 dynamic signatures and a2 has only 24,282 signatures, looks like ewido might have the upper half. But I'm not sure if Ewido has over 30,000 signature.
yes, ewido has over 30k signatures....BUT:
you can not just compare two scanners by the amount of signatures!
what's about quality of signatures? or unpack engine?
Tobias, certainly agree with your assessment of the need for quality. Have you tested the two products? If so, please share your compared results: un-packing, engine speed, etc.
The jest of your statement leads one to believe that ewido is lacking in compare to A2 ?
My question is not in bias since nither product is on my machines. Thanks
i see that...
what is better...checksum or fuzzy signatures? generic unpacking or nothing?
then i must say that i developed the engine for ewido security suite and then read again
You know and I know that a2 (v.1) is currently no match for ewido security suite. But the average user does not. Isn't it interesting what marketing can do?
I am wondering why ess has never been tested by a major German magazine like pcwelt or computerbild. Is it difficult to get tested by them?
Moreover, I am wondering whether you have ever considered writing an article about signature quality/scan engine technology/static & dynamic unpacking for Virus Bulletin magazine or the like? I'm sure such article would be pretty interesting.
Tobias, thanks for your response. An my compliments for helping bring a freeware scanner to the community. It is sorely needed.
Since you answered my question with a question which is no answer at all., please understand that in no way was a debate trying to be launched...mine was a sincere question. My use of Trogan Hunter and TDS meets my needs.
Will wish you the very best in the future.. and leave this subject alone. Had downloaded ewido before seeing your response and erased it without testing the product after seeing your response. It may become the very best but I'll never use it.
sorry, these questions were meant as rethorical questions:
if you want to have facts:
it's a fact that unpacking is necessary
it's a fact that signatures are better than checksums
it's a fact that fuzzy signatures are better than normal signatures
ewido has unpacking an fuzzy signatures
TDS has text signatures but no file unpacking (but memory scan)
a² has no unpacking and most detection is done by checksums
trojan hunter has checksums and no real file unpacking (only some upx)
" Had downloaded ewido before seeing your response and erased it without testing the product after seeing your response. It may become the very best but I'll never use it. "
Sounds like a Trollish dialect to me ... Or is it just a misunderstanding?
TDS uses MANY MANY text-based signatures + heuristics which makes it relatively difficult to circumvent the scanner. Moreover, TDS has a huge signature database and, therefore, detects many less-known trojans.
Not only TDS but also TH has a memory scanner (even a resident mem scanner plus a module scanner both of which TDS has not). And moreover, Magnus claims that TH uses some fuzzy sigs. TH also seems to use additional sigs + advanced heuristics for some popular trojans.
In summary, I believe that TDS and TH will be a more difficult match for ess.
Sorry if I'm out of line here but this person asked about free ATs not ATs you have to pay for.
That's correct. ESS is probably the best free AT scanner which is available at the moment.
(My last post merely added a few more "facts". I cannot always _bash_ TDS and TH ;-)
Sounds like Ewido can bat in the big leagues with the big boys! It's about time someone sponsored another freeware AT. Relative merits or demerits are not the issue here. The primary question has been answered with a resounding yes.
It's good to see a new player. I will give him a try-out.
Chameleon0, your following comment was totally un-called for:
" Sounds like a Trollish dialect to me ... Or is it just a misunderstanding"
Tobias is an obviously highly experienced person whom I have no reason to doubt so why waste my time testing a product he helped make and test? My satisfaction with TDS and Trogan Hunter leaves me with no desire to purchase other products. SIMPLE.
Guests are allowed to post at this forum an we are both guests an as such my intentions are to be respectful to everyone here, friendly and civil to the best of my abilty. You will not see me name-calling anyone ever.
Am not a newbes. Can think independently. An ask questions accordingly. My quest to seek better products is an open-minded approach.
There are real people behind computer screens an its not my place to judge anyone's reasons or motives. Such behavior can result in flame wars that disrupt forums, waste time and take away from the intent of seeking information in a pleasent enviorment
There was a time when no form of explanation would have been offered but its a beautiful day and my mood is exceptionally pleasent.
An may you also have a wonderful day
On second thought have decided to leave the forum entirely. There is no time in my day for slanderous name calling by others
As a decent person you still are given my very best wishes.
It's great that you clarified this one. I also wish you happy day.
Aren't you overreacting a little bit? Please take into account my above reply and also the fact that I am just a guest (not a moderator or something like this).
Darn, I ask for info on a free anti-trojan software, and get a war started instead Not exactly what I asked for, or intended to get as replies. So what is ESS as the one person replied? The Ewido one?
yes, ess = ewido security suite
I have used EWIDO and a2, in this moment only EWIDO found two trojans: Trojan.Win32.Fudor and Backdoor Clandestine. I think EWIDO is very good, because I have a free program, ON TOP, that includes this trojan and I have used many antitrojan softwares that never detected these two trojans. All I can say is that the two antitrojan mentioned are free, so that let's use them!!!
Ladies and gents,
There's no need in any way to turn a discussion into a flame war - please respect different opinions. We wouldn't like to see this thread closed because of this discussion turning into something that even comes near to a flame war, but if it comes to that, we'll have no choice.
Back on subject:
Having tested Ewido briefly, as well as looking at the techniques used, it's for sure a very promising software indeed.
Looking forward to some licenses as soon as the on-freeware versions will be released
Thanks for all the replies, I am trying ESS out now, I just can't afford TDS-3 at this moment, but have used it for the trial period and will eventually end up purchasing it.
Separate names with a comma.