Best anti-trojan software against Zeuss?

Hello,

What is the best anti-trojan software against the current nastiest trojan called Zeuss? I don't see Zeuss listed in SuperAntispy.

Thanks in advance.

 

Try PrevX 3.0.5 + SafeOnline !

 

a-squared Anti-Malware detects it.

Here is a detail analysis of the zeus trojan available:
http://www.anti-malware-blog.com/post/Zeus-Removal-Instructions.aspx

 

Sunbelt Counterspy removes it too.

 

For how long has a-squared been able to detect it and also how good is it at cleaning it up.

 

ESS blocks all Zeus files (checked from MDL) for me.

 

NO AV-Product is able to block all Zeuss variants!!
There are new variants created every single day.

 

F-Secure have some information on Zeus/Kneber on their site here.

 

zeus and torpig(both high-grade industrial rootkits) either come piggy-backed in on functional warez or come in through remotely exploitable shellcode exploits.

You'll either let it run by using working warez, or it'll come in memory resident and drop binaries.

The AV if it has real time protection will protect you cause it hooks read+write to your local file system and does heuristics on binaries or whatever file-type it's configured to. Even if it's through a software bug as soon as the files are 'dropped' they'll be detected.

You're actually lucky cause zeuss uses a generic packer, so any updated av with a 'Guard'/real-time-protection that has at least some heuristics will detect it, most will do it after infection too. I use avira, their signatures are updated almost nightly and they have a good real time protector. The free version does all of this. I run it on a atom cpu board too and there is no apparent performance impact.

PS: Zeuss is only dangerous when it's the private version, the ones noobs can get off public forums is garbage and any AV will detect it. The private one will get a updated packer stub and hide even from heuristics in a updated AV. With updated private malware this is where sandboxes and proper security policies come into play. All* current AVs are just signature scanners, good ones will dig in the binary some which is the 'heuristic' part. None protect against new malware code, or protect against DLL injection and memory residency.

 

This is the very reason I use shadow defender, I run my system in a virtual state, so if anying should try and run on my system or install, then it is only in virtual mode and not on my real time system.

Shadow Defender runs your system in a virtual environment called 'Shadow Mode'. 'Shadow Mode' redirects each system change to a virtual environment with no change to your real environment. If you experience malicious activity or unwanted changes, perform a reboot to restore your system back to its original state, as if nothing happened.

You cant get much easier than that.

 

Agree, I use DefenseWall for same purpose.

 

Hi
I use PREVX + SafeOnline (full)
MalwareBytes' AntiMalware pro
I have recently installed Shadow Defender (but I enter in Shadow Mode only when I want to test some software).

Have you never heard of this free stand alone tool?

http://www.novirusthanks.org/products/zeus-trojan-remover/

 

threafire blocks zeus variants