Best anti-trojan software against Zeuss?

Discussion in 'other anti-trojan software' started by taytong888, Oct 12, 2009.

Thread Status:
Not open for further replies.
  1. taytong888

    taytong888 Registered Member

    Joined:
    Mar 26, 2006
    Posts:
    138
    Hello,

    What is the best anti-trojan software against the current nastiest trojan called Zeuss? I don't see Zeuss listed in SuperAntispy.

    Thanks in advance.

    :cool:
     
  2. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,907
    Location:
    U.S.A.
  3. Habakuck

    Habakuck Registered Member

    Joined:
    May 24, 2009
    Posts:
    544
    Try PrevX 3.0.5 + SafeOnline !
     
  4. emsisoft

    emsisoft Security Expert

    Joined:
    Mar 12, 2004
    Posts:
    312
    Location:
    Nelson, New Zealand
  5. Edwin024

    Edwin024 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    1,000
    Sunbelt Counterspy removes it too.
     
  6. Dark Star 72

    Dark Star 72 Registered Member

    Joined:
    May 27, 2007
    Posts:
    703
    For how long has a-squared been able to detect it and also how good is it at cleaning it up.
     
  7. subhrobhandari

    subhrobhandari Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    708
    ESS blocks all Zeus files (checked from MDL) for me. :D
     
  8. Habakuck

    Habakuck Registered Member

    Joined:
    May 24, 2009
    Posts:
    544
    NO AV-Product is able to block all Zeuss variants!!
    There are new variants created every single day.
     
  9. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,028
    Location:
    Lloegyr
    F-Secure have some information on Zeus/Kneber on their site here.
     
  10. xorrior

    xorrior Registered Member

    Joined:
    Mar 22, 2010
    Posts:
    66
    zeus and torpig(both high-grade industrial rootkits) either come piggy-backed in on functional warez or come in through remotely exploitable shellcode exploits.

    You'll either let it run by using working warez, or it'll come in memory resident and drop binaries.

    The AV if it has real time protection will protect you cause it hooks read+write to your local file system and does heuristics on binaries or whatever file-type it's configured to. Even if it's through a software bug as soon as the files are 'dropped' they'll be detected.

    You're actually lucky cause zeuss uses a generic packer, so any updated av with a 'Guard'/real-time-protection that has at least some heuristics will detect it, most will do it after infection too. I use avira, their signatures are updated almost nightly and they have a good real time protector. The free version does all of this. I run it on a atom cpu board too and there is no apparent performance impact.

    PS: Zeuss is only dangerous when it's the private version, the ones noobs can get off public forums is garbage and any AV will detect it. The private one will get a updated packer stub and hide even from heuristics in a updated AV. With updated private malware this is where sandboxes and proper security policies come into play. All* current AVs are just signature scanners, good ones will dig in the binary some which is the 'heuristic' part. None protect against new malware code, or protect against DLL injection and memory residency.
     
    Last edited: Mar 22, 2010
  11. the mul

    the mul Registered Member

    Joined:
    Jul 31, 2003
    Posts:
    1,703
    Location:
    scotland
    This is the very reason I use shadow defender, I run my system in a virtual state, so if anying should try and run on my system or install, then it is only in virtual mode and not on my real time system.

    Shadow Defender runs your system in a virtual environment called 'Shadow Mode'. 'Shadow Mode' redirects each system change to a virtual environment with no change to your real environment. If you experience malicious activity or unwanted changes, perform a reboot to restore your system back to its original state, as if nothing happened.

    You cant get much easier than that.
     
  12. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    Agree, I use DefenseWall for same purpose.
     
  13. leofelix

    leofelix Registered Member

    Joined:
    Sep 6, 2009
    Posts:
    171
    Location:
    Italy
    Hi
    I use PREVX + SafeOnline (full)
    MalwareBytes' AntiMalware pro
    I have recently installed Shadow Defender (but I enter in Shadow Mode only when I want to test some software).

    Have you never heard of this free stand alone tool?

    http://www.novirusthanks.org/products/zeus-trojan-remover/

     
  14. simisg

    simisg Registered Member

    Joined:
    Nov 6, 2008
    Posts:
    410
    Location:
    Greece
    threafire blocks zeus variants
     
Thread Status:
Not open for further replies.