Best AT?

Discussion in 'other anti-trojan software' started by jg88swe, Aug 27, 2004.

Thread Status:
Not open for further replies.
  1. jg88swe

    jg88swe Registered Member

    Joined:
    Jul 1, 2004
    Posts:
    181
    Hey i wonder witch is the best Anti Trojan program?

    Some say Tauscan others say The Cleaner... I say Kaspersky or PestPatrol... what do you say?
    Please give me som test results ;)
     
  2. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
  3. dvk01

    dvk01 Global Moderator

    Joined:
    Oct 9, 2003
    Posts:
    3,131
    Location:
    Loughton, Essex. UK
    I say TDS3
     
  4. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    I am with DVK ~ TDS3 for a purely dedicated trojan proggy, hands down, but I also run Kaspersky with extended data bases, so get the best of both worlds. ;)

    One thing, Pest Patrol's false positives are currently a worry, although I think they do respond quickly. They certainly have improved over last couple years, but the trouble is, inexperienced people may automatically go ahead and delete all it finds.

    A lot of AV's are now trying to play catch-up with KAV and are adding more and more detection of trojans/malware to their databases. Symantec/McAfee for starters, but at least they are starting to recognise the need to.

    However, I shall stick with my 1/2 knockout combo of TDS/KAV. :)

    Cheers, TAS

    edit: forgot to add.

    http://www.anti-trojan-software-reviews.com/

    and

    http://www.spywarewarrior.com/uiuc/trojans/tr-tests.htm

    hmmm...same link above as Acadia, must be good....lol
     
  5. tazdevl

    tazdevl Registered Member

    Joined:
    May 17, 2004
    Posts:
    837
    Location:
    AZ, USA
    Wouldn't pay much attention to the second link given the fact that the test was conducted in February 2003. Needless to say, that's a couple product generations ago. I think it's safe to say that the products on the market have changed considerably.

    First link doesn't have some of the newer apps and it's tough to use the article as a reference point since it doesn't have the total picture.
     
  6. waynet

    waynet Registered Member

    Joined:
    Jul 8, 2004
    Posts:
    6
    Location:
    SOCAL
    I don't see too much discussion about it here, but I use Troj HunterV3.9. Being a relative novice in the computer security arena, I'm attracted to its ease of use and friendly GUI. I've read some reviews that put it in the same class as TDS3, others that rank it lower. Heard good things about BOClean, will check it out.
     
  7. 4A6F4A6F

    4A6F4A6F Registered Member

    Joined:
    Dec 23, 2003
    Posts:
    34
    You can also use the ewido suite, because it has a real unpacking engine, use strong signatures etc..not like other products which have no unpacking engine or can only unpack some upx files. Malware files packed with other pe packers like pecompact etc, the other scanners use just sigs for these packed files, but a hacker just use an other pack level..and violà the scanner is not able to unpack or detect the malware.
     
  8. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    1000% CORRECT, YOYO; That is why I allready put Ewido in the same league as Tds-3. actually if ewido had more utilities and a good forum, I don't see how it could not outperform all the rest mentioned above.
    I hope tds-4 will beat the hell out of all the rest but for now, I say ewido.
    It is a pitty that we don't see how many trojan signatures they cover. I actually had a hit of a tracking cookie. What if they have 30000 strong signatures of tracking cookies. what then?? I will wait for more transparancy regarding their database, but I realise just now their database could contain like 20000 trojans, , 3000 anti dialers, 30000 spyware, 200 keyloggers, and some worm signatures.
    that could be a realistic database for them, but then tds-3 detects more and at the moment of tds-4 with good unpackers, man, ewido had not a chance.

    just my two cents
     
  9. peter.ewido

    peter.ewido former ewido team

    Joined:
    Nov 10, 2003
    Posts:
    737
    Location:
    Brno, Czech Republic
    Most of the files in our database are backdoors, trojans, downloaders and so on... And strong signatures for tracking cookies? :) It's just a list of domain names ;)
     
  10. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    yes I know, it was a little joke but I see you get my point, good Fish. a question, when will the new ewido be released, with good resource usage and can you tell us please more regarding this?? I heard you were working on some real enhancements.
    Please convince me. really interested.

    Thanx
     
  11. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    I have tried out many of the AT and found the following:

    1) TDS-3 for me is the most trustworthy and complete. But what makes this product really invaluable is the support. They support team is right there when you need assistance in determining whether a trojan exists and if so, how to remove it. It is really the best support I have ever had from any software house. To put it mildly, together with RegProt and Wormguard, I think this package is a bargain.

    2) BOClean is a very nice resident only system that also has excellent support. It hasn't caught anything yet but it is updated frequently and gives some good piece of mind.

    3) TrojanHunter and TrojanGuard have found some things that others haven't. Very easy to run and I like having it around. Also very good support.

    4) Ewido has actually found some minor spyware that the others have missed. Plus it seems to have a very nice architecture. I purchased it because I think I would like to have this product for the long-term. It may replace some others that I am using. I have not had a chance to use their support yet.

    5) In addition to these, I am testing Snoopfree for anti-keylogger protection. It seems to be very good but I am hoping to hear from others on this forum who have a much better idea of how to analyze software.

    Of all of these, if you you are going to purchase only one, I would recommend TDS-3 and DiamondCS. I have personally had trouble with trojans in the past but since I purchased these products I no longer have any problems. GIven the time required to fix trojan problems vs. the money required to prevent them from coming in, I think the cost is well worth it for me.

    Rich
     
  12. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    nice personal review. you are correct about tds-3 still leader of the pack. still need some answers regarding ewido
     
  13. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    Hmmmm, I'm beginning to become intrigued with this Ewido. I wanted to purchase TDS for my pc and my wife's but the cost for two licenses was YIKES! I can download this baby for two pcs for free. All I want or need is the on-demand scanner since I've already got BoClean. I have also seen Ewido recommended in other groups. Thanks for all those who have mentioned this product. Any other information about Ewido other than what presently appears on their site?

    Thanks,
    Acadia
     
  14. NightHawk77

    NightHawk77 Guest

    No offense intended, but anyone who uses over three anti-trojans has got to be paranoid! I mean come on a good anti-virus plus one or two trojan scanners is more than enough for most people, (not including spyware scanners like Spybot, Ad-aware ect...) anything more just really seems like overkill and a waste of cash IMO.

    But i would go with TDS-3 as the best overall anti-trojan. I also really like Ewido and BoClean is very nice too.

    One other thing, Tassie_Devils and Tazdevl, are you guys related or what?
     
  15. Starrob

    Starrob Registered Member

    Joined:
    Apr 14, 2004
    Posts:
    493
    I am not a expert in these matters but from doing a lot of reading about anti-trojan technology I feel that right now the best pure scanner is Ewido simply because :

    1) The ability to scan DLL modules in memory,
    2) Use of strong signatures that are encrypted code-based signatures of at least 3 different code-sections per file. This allows them to dtect Trojans that have been patched.
    3) The memory scanner of the ewido security suite plus can deal with Silicon Realms copymem-II technology. (See http://scheinsicherheit.funpic.de/dll.htm to find out why this is important)
    4) They can already detect rootkits that are not running and working on technology to detect running rootkits. There is probably a race between DCS with TDS-4 and the Ewido Suite for who has this capability first.
    5) Generic crypter detection
    6) Generic binder dtection

    Ewido seems to me a serious player in the AT market. I don't think they are fooling around. I have not used their support for any problems but they do answer their email within a day or two.

    I think TDS-3 has the best tools and very good support. I think TDS-4 and Ewido will more likely than not be the top two scanners within 6 months to a year.

    BUT......I also think products such as Trojan Hunter and Boclean are not just sitting around watching these two programs getting better without doing anything. Both Trojan Hunter and Boclean will most likely have products out that will deal with DLL injecting Trojans and Rootkits also

    Right now Trojan Hunter has a new beta release out that is strenghtening some of their weaknesses.

    All four products mentioned will probably spend their time rotating around between positions 1 through 4 on which is "the best" and that decision will most likely depend on a person's needs at the time and which product has come out with the best "new and improved" product at any given point in time.

    At this point in time though it appears that Ewido and TDS-3 is slightly in the lead......at least to me that is. Others may have different needs.


    Starrob


    :D
     
  16. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    LOL>.... Nope... don't know that other guy... although he seems friendly enough. ;)

    Oh. I only use one AT... TDS

    Cheers, TAS

    edit: Although his avatar looks meaner.. :D :p
     
  17. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    I use BOCLEAN for the reason listed. To some these are just :cool: toys after they get their favorite product. If they are like me PC security just real fasinating. Really cool stuff. Very important cool stuff. If you want to stay on cutting edge hang out here and other security forums too. Cheers!
     
  18. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    We will be surprised with Ewido.


    and things are changing real fast and good.

    :D
     
  19. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Hi NightHawk,

    No offense taken.

    My computer and my son's computer have been burned a few times and too much time and data was lost. So I figure compared to what I spend on other things (like a night out on the town), the few dollars I spend on AT is well worth it, even if it is overkill. Each product has its strengths and has trapped problems that others have missed. So the overlap to me is not an issue because of the areas that they do not overlap. It is alot like going to the movies. A lot of it is the same, but I am willing to pay for the differences.

    Rich
     
Thread Status:
Not open for further replies.