Discussion in 'other anti-trojan software' started by hollywoodpc, Mar 28, 2005.
Which does the best job in realtime and on-demand scanning ?
I have all A2, Ewido, and BOClean running in real-time along with Giant AS (just for fun), but nothing so far has ever gotten past Kaspersky 4.5 and ProcessGuard 3.0 (paid). I would suspect the chances of an trojan getting through have decreased even further with RegDefend up and running. Ewido has detected some cookies in on-demand scans. The only thing I can say, that I have noticed, is that BOClean's CPU usage does spike as does Ewido's. This issue has been discussed as a problem related to running BOClean alongside ProcessGuard. Ewido also spikes - maybe for the same reason. A2 does not appear to exhibit this problem. But the spikes are not significant enough to interfere with my use of the system.
If I was to recommend one, I would probably recommend Ewido because it has actually found a cookie now and then but I like the support from the other companies. So as far as I am concerned it is a coin flip. I would recommend getting ProcessGuard and some registry defense (e.g., RegDefend) in addition to any AT that you may purchase.
RD is too early on . No way I will purchase yet . I am well covered . I appreciate you trying to help but , my signature shows what I use . I only wanted to know between Ewido paid and A2 paid . Not KAV or any other . I have used both Ewido and A2 . Just want some info on which is stronger than the other . Thank you for trying though .
I am trialling a2 and their ids is not so bad, but still Ewido finds everyhting nod32 misses, no sign of a2 on my machine...
they are working on version 4 (Ewido) and it sure will be another product we know at the moment ... Can't wait ...
Slightly old links, as older versions were tested, but still worth reading;
I have both on my machine, but at this moment I prefer ewido.
ewido release more updates daily, more easy to use, they grow quickly and very well, and like Infinity said, the new version will be wonderful
Thank you guys . Very helpful !
Well, and a² doesn't need the updates. So where is the diffrence?
give me a break Andreas, as long as it isn't tested by unbiased testers this statement is kinda useless isn't it?
/edit: your product is getting better and better though, ids looks promising...
Test it yourself .
In fact finding a tester willing to test HIDS/HIPS is quite difficult cause the system has to be as real as possible - otherwise malicious code won't act malicious anymore.
But we asked Andreas Marx recently to do a test and we encouraged the anti-trojan-software-reviews.com guys to retest all previously tested products as they did before .
I am looking forward to it, I have been throwing Malware on my second system and the fact that Ewido cleanes it first, wasn't a surprise...it is because the active memory scanner a2 misses at this moment right, I think I read it somewhere here on Wilders...
I'll remove this evening Ewido and test A2 solely on that machine...and I'll throw some baddies at a2, no prbs...I'll post my results here with some screenies.
Memory scan is implemented but only a few signatures are out. In fact I doubt that we will release many memory signatures in the near future cause memory scan is no longer reliable. There are at least 2 packers/crypters out there that are able to hide backdoors from memory scanners. Feel free to test one of that crypters on your own. I will send you the link to it by pm on request.
If you want to test the IDS/IPS feature be aware the fact that your testing system has to be as real as possible .
Just an example:
If you don't have a running DNS server (or at least a well configured host file) a trojan downloader might be unable to resolve domain names and won't download a file. What is a trojan downloader that doesn't download files? - Non malicious software.
Same applies to worms and email accounts. Many worms try to read the smtp server settings from your local email settings. If you don't have such settings some worms won't spread. What is a worm that doesn't spread? Well it might be notepad or mspaint - but defnitly not a worm .
There are many things to take care about .
Thanx Andreas and don't worry, I have a huge host and would love to test it out!!
Yes, but I'm not only refering to this, and it's not true that a² doesn't need the updates...
I'm waiting for the final version (2.0) to take some real conclusion
Do you have some ideia where the v2.0 will be finished?
Moreover, I have a very good impression of a² Personal and have a license of it
3-6 months after TDS-4 is released..............in 2006-2008.....
Come on - we aren't that slow. Lets say in 2005 - 2007 .
You are 1 year behind, but you are making a very good work...
I use A2 for scanning i love it..found a few on my pc 4months ago.
Separate names with a comma.