list of good anti-trojan software to have? is there one availible?

Discussion in 'other anti-trojan software' started by random, Aug 13, 2004.

Thread Status:
Not open for further replies.
  1. random

    random Guest

    does anyone have a good list of anti-trojan software that one should have installed?
     
  2. Etsnuffy

    Etsnuffy Registered Member

    Joined:
    May 12, 2004
    Posts:
    302
    Location:
    East Tennessee
    TDS-3, Boclean are two of most popular. TDS-3 has it's own sub forum on this site. There is also Trojan Hunter, Ewido and A Squared.
     
  3. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
  4. random

    random Guest

    is anti-trojan biased?

    i mean i'm not doubting what they do but i'm wondering if they get paid for listing the software
     
  5. random

    random Guest

    anti-trojans list of software looks pretty thin for an anti-trojan site and the review they gave for digital patrol makes me wonder the way they review software and pick them
     
  6. tazdevl

    tazdevl Registered Member

    Joined:
    May 17, 2004
    Posts:
    837
    Location:
    AZ, USA
    Well you could just go with Kaspersky AV. It has Trojan detection on par with most of the AT apps and protects you from viruses, worms, malware, riskware, dialers and a few other things I'm sure we don't even know about.

    Ewido seems to have great potential. www.ewido.net However it's still going through growing pains and I wouldn't recommend buying it just yet unless you enjoy paying full price for software that isn't quite there yet.

    A2, PestPatrol, Boclean, TDS3 are others that might be worth looking into.

    Rather than posting a general question like this, it's best to run a search because 99.99% of the time this topic has already been covered.
     
  7. tImEwArP

    tImEwArP Guest

    I wouldn't recommend Pest Patrol, the False positive king, to anyone, the others are ok. Also good to know, A2 & Ewido are free, the others will cost you a few bucks.
     
  8. gr49erluvr

    gr49erluvr Registered Member

    Joined:
    Jul 26, 2004
    Posts:
    13
    I have to agree with timewarp about pest patrol .To many false positives.
     
  9. o0--0o

    o0--0o Guest

    AFAIK, there are only four ATs which feature a real memory scanner. If an AT does not have a memory scanner it will most likely perform worse than Kaspersky or McAfee. Therefore, if you want to use a separate AT in addition to your AV you should check out:

    BOClean (process mem scan, apparently no DLL mem scan, resident guard)

    ewido security suite plus (process + DLL mem scan, resident guard does not support mem scanning)

    TDS-3 (process mem scan, heuristics, but no DLL mem scanner, quasi-resident guard does not support mem scanning)

    Trojan Hunter (process + DLL mem scan, resident guard)
     
  10. random

    random Guest

    guess those four are pretty goot anti trojan software

    they keep on popping up in everybodys mind :D
     
  11. tazdevl

    tazdevl Registered Member

    Joined:
    May 17, 2004
    Posts:
    837
    Location:
    AZ, USA
    I believe ewido plus has heuristics.
     
  12. o0--0o

    o0--0o Guest

    @tazdevil

    Why do you believe so?

    According to ewido ...

    " plus-version Realtime monitoring of the entire system with a guard working at kernel layer
    plus-version Memoryscan detects active threats
    plus-version Self-protection guarantees gapless monitoring
    plus-version Scan inside archives
    plus-version Secure detection and deletion of DLL-Trojans
    plus-version Generic Hijacker protection
    Automatic online-update
    Daily database updates
    Patch proof by using strong signatures
    Analysis tools (startup, connections and processes)
    Intelligent online-update
    Generic crypter detection through emulation
    Generic binder detection
    Free E-Mail-Support
    Automatic Cleanengine
    Quarantine for suspicious files"

    ... there are no heuristics in respect of Trojans. There is merely a generic hijacker protection. In addition, I have never seen ess plus generically detecting a trojan. Have you?


    Btw.: I am not a native speaker. Do say "there are no heuristics" or "there is no heuristics"? I am confused because it says heuristics and not heuristic. In Germany, we say Heuristik (singular). I would be grateful if someone could tell me how to properly use the English expression.
     
  13. tazdevl

    tazdevl Registered Member

    Joined:
    May 17, 2004
    Posts:
    837
    Location:
    AZ, USA
    I'm thinking back to the web page when they launched the free version a couple months ago... I specifically remember they had heuristic detection of trojans and malware on the list. Haven't seen the latest and greatest product page.

    Dunno maybe they were equating generic detection to heuristics. Other thing to consider is that ewido they might not have been able to implement all the features they had on that page and stay on schedule.

    Fish can speak more to this as he's from Ewido.

    "There are no heuristics" is the appropriate phrase if there is more than 1. "There is no heuristic" if it's singular.
     
  14. peter.ewido

    peter.ewido former ewido team

    Joined:
    Nov 10, 2003
    Posts:
    737
    Location:
    Brno, Czech Republic
    The current version hasn't got heuristic detection yet, but as soon as detection and speed is good enough and the guard stable/reworked, it'll be included.
     
  15. o0--0o

    o0--0o Guest

    1.
    I do not remember the old ewido webpage talking about heuristics. Moreover, I have never seen ewido generically detecting a trojan. Old free version was using approx. three cumulative signatures for detection. New version uses alternative signatures (which is much better). See here ( http://www.rokop-security.de/board/index.php?showtopic=4405 ) for a more detailed discussion in German.

    2.
    I believe that the future of AT software (if any) lies with generic detection of trojans. Microsoft claims that their future AV scanner will generically detect trojans. (For this reason they have acquired Pelican.)

    Generic detection of standard (non-reverse) trojans is not difficult. You can detect them because they open a port & listen, and do not create a visible window. It's really amazing that most AT software developers still rely upon a signature-based detection concept (the least sophisticated detection method you can possibly imagine).
     
  16. maddawgz

    maddawgz Registered Member

    Joined:
    Aug 13, 2004
    Posts:
    1,276
    Location:
    Earth
    do u think the memory processes in trojan hunter gaurd is fair??..i havnt got the gaurd on?? Also is it protected in Manual update ? regards maddawgz
     
  17. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    I am licenced to trojanhunter and tds but I cannot find the trojanhunter is good. the updates (except for last two weeks) are not frequent but the mem usage is outstanding. the guard is 5mb and scanning about 12mb.
    tds-3 is guard (not really a guard):13mb and scanning about 30mb.

    but tds-3 is much much better.
     
    Last edited: Aug 19, 2004
  18. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    in my opinion

    1=tds but only for the support (forum)and built in tools and database
    2=ewido for huge database and their on access scanner and type of signatures (fuzzy I believe which would be the best I guess)
    3=trojanhunter for memory use but not database as tds-3 or ewido
     
    Last edited: Aug 19, 2004
  19. se7engreen

    se7engreen Registered Member

    Joined:
    Feb 6, 2004
    Posts:
    369
    Location:
    USA
    I agree with that. I'm loving TDS-3 for the advanced options and the awesome (and relevent) tools included in the prog. But Ewido, in my experience, is incredible software. I never experienced any program bugs (I know others have), the interface is pleasing and very easy to use, and it just sits there and works effectively. In my mind, it's the only AT that can compete with TDS-3.
    Then again, I'm fairly new to the AT scene... :)
     
  20. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    I have one question. I was aware of people and hypes and tried not to let myself in to any of the hypes.

    now with ewido I am doubting myself I guess. is it still a hype or is it definately this good?

    I am surprised of their database but I was hoping one of these days this ewido (not the free one) was tested by a known tester, like rokop (this is rather old review there) I wonder how it would compete really with the rest of the pack.
     
  21. controler

    controler Guest

    Hi

    Yes TDS-3 and Bo-Clean both have the best support.
    I do love Kevins lengthy, personal and informative responces to my question.

    I also know Bo-Clean allows you to install on both your desktop and your laptop, TDS-3 doesn't and I don't know if Trojan Hunter does. Maybe someone could elaborate on this?

    I really wouldn't worry about DLL,rootkit,low level drivers right now since that and more is being taken care of as we speak.
    an on demand scanner adds bloat but since everybody thinks they need it, it is being added to most software now days.

    Bruce
     
  22. tazdevl

    tazdevl Registered Member

    Joined:
    May 17, 2004
    Posts:
    837
    Location:
    AZ, USA
    It was just relased a week or two ago. Give it time, I'd bet a couple reviews are in the works.

    TDS, BoClean, TH, PP have been on the market for a while and to be honest, I really haven't seen much in the way of credible reviews for any of them.

    You are right, it does need some credibility. I am glad they dropped the price though, until they're proven, can't charge the same as your competitors.
     
  23. Detox

    Detox Retired Moderator

    Joined:
    Feb 9, 2002
    Posts:
    8,507
    Location:
    Texas, USA
    Well, although I'm certainly no reviewer, and admittedly haven't used any of the other ATs discussed here, I really do find TDS3 to be more than I thoght I was paying for when I bought it. I have been able to scan the ports of friends in Europe with it and determine what trojan/s they have been infected by and then help them learn how to clean said trojans. Perhaps this is common among ATs; I really don't know - but it impressed me, along with TDS performance in all other areas (on my pc, anyway).
     
    Last edited: Aug 22, 2004
  24. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    Agree!

    You just have to try a few, see what suits your system, and it's you that has to be comfortable in using it. :D

    One thing, forget Pest Patrol... as tImEwArP said: King of FP's.

    TAS
     
  25. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    Creatures of the Wild,

    Warning: I am very opinionated about this one.

    BOCLEAN=Trojan Defense Period. I will edit this with a link from a University article when I locate it. Please stand by lol :D

    I understand your concerns this little baby (that WILDERS gives 5 stars too)has not had a lot of ad work on it, but I have used it for over two years email support was outstanding although I hear it has slower response time. I got 24 hour responses and problem was solved on WinME OS in which Norton AV and ZA had a conflict due to limited PC resources. We just slowed BOCLEAN down a few miliseconds. Never had a problem on XP OS on same computer.

    www.jmu.edu/computing/info-security/engineering/issues/boclean.shtml

    www.homearco.de/scheinsicherheit/boclean.htm

    I almost got PestPatrol instead but a it also came recomended by another user during a PestPatrol discussion.

    I have had various AV and two different firewalls on my machines but have never gone without BO. ;)
     
    Last edited: Aug 22, 2004
Thread Status:
Not open for further replies.