Re:Anti-Trojan discontinued (question from notageek)

Discussion in 'other anti-trojan software' started by notageek, Nov 17, 2003.

Thread Status:
Not open for further replies.
  1. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    I'm still trying to think if I ever tried this Anti trojan program (not a²). Was this Anti trojan that was discontinued the one that cost like 20 bucks or something like that? (notice trying to change the subject about if a² is going to be out or not) :)
     
  2. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    Hey Notageek.

    I'm not sure what the price was for Anti Trojan but if I remember correctly,the logo was a wooden horse.
    It looked a lot like rocking horses I remember from early childhood.
    It's a unique logo.
    I think that was the first anti trojan program that I ever downloaded.
     
  3. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
    Antivirus is not enough!

    Viruses are only half the story!


    Your PC may be virus-free, but you can still be infected with Trojans.


    Your door may be locked but your windows are wide open...


    ..more



    What are Trojan Horses?
    They are very dangerous! Trojans or often called backdoors are programs which will most be sent via email, instant-messengers or filesharing-tools. If you run a trojan file it will install itself on your computer to get run every time you boot up your machine. Trojans opens a port (channel) on your system which can be used by an attacker to connect to your computer. Trojans can enable almost everything for an attacker to do harmful things like viewing/modifying/deleting data, watching you when you are working or surfing the web, etc. Depending on the trojan there can be thousands of functions built in which can be remotely used by any attacker to spy you.


    ..more



    What is Anti-Trojan?
    Anti-Trojan 5.5 is a powerful trojan scanner and remover which detects more than 10000 different types of trojan horses. It uses three methods to find them. The first is the portscan which gives you information if there are open ports on your computer. The second one is the registry scan which searches through the system registry database for trojans. The third and the most important part is the disk scan. It scans your harddisks for dangerous trojan files and removes them safely.


    ..more



    Protect your system NOW! - $29.95 buys protection
     
  4. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
    Latest version:


    Anti-Trojan 5.5
    Build: 421

    Number of trojans in the signature-file:


    10557 Trojans


    Test it 14 days for free!



    And you know the rest of the story..as of sunday last ;)
     
  5. wizard

    wizard Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    818
    Location:
    Europe - Germany - Duesseldorf
    This is not quiet right. The Anti-Trojan guys also counted non-trojan files like clients or edit servers as a "trojan". So "real" figure is much less. But anyhow this is history now.

    wizard
     
  6. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
    :D So true..so true..but that is in fact what was publised on the site..with you and I knowing the numbers never do mean squat..they all do that and even now bitdefender is lowering the amount of bad boys they even care to address..

    http://www.bitdefender.com/knowledgebase/script_view_document.php?id=79&language=en


    In the past did you ever tell Anti-Trojan developer he had screwy numbers o_O? or did you just think it necessary now to place that wealth of info in the tombstone.

    :)
     
  7. Andreas Haak

    Andreas Haak Guest

    >This is not quiet right. The Anti-Trojan guys also counted non-trojan files like clients or edit
    >servers as a "trojan". So "real" figure is much less. But anyhow this is history now.

    And others count one and the same trojan in several states several times ;). So what do you try to say? :)

    @notageek:

    http://web.archive.org/web/20020821204654/www.anti-trojan.net/at.asp?l=en :)
     
  8. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    Thanks.

    Primrose are you a salesman for an AT company? ;)
    I don't feel the need for me to spend any money on an AT yet. I think McAfee and NOD will do good at getting what it can. :)

    Andreas that link was the A² web site. It takes me to this right here http://www.emsisoft.com/en/
     
  9. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
    Never happen notageek..they all have enough salesmen. ;)

    I am sure what you have with McAfee and NOD will do you just fine.
     
  10. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    I might buy an AT sometime. I think as soon as a trojan hits me I'll wake up and smell the coffee and buy one. ;)
     
  11. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
    All the AT and AV companies are doing a good job improving and updating their products..I think it will be a while until you have to worry about your surfing habits geting you into a situation you can not handle now. :)

    And if you have difficulity with the products you use now..you certainly know where to go to ask for help.
     
  12. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,048
    Location:
    SouthCentral PA
    I would much rather be hit by the most destructive virus than a Trojan. What’s the worst that a virus can do? Reformat your hard drive? No big deal, just restore a back up. (You all do regular complete backups, right?)

    What can a Trojan do on the other hand? Nothing. You can have one in your system for years and not know it, not a single file is destroyed. BUT, all the while, if it was put there by an Identity Thief, it can steal your social security number, credit card numbers, passwords, etc., in other words, someone else becomes you, and it can cost you thousands of dollars and take several years to regain your good credit. Until AV’s become truly competent at detecting Trojans I truly believe in the anti-Trojan software. Even a firewall and AV together, in my opinion, is not enough. Tis better to be safe than sorry. An ounce of prevention is worth a ton of cure. Etc, etc.

    Acadia
     
  13. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    This is true but how do you get trojans? Can you get them from looking at web pages?
     
  14. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Yes, via exploits in IE. One of the most recent patches stated "even if IE isnt used as the default browser"

    Or by exploits in the OS - as soon as DCOM became public, a certain trojan writer created a DCOM exploit GUI, so anyone could just put in an IP, and if vulnerable, upload their favourite trojan.

    Or by stupidity.. :) ok thats not nice.. by being social engineered, a trojan EXE is often renamed to .SCR and sent that way "look at my sexy screensaver"

    An undetected file binder could drop the trojans, a lot of AV's and even AT's arent detecting enough binders. There are literally hundreds out there, a binder stub is an extremely simple program - all it does is "drop" 2 or more bound executables and launch them. One is usually a legitimate app, the other is a trojan and is launched hidden with the SW_HIDE command. (PS only TDS-3 has generic binder detection, and detects hundreds of binders)
     
  15. Andreas Haak

    Andreas Haak Guest

    Cause noone else need it ;). Comprehensive on access scanner would detect the file drop :). But well ... hopefully this will change with TDS-4 :).

    And by the way:
    TDS-3 is not the only one detecting binders in a generic way :).
     

    Attached Files:

    • th.png
      th.png
      File size:
      29.2 KB
      Views:
      645
  16. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Joined:
    Jul 19, 2002
    Posts:
    1,533
    Location:
    Perth, Oz
    Andreas,
    That's great, we look forward to seeing this capability in your a2 scanner.
     
  17. dguest

    dguest Guest

    Many attackers do not use file binders/joiners anymore because this makes it more difficult to camouflage trojans: not only the trojan itself but also the binder must be made undetected.

    Instead they use commercial installers like Install Shield or Wise. Such installers are usually not detected as malware.

    A good on-demand file scanner like the one used by Kaspersky AV can "look through" installer files (i.e., it can scan the individual components of the installer package). Moreover, the AV's on-access file scanner will usually detect a known trojan which is installed (= copied to the hd by the binder or installer) before it can be started. The file scanner may not detect the trojan if it is compressed, crypted or otherwise modified. In such case, a memory scanner may help.

    There are still some less known ways to bypass an on-access file scanner. I will not disclose them in accordance with guideline no. 4 ;-)

    Moreover, I have a question: Taking into account that it is possible to install a trojan in a way that it is autostarted before the windows login takes place I wonder whether you are aware of any on-access file scanners which are autostarted after the windows login has taken place.
     
  18. Andreas Haak

    Andreas Haak Guest

    >There are still some less known ways to bypass an on-access file scanner. I will not disclose
    >them in accordance with guideline no. 4 ;-)

    3 ways come into my mind :). But well ... it depends on how intelligent the on access scanner is :).

    >Moreover, I have a question: Taking into account that it is possible to install a trojan in a way
    >that it is autostarted before the windows login takes place I wonder whether you are aware
    >of any on-access file scanners which are autostarted after the windows login has taken place.

    Well ... it depends on how the on access scanner is implemented. In case of KAV 3.x for example KAV will block the access to the file if no Guard GUI is found that could display an alert :).
     
  19. Andreas Haak

    Andreas Haak Guest

    Hhe scanner won't have this feature - but the guard has :).
     
  20. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Joined:
    Jul 19, 2002
    Posts:
    1,533
    Location:
    Perth, Oz
    Whatever. Anyway it sounds like you have a lot of work to do so we'll leave you to it, and we all look forward to testing your vulnerability-proof on-access scanner if it's ever released.
     
  21. illukka

    illukka Spyware Fighter

    Joined:
    Jun 23, 2003
    Posts:
    633
    Location:
    S.A.V.O
    looks and sounds like wayne & co are sharpening their teeth( fangs?)
     
  22. Andreas Haak

    Andreas Haak Guest

    I guess you have hallucinations that you read words that aren't wrote there :).
     
  23. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Joined:
    Jul 19, 2002
    Posts:
    1,533
    Location:
    Perth, Oz
    Illukka,
    No, we just have work to do.
     
  24. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    I'll still stick with my Av's I have now. ;) If I get a trojan than I'll spend the money on an AT. :)
     
  25. Andreas Haak

    Andreas Haak Guest

    Hmmm ... and how will you recognize if you are infected or not? ;)
     
Thread Status:
Not open for further replies.