trojan test

Discussion in 'other anti-trojan software' started by jonnypop, Jun 17, 2005.

Thread Status:
Not open for further replies.
  1. jonnypop

    jonnypop Registered Member

    Joined:
    Jun 17, 2005
    Posts:
    16
    just wanted to thank everyone for the great info found here which helped me to pick out best virus/trojan software (kapersky,boclean,tds)

    I know it is only one sample, but the following pic is an (in the wild) test on jotti

    my own scan of the file is as follows

    tds - trojan
    trojanhunter - nothing found
    boclean - trojan (love that single file scan trick)
    ewido (free) - nothing found
     

    Attached Files:

    Last edited by a moderator: Jun 18, 2005
  2. -.-.-

    -.-.- Guest

    Did you execute the sample? (Otherwise the test is not valid.)
     
  3. Vikorr

    Vikorr Registered Member

    Joined:
    May 1, 2005
    Posts:
    662
    True, a number of AT tests show that most AT's total detection rate depends on a combination of both real time and file scanning.

    Ie what a AT may not pick up as a filescan it may pick up when the trojan is executed.
     
  4. peter.ewido

    peter.ewido former ewido team

    Joined:
    Nov 10, 2003
    Posts:
    737
    Location:
    Brno, Czech Republic
    It's not detected by ewido because it's a Wise Installer which we currently cannot unpack. Once executed the dropped trojan is detected without any problems. Also comparing free to paid versions is really fair... :rolleyes: :(
     

    Attached Files:

  5. JRCATES

    JRCATES Registered Member

    Joined:
    Apr 7, 2005
    Posts:
    1,203
    Location:
    USA
    What's the difference between the ewido free and pay as far as the detection rate/engine/etc. goes? I would think the pay offers real-time protection and automatic updates, but that the scanning engine and detection rate would still be the same for both......
     
  6. peter.ewido

    peter.ewido former ewido team

    Joined:
    Nov 10, 2003
    Posts:
    737
    Location:
    Brno, Czech Republic
    None... The difference is how the nasty gets detected. If the on demand scan fails (e.g. it fails when a trojan is hidden inside a setup like in this case) the guard catches it once it gets dropped and tries to start.
     
Thread Status:
Not open for further replies.