Using 2 anti-trojan programs with both guards enabled ?

Discussion in 'other anti-trojan software' started by Hard Rocker, May 8, 2005.

Thread Status:
Not open for further replies.
  1. Hard Rocker

    Hard Rocker Registered Member

    Joined:
    Jan 27, 2005
    Posts:
    258
    Location:
    Quebec, CANADA
    :D I am presently on my 3rd week of the trial version of Trojan Hunter and was going to purchase the software. However, I was provided with a 1 year licence to A2 Personal recently & I really like the program. I am presently running both A2 & Trojan Hunter with the guards enabled & have not noticed any issues as yet. Is this recommended ? I would still like to keep Trojan Hunter after the trial period. :doubt:
     
  2. FanJ

    FanJ Guest

    Hi,

    Slightly off-topic:
    While posting this I have BOClean and TDS-3 (with exec protection enabled), and NOD32, resident on my old W98SE box: no problem :)
    Frequently I scan my whole system with TDS-3; in that case I disable BOClean and any other scanner to give TDS-3 all the room it needs.

    I too have TH, which I use for on-demand scanning.
    I don't have A2 (I had Ants some years ago).
    I have to leave the specific question about those two both resident to others.
     
  3. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Hi,

    Sometimes I have BOClean and Ewido running in real-time and I have never had a problem. However, I have never had a situation where either has caught anything in real-time (KAV seems to catch everything), so I do not know what would happen if both alerted on the same trojan at the same time in real-time. Has anyone ever had this happen.

    I do know that it once happened to me with two registry tools and it was a mess since both were trying to "undo" the registry at the same time. Totally fried my registry (this was before I installed RegDefend which catches the program before anything is entered into the registry instead of undoing it).

    It would be interesting to hear of a real-life situation.

    Rich
     
  4. Hard Rocker

    Hard Rocker Registered Member

    Joined:
    Jan 27, 2005
    Posts:
    258
    Location:
    Quebec, CANADA
    :D Hi Rich,

    Previous to having the licenced personal version of A2, I was running the free A2 scanner & the full trial version of Trojan Hunter (manual updates). At that time no detections took place.

    Once the A2 Personal version was installed & licenced, the A2 Guard immediately alerted me to a malware .exe file within my Program Files\Common Files\AOL File. This malware was posing as part of my ISP (AOL) Program & nothing (not even Norton AV) had detected it previously. :mad:

    CounterSpy had detected a file called server.lock related to this malware in the same folder but was unable to delete it.

    It was only after speaking to a tech at AOL that I felt confident to delete this aoltpspd.exe file, as he assured me that it was NOT part of the AOL program. After this .exe file was deleted I was able to delete the above mentioned server.lock file as well.

    Needless to say I am VERY impressed with A2 !!! :D
     
  5. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Hi Hard Rocker,

    Sounds good. I will give A2 a try, but the last time I tried it out it didn't find anything. KAV is such a darn good program and coupled with ProcessGuard and RegDefend, nothing seems to get through any more. Today BitDefender's online scanner did detect two minor pieces of malware which are borderline spyware. But it was nice to see that BitDefender was tracking down stuff that KAV may have missed. Possibly they are a bit more aggressive than some of the other ATs. But I will give A2 a try again and see if it discovers anything.

    Thanks for the tip,
    Rich
     
  6. Hard Rocker

    Hard Rocker Registered Member

    Joined:
    Jan 27, 2005
    Posts:
    258
    Location:
    Quebec, CANADA
    :D Rich,

    I also have the BitDefender free scanner & like yourself with A2, it has not detected anything as yet. However, RegDefend sounds very interesting. Can you provide a reputable link ? I'm not familiar with this program. Is it a program that can mess up your registry if you aren't careful ? I do NOT have much experience in the registry department !! :oops:
     
  7. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,086
    Straight from the developer at http://www.ghostsecurity.com/index.php?page=regdefend

    It's worth becoming a member (it's free) because you get a discount (15% I think).

    RegDefend does not mess up your registry at all, it protects it. It's completely configurable and allows you to block read or modification attempts on registry keys or values. It's a very powerful program and you can read more at the link above.
     
  8. Hard Rocker

    Hard Rocker Registered Member

    Joined:
    Jan 27, 2005
    Posts:
    258
    Location:
    Quebec, CANADA
    :D Thanks a million for the great link Defenestration & also the heads up on RegDefend !! :cool:

    HR :D
     
  9. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    Getting back to the original question...

    I used to think that running two A/T's (or two A/V's, for that matter) resident at the same time was a bad idea, but not anymore.

    Something is going to get to a piece of malware first, IMO, because the odds against any two programs being hooked into your system at exactly the same level are pretty high.

    Here (most of the time) I witness NOD32 picking off stuff before anything else has a chance to get ahold of it - which is fine - but only if it's something NOD has a def for, or can pick up heuristically.

    If it doesn't/can't, I would expect the next thing down the line that's running resident and that does have a def or is able to pick up the malware heuristically to nab it.

    IOW, if it's okay for anyone to run both an A/T and an A/V resident at one time (and apparently it must be if all the A/T software manufacturer's provide real-time "guards" for you to run resident), then it must be okay to run two of anything simultaneously (richrf's experience with his registry monitors being the obvious exception).

    About the only realistic chance for "conflicts" that I can see is if you're trying to auto-start a bunch of similar resident monitors at start-up - but if you start your back-up A/V's - A/T's manually after your primaries are up and running, that shouldn't be an issue, either - because your primaries are going to get first shot at something.

    So - why run more than one? Well, there's always the chance that your primary (whatever) might miss whatever piece of malware you've just happened to trip over - having a back-up (whatever) resident monitor running might just pick that up and save you from a nasty infection.

    Of course, if you haven't the resources for this kind of stuff (mainly as much RAM as your computer will take and a modern OS), you're very likely to cause yourself either slow-down - or even freeze-up - problems.

    Have to say I agree with richrf, though - one A/V, one A/T, PG and RD makes for awfully good protection.

    I run more than that, but mostly because I like to see lots of pretty icons in SYSTRAY - and because I can. Pete
     

    Attached Files:

  10. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
  11. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    I just had a smile on my face when I saw your systray Pete :D
    Anyway I am using nod32, Ewido and Boclean "on access" and all the rest on demand (tds-3, trojanhunter, giant, adaware+spybot)
     
  12. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    I don't subscribe to the two of anything is O.K. school of thought - at least not where AVs are concerned. Have a look at this thread:- http://castlecops.com/t102982-Manual_remove.html

    But ATs don't hook into the system so deeply as AVs (which is howcome they can co-exist with an AV) so you have a better chance of running two ATs successfully.
     
  13. Hard Rocker

    Hard Rocker Registered Member

    Joined:
    Jan 27, 2005
    Posts:
    258
    Location:
    Quebec, CANADA
    :) Thanks for all the very interesting replies and links guys !! Especially Spy1 for the informative post pertaining to my original question ......... LOL :D

    I have learned so much in the short time that have been a member here at Wilders. However, compared to a lot of the experts here I certainly have a long way to go !!! :eek:

    Regards,
    HR :cool:
     
Thread Status:
Not open for further replies.