Which Anti Trojan progam would be good for me ?

My friend sent an email to ask about AT programs. This was my reply.

I evaluated TDS-3 and Trojan Hunter. In my opinion, those are the only two "good ones." Since you are running XP, TDS-3 will work great for you. I'm still running Win98SE, and TDS uses a lot of resources. My opinion is based on things I read in various security forums. Wilders has links and info on these two and others http://www.wilders.org./

Both have trial versions; TDS-3 has a public forum hosted by Wilders forums: http://www.wilderssecurity.com/ the private forum is available registered users only; TH has a forum for all: http://www.misec.net/cgi-bin/yabb/YaBB.cgi TH trial is the complete program, TDS-3 is missing part of the program (memory scanner?). TH does not use heuristics, TDS-3 does.

 

Licensed users has following benefits that the trial doesn't have:
(A quote from the tds page ...)

* Access to our Members-only discussion forum
* Access to specialops.diamondcs.com.au - a website for licensed TDS-3 operators
Messageboard forum
Script exchange
Exclusive articles & secret tips
User-to-user support (meet other TDS-3 Operators and even DiamondCS staff!)
* The ability to create protected and compressed CS3 scripts
* The ability to load scripts larger than 5kb
* The ability to use the #INCLUDE directive in LoadScript
* Execution protection to prevent and block infections BEFORE they occur
* Access to special priority email support
* Automatic, live and manual updating of Radius databases
* Full use of sockets in scripts (xSockets and mSockets, both support TCP & UDP)
* Ability to generate skeletal socket scripts

 

what the mofo who let this go on andreas gladiator back to your rooms no milk and cookies tonight just straight to bed jeshhhhhhh

first of all i like to say we love you both blaze pulls out baseball bat but if i have to come out here algain blaze will show you some tough love lol.

lol wasnt joosky supose to come in by now and say now play nice boys lol=)

 

I must say it has been interesting reading but frankly I am just frustrated. I really want your opinions on the big picture here. I have several questions here but if we want to stick to topic please just post opinion on AT. You can email me suggestions on the rest. Or I have posted this topic "Could I get some overall suggestions for my set up?" at "privacy software and related issues".

I really do need some sound advice and hope that I can find it here.
I am running Dell Laptop C840, P4M, 1.6GHz, WIN2000Prof
Relevant Software:McAfee 7.0 w/o the firewall, Tauscan TRIAL VERSION, Internet Sweeper, Ad-Aware.
I have temporarily uninstalled my Zone Alarm Pro but want to reinstall it soon.
I just read about Trojan Hunter, TDS3 and well, all the posts on this thread. TH seems to be my speed but some one mentioned it will not scan some things (?). I am worried about compatability issues here - with all my software. I need to keep McAfee for now. Could you Discuss this whole picture?
Thanks
Are RegRun Security Suite Gold or WinTask Pro the better choice?

 

I have BOClean and like it very much. They update fairly frequently, the support is good and the program uses little resources. I have not used TrojanHunter, but hear good things about it. I have become fairly disappointed with PestPatrol. I would use TDS-3 (being able to afford it aside), but since I am using Windows 98SE, I am concerned about its resource usage. Though I may be concerened for nothing here...highly possible since I am somewhat of a neophyte.

Another issue to consider is the fact that BOClean is strictly a memory resident scanner, therefore has no on-demand scanning. Since I already have BOClean running resident, I plan on keeping that as a resident scanner and purchasing TDS-3 (when funds permit) and using it as an on-demand scanner.

I would suggest trialing TDS-3 and TrojanHunter each for 30 days. Although, if I understand correctly, TDS-3 does not include their execution protection module in their trial version. Somebody here can give you more details as to exactly what that is and how that fact impacts your trialing. On the issue of trialing, PSC, the developer of BOClean, does not offer a trial period, but rather a money back guarantee.

Hope this helps.

 

I really do need some sound advice and hope that I can find it here.
I am running Dell Laptop C840, P4M, 1.6GHz, WIN2000Prof
Relevant Software:McAfee 7.0 w/o the firewall, Tauscan TRIAL VERSION, Internet Sweeper, Ad-Aware.
=>Although I would like to say Tauscan is a great AT, at this time it does need some work.

I have temporarily uninstalled my Zone Alarm Pro but want to reinstall it soon.
=>Although ZA is not my firewall of choice, it is better than none. I would reinstall as soon as possible, unless you are looking for alternatives.

I just read about Trojan Hunter, TDS3 and well, all the posts on this thread. TH seems to be my speed but some one mentioned it will not scan some things (?).
=>I personally think that TDS3 is the best. It does have a bit of a learning curve, but version 4 soon to be released, may be a little more user friendly.
I think if you are hesitant, Trojan Hunter will work for you. I would be more concerned about McAfee, as it does not really have a very good track record.

I am worried about compatability issues here - with all my software. I need to keep McAfee for now. Could you Discuss this whole picture?
=> The whole picture is first a good AV. If you need to keep McAfee for a while, then definitely get some good anti trojan protection. Second is good AT protection, and Third is a good firewall. There are several good firewalls available, even some good free ones. Sygate, Kerio, and Outpost are all good.
It is also good to have AdAware and Search&Destroy for protection against spyware. They are free.

Thanks
Are RegRun Security Suite Gold or WinTask Pro the better choice?
=> Regrun Security Suite Gold, although not free, is a most excellent program. It offers excellent protection for files being tampered with or deleted. There is a write up at Wilders about RegRun that I did, and may give you some more information.
http://www.wilderssecurity.com/regrungold.html

MRBLAZE posted a rather long post about his preferences and you can look at it here. https://www.wilderssecurity.com/showthread.php?t=4146

I also suggest you look at Wilders recommendations on AVs. It is very informative and non biased.
http://www.wilders.org/anti_viruses.htm
Hope this helps some.

 

sometime it scare blaze how much paul actualy knows i come to the conclustion hes an A.I.

look at the facts he runs several machines at one time.

hes up at all hours of the day

we never realy hear him say he eats or gets sick.

and when i dont think hes around and i sneak in a contervershial post he alpears out of nowhere
im on to you paul if that indeed is your name. mr.A.I.

 

Hmmmm - i won't use a special AT program. McAfee has a unpacking engine and a backdoor detection that is nearly as strong as KAV's one ... . So why use a AT?

 

>Well, one valid reason could be not putting all eggs in one basket - I for one do recommend
>layers in defense.

Ok - lets see it a little bit more realistic:

Its quite hard to find a binder, crypter, packer or even a backdoor that McAfee doesn't detect. Perhaps there are some but there are also some that TDS-3 doesn't detect. And by the way McAfee has a heuristic for backdoors, too.

In general personal firewalls are nearly useless during the lack of the windows design. A combination of sandbox and personal firewall is powerfull but quite unstable and costs lot of ressources at the moment.

90% of all personal firewalls (including outpost) are still vulnerable due the use of DLL injection. This security flaw is known for a couple of years now and most personal firewalls still haven't fixed the bug.

No personal firewall checks if the action was performed by the user. For example manipulation of the rule set or "clicks".

No personal firewall checks if the firewall driver was kicked out from the driver tree or if the automatic start in the registry was kicked.

Personal firewalls are nothing else than placebos in my opinion. But normally placebos don't do any damage - personal firewalls do.

Many personal firewalls have buffer overruns (for example ZA, NIS, Outpost etc.) under a high usage (floods etc.) or they will open new security lacks. They connote a higher security feeling. An unsecure system won't be more secure if you use a personal firewall ... .

In fact a personal firewall doesn't block any modern malware. Most spyware (i think spyware is malware too) do process injecting or they add themselves as a browser plugin - no firewall will detect or block them.

Lets do a conclusion:
A personal firewall doesn't do a good job as an application filter cause of design lacks on the firewalls itself and windows.

A personal firewall in most cases doesn't do a good job as a packet filter cause of the design of the firewall driver.

So why do you use one?


Thats what i would do:

1. Make windowsupdate.microsoft.com to my start page.
2. Clean Up my network settings (don't bind windows networking, file sharing or anything else then tcp/ip to your internet device if you don't need it).
3. Did i mention to make windowsupdate.microsoft.com to my start page? *fg*
4. Configure your AV application to do a hourly update.
5. windowsupdate.microsoft.com - i mentioned it, didn't i?

TDS-3 might find 2 or 3 backdoors/trojans more than mc afee (i don't believe that) but are these malware ITW or is a normal human able to get them? No, cause if mc afee would find them ;o).

 

This board is the start page of mozilla and windowsupdate.microsoft.com is the start page of the internet explorer ;o).

 

i personaly like layers of protection on my newby guide its hard to belive but i got most of that stuff runing in the back ground lol.

after geting over killed a few times the only thing that saved me was dimond regystry administrator lol.

long time algo and the reason i stumbled on to wilders i aparently came across one big bad wolf.

who ever this guy was by passed everything and the only thing that alerted me was dimond regystry protection going off i reboot restored the regstry then i used go back.

did defrag check for errors deep and full scan and a updated trojan and viruse and spyware and worm scan.

so yup multilayers really does work

 

Re:Which Anti Trojan program would be good for me ?

Andreas Haak
Full Member

I have been trying Sygate's new firewall and it DOES check for DLL injection. Andreas ? Can you tell me Sygate's DLL injection protection can still be defeated?
I really like the backtrace and Whois feature Sygate has now.
I must give them 5 stars for achievement and improvement

Oh yes Did I mention I Will never use a Mc afee product again. I had too many horror stories with their System takeover. I have never and I mean never seen Norton do that.
AND yes I do know how the tiny little electron flow through the circuitry.
Do you know if they go from plus to minus or from minus to plus?
In other words, do they seek a negitive charge or a possitive charge in their travel from the internet connection to you memory?

Thank you

controler

 

Re:Which Anti Trojan program would be good for me ?

>I have been trying Sygate's new firewall and it DOES check for DLL injection. Andreas ? Can
>you tell me Sygate's DLL injection protection can still be defeated?

It checks for an DLL injection but not for a code injection ).

 

Andreas Haak

When you say Code injection, do you mean code injected from a
web page? What programming language are you refering to?
Sometimes I get confused when somebody says script. Why?
Well because some people here think that just a bascic BAT file is script LOL
java, VB,? what code are you speaking of here?

Thank you

 

>When you say Code injection, do you mean code injected from a
>web page?

Nope - i mean binary code injected directly into the process memory ).

>Sometimes I get confused when somebody says script. Why?
>Well because some people here think that just a bascic BAT file is
>script

BAT is a script. Scripts are all files coded in a language that will be interpreted every time from an other programm (HTML, JS is interpreted by your browser, perhaps JAVA that is interpreted by the vm, BAT, CMD is interpreted by the command interpreter of dos/windows and so on).

>what code are you speaking of here?

I speak about code. In fact code is every time asm in its binary form cause the processor understands asm only.

 

Re:Which Anti Trojan program would be good for me ?

Ok, I would call binary code Machine language in my mind.
Machine is the raw form and you can't get any simpler than binary.
one's and zero's, highs and lows over 1.5 volts DC LOL

All electronic equipment recognizes a certain voltage as a valid high or low. What is neat is when you use special filters to actually still receive those logic conditions that normal electronic devices can't.
this would fall under special coding and decoding. This is a way to transfer data with special hardware modifications that normal devices don't have.

yes I can see hackers using special software encoders (scramblers) and a trojan decoder(de-scramblers) that uses broadband spectrum scrambling-de-scrambling of the code. Weather it be binary, hex or whatever you would like to call it.

 

Anyone tried Trojan Remover?

http://www.simplysup.com/tremover/details.html

Any comments you can provide good bad or indifferent on this particular software...

would especially like to hear comparison with Trojan Hunter. Looking at comparitive T Db looks like possible edge, engine?

TIA

 

Trojan Remover has a little problem, it's baffled by the \??\ prefix in many registry keys and marks them invalid. I sent their support an email on October 10 and got a prompt answer, that I should check the option "Show alerts on confirmed Trojans only". In other words, not all the features work correctly . There hasn't been any update since then. I still have it installed, but I'm only running Trojan Hunter.

Hope he gets around to an update soon.

 

Tuskero:
I'm a new member also and appreciate everyone's insite on software. As the other members indicated there are numerous Trojan Scanners on the market and most are very good in their own right. The one that I'm using as a register user is Trojan Remover its a "new kid on the block" and has a good detection rating. You can try it out on a trial basis for 30 days. You can download it at http://www.simplysup.com/tremover/
There was a study done on numerous trojan scanners you can find the results at: http://www.pcflank.com/index.htm
I hope this will help a bit

fixed link

 

But maybe you should worry a little about No updates whatsoever. (It's true that a heuristic program doesn't need signature file updates, but the program itself has at least one bug, as noted above.)