mrgeek
Premium
join:2002-12-13
Dundee, IL
clubs:
| Who's the Best?
Although I am very aware of the need for good computer security, (use a router, have Norton Firewall and Anti-Virus and keep everything up to date) I find there are issues I need to learn about. That's why I have decided to visit the Security forum more and take advantage of the knowledge and resources here.
I am taking my first look at Anti-Trojan programs. Currently testing Anti-Trojan 5.5.407 and Trojan Remover 4.8. Who's Best? Or are there better ones? Opinions please. Thanks. |
|
Vampirefo
Premium,MVM
join:2000-12-11
Huntington, WV | TrojanHunter, TDS-3, BOClean are the top three AT's available today.
--
TrojanHunter Stands For Privacy!!!!!!! |
|
Buddel3
join:2003-03-26 |  reply to mrgeek
If you are looking for an AT program that is both easy to use and very good, you should have a look at TrojanHunter. |
|
Ph33r_
@mpoweredpc.net
| reply to mrgeek
Anti-Trojan v5.5 Build: 408 is currently the newest.
This Anti-Trojan System is my favourite; however my tastes were usually abnormal to most others. Anti-Trojan v5.5 Build: 408 like many don’t handle Archive Compressions properly, but does offer a huge Archives formats support compared to others that I’ve tested, and the next release of Anti-Trojan release will contain proper Archive handling as I made sure of it! Another thing, this Anti-Trojan v5.5 product lacks in is a proper “Memory” Scanning capabilities like many Anti-Trojan Systems out there I’ve tested, currently there’s AT-Watch application bundled with Anti-Trojan Installation package but it doesn’t do REAL memory scanning, it only detects the calls and scans the file on the hdd and the disadvantages of this is it wont catch the Packed/Crypted Trojans which loads into the Memory unpacked.
Also like others nor does it On-Demand Scanning System Scan for Packed/Crypted Trojans, in-fact there’s all kinds of tests you can perform yourself easily to prove so. Anti-Virus Systems a lot of them anyways has this capabilities, scanning for Packed/Crypted viruses/Trojans files.
Anti-Trojan v5.5 does have a huge Database compared to most; 9661 currently. |
|
mrgeek
Premium
join:2002-12-13
Dundee, IL
clubs: | reply to Vampirefo
Where is TrojanHunter available? |
|
Buddel3
join:2003-03-26 | quote:
Where is TrojanHunter available?
www.trojanhunter.com |
|
Zupe
Premium,MVM
join:2001-11-29
New York, NY
clubs:
| reply to mrgeek
said by mrgeek  :
Where is TrojanHunter available?
»www.misec.net/
--
Pinky: I think so Brain, but if we give peas a chance, won't the lima beans feel left out?
[text was edited by author 2003-05-16 12:43:11] |
|
stryc99
join:2002-11-13
Victoria, BC | reply to mrgeek
Can we stop with the "What is the best $SECURITYTOOL?" posts please? |
|
Gladiator_AV
Premium
join:2002-10-20
| reply to Ph33r_
said by Ph33r_:
handle Archive Compressions properly, but does offer a huge Archives formats support compared to others that I’ve tested
*ROFL* You know about what your are speaking ?
said by Ph33r_:
Anti-Trojan v5.5 does have a huge Database compared to most; 9661 currently.
And this gives me the loudest laugh i had since the last week.
Take a look at their so called "Trojan List" here:
»www.anti-trojan.net/de/trojanlist.aspx
Just a short snap out of it:
Worms:
I-Worm Lentin.g I-Worm.Alcaul.n I-Worm.Alcobul.a
I-Worm.Alizee I-Worm.Anap I-Worm.Anthrax I-Worm.Apost
I-Worm.Arica I-Worm.Avron.b
and a lot of virues which they do not even detect - at least only one sample because some of them are polymorph.
Now start to substract all the trash out of this list and you will be MUCH MORE LESS in trojans than other AT Programs. MUCH MORE.
So dont write things you do not understand.
Michael
--
GAV - Gladiator AntiVirus - »www.gladiator-antivirus.com
GAV v3 - »www.g-av.com
Envy is the sincerest form of Flattery
[text was edited by author 2003-05-16 12:54:26] |
|
Ph33r_
@mpoweredpc.net | reply to mrgeek
Infact i do understand quite well...
Regards,
Ph33r_ |
|
CalamityJane
Premium,VIP,MVM
join:2002-08-27
Eustis, FL
| reply to stryc99
It is a common question, especially for new visitors to the Security Forum, which I believe Mrgeek is. He just wanted an opinion on the AT programs from people who may have more experience in using them.
If you don't like the topic stryc99 , no one is forcing you to read it and this thread may be a big help to our new visitor and perhaps other readers who would like to learn more about security and security programs.
To answer Mrgeek, there are some really good discussion threads on Antitrojan programs using the forum search feature; you may find them useful
Anti Trojan(forum search)
Anti-Trojan(forum search)
You could also try search by the names of the program suggested to you in these replies 
--
It takes a disaster to make a woman out of a female |
|
JTM1051
Premium,MVM
join:2000-07-08
Moorpark, CA
| reply to mrgeek
There's also the...
Poll: What Anti-Trojan Program do you use?
»Poll: What Anti-Trojan Program do you use?
Did not see included in the two forum searches provided by CalamityJane. |
|
CalamityJane
Premium,VIP,MVM
join:2002-08-27
Eustis, FL
| said by JTM1051 :
There's also the...
Poll: What Anti-Trojan Program do you use?
»Poll: What Anti-Trojan Program do you use?
Did not see included in the two forum searches provided by CalamityJane.
Just keep in mind that poll is really, really out of date  (May 2001)
--
It takes a disaster to make a woman out of a female |
|
John2g
Qui Tacet Consentit
Premium
join:2001-08-10
England
| reply to JTM1051
said by JTM1051 :
Did not see included in the two forum searches provided by CalamityJane.
Probably because it is 2 years old. It was carried out in May 2001.
--
Never argue with an idiot, he'll drag you down to his level and beat you on experience! |
|
Ph33r_
@mpoweredpc.net
| reply to mrgeek
[Quote] *ROFL* You know about what your are speaking ? [/Quote]
My Documents
|
VBS-Infections-BEST.rar, VBS-Infections-BEST.zip, VBS-Infections-Normal.rar VBS-Infections-Normal.zip (Maximum & Normal Compressions Level of .Zip, & .rar with the below \VBS-Infections\ Structure Added into each and every one of them).
|
----
VBS-Infections (Directory & Structure of each Compressed Archive)
|
|_\1\LOVE-LETTER-FOR-YOU.TXT.vbs, tune.vbs
|_\2\LOVE-LETTER-FOR-YOU.TXT.vbs, tune.vbs
|_\3\LOVE-LETTER-FOR-YOU.TXT.vbs, tune.vbs
|_\4\LOVE-LETTER-FOR-YOU.TXT.vbs, tune.vbs
|_\5\LOVE-LETTER-FOR-YOU.TXT.vbs, tune.vbs
|_\6\LOVE-LETTER-FOR-YOU.TXT.vbs, tune.vbs
|_\7\LOVE-LETTER-FOR-YOU.TXT.vbs, tune.vbs
|_\8\LOVE-LETTER-FOR-YOU.TXT.vbs, tune.vbs
|_\9\LOVE-LETTER-FOR-YOU.TXT.vbs, tune.vbs
|_\10\LOVE-LETTER-FOR-YOU.TXT.vbs, tune.vbs
|_\11\LOVE-LETTER-FOR-YOU.TXT.vbs, tune.vbs
Downloaded/Installed & configured/updating PC DoorGuard 3 and running a Scan on \My Documents\ and all the sub-folders & files, here is the Actual PC DoorGuard 3 Log.
++++++++++++
PDG v.3.0.0.6
15:26.54 - May 12, 2003, Monday
Started applications scan.
Virus definitions:7507
Virus applications not detected.
Memory scan.
Registry and system file scan.
File C:\WINDOWS\win.ini did not contain suspicious records.
File C:\WINDOWS\system.ini did not contain suspicious records.
PDG detected a virus "I-Worm.LoveLetter.LOVE-LETTER-FOR-YOU" in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-BEST.zip /LOVE-LETTER-FOR-YOU.TXT.vbs
PDG detected a virus Probably VB Script virus in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-BEST.zip /tune.vbs
PDG detected a virus "I-Worm.LoveLetter.LOVE-LETTER-FOR-YOU" in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-BEST.zip /LOVE-LETTER-FOR-YOU.TXT.vbs
PDG detected a virus Probably VB Script virus in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-BEST.zip /tune.vbs
PDG detected a virus "I-Worm.LoveLetter.LOVE-LETTER-FOR-YOU" in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-BEST.zip /LOVE-LETTER-FOR-YOU.TXT.vbs
PDG detected a virus Probably VB Script virus in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-BEST.zip /tune.vbs
PDG detected a virus "I-Worm.LoveLetter.LOVE-LETTER-FOR-YOU" in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-BEST.zip /LOVE-LETTER-FOR-YOU.TXT.vbs
PDG detected a virus Probably VB Script virus in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-BEST.zip /tune.vbs
PDG detected a virus "I-Worm.LoveLetter.LOVE-LETTER-FOR-YOU" in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-BEST.zip /LOVE-LETTER-FOR-YOU.TXT.vbs
PDG detected a virus Probably VB Script virus in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-BEST.zip /tune.vbs
PDG detected a virus "I-Worm.LoveLetter.LOVE-LETTER-FOR-YOU" in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-BEST.zip /LOVE-LETTER-FOR-YOU.TXT.vbs
PDG detected a virus Probably VB Script virus in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-BEST.zip /tune.vbs
PDG detected a virus "I-Worm.LoveLetter.LOVE-LETTER-FOR-YOU" in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-BEST.zip /LOVE-LETTER-FOR-YOU.TXT.vbs
PDG detected a virus Probably VB Script virus in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-BEST.zip /tune.vbs
PDG detected a virus "I-Worm.LoveLetter.LOVE-LETTER-FOR-YOU" in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-BEST.zip /LOVE-LETTER-FOR-YOU.TXT.vbs
PDG detected a virus Probably VB Script virus in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-BEST.zip /tune.vbs
PDG detected a virus "I-Worm.LoveLetter.LOVE-LETTER-FOR-YOU" in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-BEST.zip /LOVE-LETTER-FOR-YOU.TXT.vbs
PDG detected a virus Probably VB Script virus in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-BEST.zip /tune.vbs
PDG detected a virus "I-Worm.LoveLetter.LOVE-LETTER-FOR-YOU" in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-BEST.zip /LOVE-LETTER-FOR-YOU.TXT.vbs
PDG detected a virus Probably VB Script virus in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-BEST.zip /tune.vbs
PDG detected a virus "I-Worm.LoveLetter.LOVE-LETTER-FOR-YOU" in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-Normal.zip /LOVE-LETTER-FOR-YOU.TXT.vbs
PDG detected a virus Probably VB Script virus in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-Normal.zip /tune.vbs
PDG detected a virus "I-Worm.LoveLetter.LOVE-LETTER-FOR-YOU" in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-Normal.zip /LOVE-LETTER-FOR-YOU.TXT.vbs
PDG detected a virus Probably VB Script virus in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-Normal.zip /tune.vbs
PDG detected a virus "I-Worm.LoveLetter.LOVE-LETTER-FOR-YOU" in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-Normal.zip /LOVE-LETTER-FOR-YOU.TXT.vbs
PDG detected a virus Probably VB Script virus in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-Normal.zip /tune.vbs
PDG detected a virus "I-Worm.LoveLetter.LOVE-LETTER-FOR-YOU" in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-Normal.zip /LOVE-LETTER-FOR-YOU.TXT.vbs
PDG detected a virus Probably VB Script virus in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-Normal.zip /tune.vbs
PDG detected a virus "I-Worm.LoveLetter.LOVE-LETTER-FOR-YOU" in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-Normal.zip /LOVE-LETTER-FOR-YOU.TXT.vbs
PDG detected a virus Probably VB Script virus in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-Normal.zip /tune.vbs
PDG detected a virus "I-Worm.LoveLetter.LOVE-LETTER-FOR-YOU" in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-Normal.zip /LOVE-LETTER-FOR-YOU.TXT.vbs
PDG detected a virus Probably VB Script virus in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-Normal.zip /tune.vbs
PDG detected a virus "I-Worm.LoveLetter.LOVE-LETTER-FOR-YOU" in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-Normal.zip /LOVE-LETTER-FOR-YOU.TXT.vbs
PDG detected a virus Probably VB Script virus in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-Normal.zip /tune.vbs
PDG detected a virus "I-Worm.LoveLetter.LOVE-LETTER-FOR-YOU" in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-Normal.zip /LOVE-LETTER-FOR-YOU.TXT.vbs
PDG detected a virus Probably VB Script virus in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-Normal.zip /tune.vbs
PDG detected a virus "I-Worm.LoveLetter.LOVE-LETTER-FOR-YOU" in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-Normal.zip /LOVE-LETTER-FOR-YOU.TXT.vbs
PDG detected a virus Probably VB Script virus in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-Normal.zip /tune.vbs
PDG detected a virus "I-Worm.LoveLetter.LOVE-LETTER-FOR-YOU" in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-Normal.zip /LOVE-LETTER-FOR-YOU.TXT.vbs
PDG detected a virus Probably VB Script virus in compressed file C:\Documents and Settings\Phant0m_\My Documents\VBS-Infections-Normal.zip /tune.vbs
15:27.17
Scan completed
Files scanned: 339
Files infected: 2
Scan speed: 16 files per second.
Please regularly update PDG!
-
-
++++++++++++
How many Errors can you find?!?!?!?! Tip: Copy and paste Log Info into a Notepad for better viewing… Like PC DoorGuard 3 other Anti-Trojan System contains the very same types of Archive Scanning issues…
You are right Anti-Trojan does add worms to its definitions, then again what Anti-Trojan System you know that doesn’t?
As for the labelling with Virus on them welp, everyone not perfect they all got weird reasons for labelling Trojans as viruses… :P
[Quote] So dont write things you do not understand. [/Quote]
Please don’t attempt to tell me what to-do and what not to-do as I wont with you. |
|
Gladiator_AV
Premium
join:2002-10-20
| reply to mrgeek
I will not continue in this thread here with you because it's worthless to explain you the differnce between ARCHIV packed and RUNTIME packed.
So ignore the technical advice of all (not self proclaimed) experts and play your childish games on.
EOD.
--
GAV - Gladiator AntiVirus - »www.gladiator-antivirus.com
GAV v3 - »www.g-av.com
Envy is the sincerest form of Flattery |
|
Ph33r_
@mpoweredpc.net | reply to mrgeek
As I had said in my 1st post Anti-Trojan v5.5 has Archive Scanning issue like other ATs, also Anti-Trojan v5.5 has Runtime Packed issue also… Sorry if that wasn’t clear enough. |
|
Name Game
Premium
join:2002-07-07
North Myrtle Beach, SC
| reply to mrgeek
It is not a big problem, if your AV can't scan inside _archives_. Why? Files, which are stored in archives, are always unpacked on your harddisk, before they can be executed. A properly working on-access guard will _always_ detect and block a virus in the moment, when it is unpacked on your HD.
Still, you might distribute infected archives. But for your own safety, archive scanning not really necessary, as long as your guard is running.
When talking about unpacking, you have to distinguish between _archives_ (like Zip, Rar, Arj,...) and _runtime-compressors_ or just _packers_ (like UPX, ASPack,...)
But runtime-compressed files are unpacked directly into RAM when being executed. That's why your on-access guard will not _see_ a packed virus in its unpacked form, when the virus is executed. That is the big difference to archives! Your AV guard has to be able to unpack compressed files itself, or it just won't detect the packed virus at any time.
And that is what people are referring to when talking about the good unpack engines of KAV and McAfee.
--
GAV - Gladiator AntiVirus - »www.gladiator-antivirus.com/ |
|
Ph33r_
@mpoweredpc.net
| reply to mrgeek
[Quote] Anti-Trojan v5.5 Build: 408 is currently the newest.
This Anti-Trojan System is my favourite; however my tastes were usually abnormal to most others. Anti-Trojan v5.5 Build: 408 like many don’t handle Archive Compressions properly, but does offer a huge Archives formats support compared to others that I’ve tested, and the next release of Anti-Trojan release will contain proper Archive handling as I made sure of it! “******** Another thing *********”, this Anti-Trojan v5.5 product lacks in is a proper “Memory” Scanning capabilities like many Anti-Trojan Systems out there I’ve tested, currently there’s AT-Watch application bundled with Anti-Trojan Installation package but it doesn’t do REAL memory scanning, it only detects the calls and scans the file on the hdd and the disadvantages of this is it wont catch the Packed/Crypted Trojans which loads into the Memory unpacked.
Also like others nor does it On-Demand Scanning System Scan for Packed/Crypted Trojans, in-fact there’s all kinds of tests you can perform yourself easily to prove so. Anti-Virus Systems a lot of them anyways has this capabilities, scanning for Packed/Crypted viruses/Trojans files.
Anti-Trojan v5.5 does have a huge Database compared to most; 9661 currently. [/Quote] |
|
mrgeek
Premium
join:2002-12-13
Dundee, IL
clubs: | reply to stryc99
For those of us, like me,new to the subject, I would like to know. Where better to ask then here. |
|
