Results 1 to 7 of 7

Thread: Anti-Trojan -Anti-Virus (heuristics)

  1. #1
    Senior Member
    Join Date
    Jun 2002
    Posts
    148

    Anti-Trojan -Anti-Virus (heuristics)

    I have read the posts about the best antiviruses, and it is very evedent that the best is in the eye of the beholder, anyway, Upon looking at AV reviews I have developed two questions.

    if you visit http://www.geocities.com/SoHo/Exhibi...s/antivir.html

    they have rated F-prot at 100% and AVG at 99.1%
    I know that both of these AV use heuristics scaning (can be configured to do so) But if both use heuristics, and heuristics is suposed to find new or unkown virants, would the two AV programs be equal, in the sence of protection?

    My next question/inquirey is:

    I have read some reviews of Anti-Trojan software, and it apears as if tauscan is a very good one, next the trojan remover. But I do not have the money to buy software. Instead I found TFAK at:

    [url] EDIT: I removed the link because along with the anti-trojan scanner, was also some script kiddie utilities, I do not want to premote illegal activities.

    It also uses heuristics. Has anyone tryed this one or know of any other freeware anti-trojan software?
    In snatches, they learn something of the wisdom
    which is of good, and more of the mere knowledge which is of evil. But must I know what must not come, for I shale become those of knowledgedome. Peace~

  2. #2
    Senior Member
    Join Date
    Jul 2002
    Posts
    225
    You mentioned F-prot. F-prot has pretty good heuristics for finding "trojany" executables. It will say something like such-and-such is a suspicious file, or such-and-such is a harmful program. It tends to find even "new" trojans pretty well, but YMMV not sure you'd really actually need a separate app for trojans.
    \"Now it\'s time to erase the story of our bogus fate. Our history as it\'s portrayed is just a recipe for hate!\"
    -Bad Religion

  3. #3
    Banned
    Join Date
    Jul 2002
    Posts
    877
    Most AV I have seen don't find trojans as well as many removers mainly because there are so many companies that use R.A.T.s 'legallly' but on the other hand I have heard rave reviews about AVG.

  4. #4
    Junior Member
    Join Date
    Sep 2002
    Posts
    18
    TDS-3 or Trojan Hunter not Tauscan it couldnt ID or remove an elephant with polka dots
    NOD32 or Kaspersky, AVG is a decent AV for freeware

    not all heuristics analysis is equal, alot depends on the rule sets
    you pay for what you get, in security its the need to constantly update, heuristics is an important component, but signitures and specialized extensions are just as important.

    The need for a trojan scanner greatly accelerates with the number of exectutables you try out (and where you get them)

  5. #5
    Junior Member
    Join Date
    Sep 2002
    Posts
    25
    AV Companies will not intentionally attempt to prevent another software company (legitamate) from selling or distributing a product.

    With that in mind.

    If you knew what ISpy did, and they supplied a disclaimer, and you purchased it, why would an AV company detect it? It is a legitamate program not a Trojan.

    If you are concerned monitor the installation and operation of the program with tools you can get from sysinternals...

    Trojans are programs that are installed under the guise of a legitamate product but turn out to be of malicious intent. If ISpy advertises what they do and when you install it they make it obvous what your doing then an AV company would not see them as malicious.

    If I install a key recorder or "Remote Management" software on my computer then that is okay. if you install it without my permission then that is not.

    Something to think about...that is why Green Lantern is detected, it is installed without permission.

  6. #6
    Senior Member
    Join Date
    Jul 2002
    Posts
    167
    Remember that in theory that heuristics are a great idea. Unfortunately in reality it hasn't been as successful as many antivirus vendors hoped it would be. Today heuristics is more a marketing ploy to sell a product.

  7. #7
    Junior Member
    Join Date
    Sep 2002
    Posts
    25
    Detox is absolutely right about the capabilities of heuristics. They are not as effective as advertised and can lead to many more false detections that actual detections. They often lead to a waste of system resources.

    They only attempt to identify activity that seems suspicious, however what is suspicious? Who defines it and what standard functions could make an api call of an alteration that fits the mold.

    I say turn the baby of and harden the box....
    A slice of \"Controlled Paranoia\" is worth it\'s weight in prevention......Of course Stupidity and Faith is just fun!!!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •