[illukka]

well we could argue about this forever, lets just say that i wouldn't rely on some on the av's you mentioned for trojan protection.. a good anti trojan (with a memory scanner) outperforms ANY antivirus, the possible exceptions are kaspersky and dr web

[Zero]

Which ones? Because, Haha, I'll admit it, I have no life, I have put each and every one of those anti-viruses through extensive virus/trojan tests, 40 trojans/40 viruses.

Each one did 80% or better on detection rate.

NOD32/eTrust got perfect. Their heuristics caught all the "unknown" trojans.

[cnm]

mneale, Your post has been moved to a thread of your own.
http://forums.spywar...wtopic=6555&hl=

[bigjamesgti]

Zero, on Jun 10 2004, 10:09 PM, said:

Quote

downloading mp3's is pretty safe, trojans /backdoors ALWAYS have an executable extension, even when binded with other files, the resulting file is always an .exe(pif, com etc). like bundle.jpeg.exe..

For the most part yes, HOWEVER, there are exploits to cover the "hidden" extension though its rarly used in songs, it is possible.

Quote

a word of warning here: most anti viruses are vulnerable to binded executables, if you want to live dangerously on the net use a good anti trojan to back up your anti virus..
most antiviruses have a very poor trojan detection anyways

Norton and Mcafee yes, the two most over hyped pieces of crap on the market.

NOD32, eTrust, AVG, Panda, Kaspersky - they all have a VERY well constructed database of trojans AND viruses.

does this mean that AVG is a good anti-virus program ??

Or have I mis-read and it actually means that AVG puts viruses and trojans ONTO your PC ???

[cnm]

AVG is fine.

[illukka]

well i wouldn' call a 40 trojan test trustworthy.. test with 4000 trojans,or better with 14000. preferably different ones.. and exclude the non-malicious stuff from the test, the editservers and clients.. the results might surprise you..

or to make it more difficult and real-world like, pack some samples of each trojan with different packers/crypters.. then execute that trojan on your system and check if your av detects and removes it

[Trilobite]

illukka,
If you are interested in how certain AV software performs in the detection of Trojans, you could take a look at the results of a small test I did. Granted it’s not 4000 trojans, but it’s a start. I should have access to a much larger collection shortly. When I do, I will rerun my tests.

Quote

downloading mp3's is pretty safe, trojans /backdoors ALWAYS have an executable extension

Take a look at the test files that I used in the AV test. None of the extensions have been modified and not all of them are executables. Edit: AV test example no longer valid. The format of my tests have changed.

This post has been edited by Trilobite: 02 October 2004 - 02:39 PM

[shadowl33t]

Who makes All these Trojans.. Does someone know? or is it a untracable hacker that have made it and he can never be tracked..
One more question..
Where have they learned to make trojans?

[bluelight]

irelynnmisses, on Jun 9 2004, 10:04 PM, said:

How can you tell which is which ?  like if you pick up a random named trojan, how can you  tell if it's a RAT, IRC & etc....


thanks ZERO 

Since reading info on trojans in this post I had a 2 trojans found. would anyone know any info about P2E.A found in C/ windows system 32 egauth.dll and P2E.A C/ windows system 32 p2esocks_1014.dll...what type of trojan is this and what can it do. YOu mentioned RAT and IRC types...does anyone know what type of trojan this is ...thanks

[veensneetz]

all your "what is" available here http://www.linuxsecu...rse-virus.shtml

[lowsparker]

what should I do given that I believe I have a trojan file or two on my computer? Norton was only able to quarantine... should I get nod32?

[auctionhugh]

lowsparker, on Oct 23 2004, 09:08 PM, said:

what should I do given that I believe I have a trojan file or two on my computer?  Norton was only able to quarantine... should I get nod32?

Frankly I think quarantining should be adequate in terms of removal. But if it told you what the virus was it quarantined, go to http://www.sarc.com and search for it. It should have complete removal instructions.

_______________________
Professional Web Design by AuctionHugh's Wife Kathleen
Artistic - Straightforward - EASY for You!
Examples and Pricing at Kallen Web Design

[Paranoid]

Seems to me that the terms virus, worm, trojans describe how they spread rather than what they do.

Conversely terms like spyware, adware, rootkit, backdoor, keylogger, adware, browserhijacker,dialer etc actually describe what they do.

Worms spread automatically without needing human interaction. In the past it was through the network shares, these days it normally via email.

Viruses, like worms once executed have the capability to replicate by themselves. They however rely on a hosts file which is infected.

Trojans can't replicate themselves, they are disguised programs that trick the user into
running them.

Traditionally, most trojans are/were backdoors, keyloggers and rookits, though these days any combo might exist.

Some combo malware like Nimda are both a worm and a virus , while many combo malware these days also open backdoors but spread like worms.

Understanding all these distinctions are important, but almost as important as understanding what your security software covers and what it does not.

For example it would be a very bad mistake to think Adware or Spybot cover rootkits or most backdoors for example.

[Alpha_Blue]

Correct. Even most anti-virus software cannot detect a full run of trojans...detection rates can range from 65 percent at a low to around 88 percent or so based on tests I have read...and those are the best AV's out there...meaning that you need extra anti-trojan software to be extra protected against them.

[chrono_trigger666]

I got a question.

Which software or groups of software do you actually recommend?

many stand alone software designed specifically or one whole security suite software