Home What is a Trojan Horse? How we reviewed anti-trojans About us |
|
|
Since the time I created this site the problem of malware infection has both escalated and changed in character. At the same time anti-virus products have become much better at detecting trojans. As a result of these developments I no longer recommend for most users the routine use of a separate anti-trojan program such as those listed below. I've left these now dated reviews on this site for reference purposes only. Indeed those faced with removing an existing trojan infection will find the trojan removal capabilities of some of these products useful, particularly the free version of Ewido (now known as AVG anti-spyware). For my latest security recommendations check out the editorial column in the most recent issues of my newsletter - Gizmo, May 2007. TDS-3 from Australian company Diamond Computer Systems is the end result of many years of anti-trojan development by that company. The product has developed an awesome reputation amongst knowledgeable users as the king of anti-trojan scanners. Put simply, we agree. The program has changed little since we first reviewed it in 2002 yet its performance is still outstanding. Design and Usage TDS-3 differs in design from most of the products tested in these reviews. Rather than employ a separate file scanner and memory resident monitor both functions are integrated into a single program. More accurately the monitor (or Execution Protection as it is called within TDS-3) is launched from the scanner application. That means that if the monitor is running, so must the scanner. The TDS-3 scanner is impressive in its thoroughness. In addition to the normal signature scanning it scans the memory space of legitimately running processes to make sure that a trojan has not hidden itself in that space. It also scans for trojans hidden inside Alternate Data Streams, an obscure feature of NTFS file systems that allow data to be stored in hidden files that are linked to a normal visible file. It has a sophisticated generic detection system that allows for the identification of polymorphic trojans. And these are but three of the17 different approaches used by TDS-3 to hunt out trojans on your system. Even more functionality can be added to TDS-3 via downloadable plug-ins. At the time of writing 20 plug-ins were available free from the web site with functions ranging from extracting the configuration of Back Orifice servers through to IRC channel scanners. No other anti-trojan program that we tested came even close to matching TDS-3's superb array of detection and analysis tools. In this respect, it is without peer. But there is a cost to pay for this comprehensiveness. TDS-3 is a complex programl whose full power can only be realized if the user thoroughly understands both the product and the problems involved in trojan detection. TDS-3 would totally overwhelm most computer novices. This complexity is not helped by the user interface which is non-standard and consequently unfamiliar to the average user. Personally I quite liked it's chatty log-style presentation but two of my (average user) friends thought it to be weird and uncomfortable. Click here for a screen shot. Updating the signature file is thankfully, a simple task involving a couple of mouse clicks. The file scanner has more options than be covered here. Many, though valuable, would make no sense to the average computer user. Click here for a screenshot. Thankfully the default options have been well chosen and serve the needs of those who do not wish to delve deeper. Directories or files can be scanned using the scanner control panel or by right clicking on the directory/file from Explorer. The in-memory monitor is not a separate program but is run from within the scanner module so, if you totally shut down the scanner, you shut down the monitor. However this is not quite the problem you might imagine as the scanner can be minimized to a task bar or quick launch icon which can be launched when Windows starts. Also odd is the fact that monitor is not turned on by default in the distributed version of the product. Yes, it's easy to turn it on but you have to know that it's off to start with. Need cheap inkjet cartridges? Check out http://www.techsupportalert.com/cheap_inket_cartridges.htm Performance Let's not beat around the bush; TDS-3 gobbles up a lot of resources. This is not unexpected given the impressive multi-layered array of defenses it provides. None the less, it's resource intensity will present users of slower machines with a problem. For example, in our scan timing tests TDS-3 was the slowest of any product. If configured for maximum scanning features, for example looking inside executables, a full disk scan could take hours. Long enough that many people would choose to set up a full system scan for an overnight run. The execution protection feature is resource hungry as well. The following graph shows overall system resource usage (blue trace) and TDS-3 usage with execution protection running (green trace). While the system is idling there is not much activity from TDS-3 however when a file is opened (hump in blue trace) TDS-3 becomes very active taking up nearly 20% of total CPU resources on the our test PC, a 3.3GHz P4. Memory usage also jumps at the same time up to 13.6MB. On occasions we have seen this jump to over 25MB.
In fact our test PC was definitely a little sluggish with TDS-3 running. Enough to be just noticeable though by no means large enough to be unacceptable Bear in mind that one of the reasons that TDS-3 is resource hungry, it that it is doing more than most other anti-trojan-products. Resource usage is the price you pay for thoroughness. Now that we've got the bad things out of the way, we can concentrate on the good. ln our trojan detection tests TDS-3 topped the list, a result consistent with our findings in previous years though this year it had to share top honors with Trojan Hunter. The result is tribute both to the integrity of it's design and the vendor's diligence in maintaining signature file updates. In fact, these files are updated daily, which contrasts with the weekly or "when necessary" schedule of other vendors. Over the last two years I have developed enormous confidence in this product. And with confidence in the product I have been granted more confidence to do things I need to do as a computer user without paranoid fear of being infected. Today , whenever I download an executable file I now routinely scan it with TDS-3 before opening. Once a week, I use TDS-3 to do a full scan of my system. TDS-3 is a permanent fixture on my PC and will stay that way until I've convinced there is something better. No, TDS-3 isn't perfect as a product nor can it be relied on to give foolproof 100% protection. But it does offer the best anti-trojan defense currently available. Other Reviews TDS-3 has generally very well in other surveys. It (jointly) topped the list in the three of the most authoritative reviews (1, 2, 3). In a recent PC Magazine review, the editors rated it behind PestPatrol and Tauscan but the magazine readers vocally disagreed and elevated it to the top. Yet another review rated it below Tauscan and the Cleaner in a rather close set of results. (4) Support The product itself has a useful help file and this will provide the answer to many common installation and configuration questions. The Website has a FAQ and the vendor provides email support during office hours. Note though, that TDS-3 is based in Perth, Western Australia and the time there differs significantly from both North America and Europe. There is also a vendor hosted discussion forum that appears to be quite active and judging from comments, most purchasers are very happy with the product and the support they receive. We received answers to each of our three test support request emails within hours, an outstanding result but bear in mind that our requests were sent to coincide with working hours in Perth. For major crises, the vendor has a team of engineers on standby, though this is not a free service. Summary If you want maximum protection against trojans, then you need TDS-3. However be prepared to pay for this security in terms of product complexity and resource usage. Version tested: 3.2.1 Price: $49.99 Download: Click here for trial version. Trial does not include memory monitor Trojans in database: 9461 primaries as at the 9th of August 2003 Website: http://www.diamondcs.com.au Signature File update frequency: daily
Advertisements: The Best Backup Software: 18 backup programs reviewed and rated but only one get "Editor's Choice" Inkjet Printer cartridges: The best places to buy cheap inkjet cartridges. We looked at 47 seven sites but could only recommend eleven.
|
