anti-trojan.org home page
what is a trojan ?
Adware ? Spyware ? Trojan ? Virus ?
Protection and Control
Have I Got a Trojan ?
Trojan Removal
Hoaxes
Phishing scams
Why target me ?
10 simple anti-trojan rules
Frequently Asked Questions
Technical Assistance Forums
Software Reviews
Rogue Software
Software Downloads
Internet Security Sites
Link to us
Other Helpful Stuff
About anti-trojan.org
Recommended Reading
Trojan Archives
Trojan Port List
Disclaimer
Contact us



















secure hosting with Hostgator

anti-trojan.org

Helping keep control of your computer in your hands.



anti-trojan.org tested & recommended software


a-squared by Emsisoft


Featured Site Link

techmonkeys
Got a Trojan problem ? Call a Tech Monkey !




Remember...

Even the best security software is no replacement for taking sensible precautions in dealing with internet and email traffic.






trend micro hijack this

anti-trojan.org is intended to be a resource for everything related to Computer Trojans.

What’s on this site

If you are here to get some software to detect and remove a trojan or trojan virus from your computer, (and this is what most people visit this site for), then you should click on the Software Download Link. Here you will find free trojan removers as well as shareware and commercial trojan removers, anti-virus, anti-spyware, firewalls and more.

Have I got a trojan ? shows you what you need to do identify if you have any intruders lurking in the recesses of your PC, while Trojan Removal gives information and simple step by step instructions to assist you to secure your system and start the malware removal process as safely as possible once a threat has been identified.

10 Simple Anti-Trojan Rules offers of our best advice on minimizing the future risk of a Trojan infection and recommends ways to protect your system and it keep free of all other malware.

Thanks for visiting Anti-Trojan.org & Safe Surfing !

Spyware trends ... what's coming next ?

Christian Mairoll, CEO of Emsisoft who produces a-squared Anti-Malware, and Mamutu behavior blocker, talks with us about the most recent developments in the world of trojan and virus detection and control. We get his opinion on what he thinks we will be having to protect against in the future, and find out what makes the manager of a security software company get out of bed in the morning.

a-squared Anti-Malware - Effective Malware Protection

See link from article to a-squared Virus & Spyware Scanner.

The Emsisoft CEO Interview.

Viruses and Spyware on your Mobile Phone?

We talk to Seth Fogie of Airscanner Mobile Security about the threats
to mobile phones users connecting to the web in the new frontier of internet security.

Seth Fogie
Airscanner.com logoAirscanner.com

For information on Airscanner Firewall 3.5 visit the Airscanner site now!

Airscanner CEO Interview

Need Technical Assistance ?

Anti-trojan.org does not have a forum to answer your individual inquiries but if you require assistance from an expert on a specific trojan issue or any other computer problem we can point you in the right direction to some of the best Tech Professionals on the internet, who freely give their own time to help the rest of us.

You will find links to these internet heroes under Technical Assistance Forums.


Interview with Christian Mairoll of Emsisoft.com

Emsisoft produces a-squared Anti-Malware and Mamutu Behaviour Blocker Anti-Spyware

ATO    Hi Christian, being the CEO of a busy Internet Security Company, we appreciate the time you have taken to talk to us today.

Christian  My pleasure. PC security knowledge is very important to everyone.


ATO   How long have you been involved in internet security?

Christian  My first contact with trojan horses was in 1998. Who doesn't remember the legendary Back Orifice, Sub7 and Netbus backdoors? Those have got major attention and started to change the old-school Antivirus business completely. Using the public sourcecodes, every child became able to create a backdoor that can't be detected by any antivirus program.

ATO    What are the major changes you have noticed over the years?

Christian  While in early years of malware writing the coders' intention was to have just some fun spying on their friends' computers, today we have to combat against a multi million dollar business of malware writers. Every few years, a completely new type of Malware has appeared.

From 1999 to 2001 backdoor trojans have been the most used malware to spy on others. From 2002 to 2003 we noticed a peak on modem Dialers, little programs that change the internet dial-in numbers to high-cost numbers. 2004 was the year of classic Spyware and Adware. Many companies created advertising bundlers and people started to care about hidden phone home actions. In 2005 Rootkits were the major harm that scared people. During the last years, the malware business became much more professional. We have seen bot networks with many hundreds of thousands of hijacked zombie computers that are used to send spam emails.


ATO   You have produced two pieces of software - a-squared and Mamutu. One is a virus and trojan scanner, and the other is a behaviour blocker. Can you tell us a little bit about the difference between the two?

Christian  How can malware be detected in general? Like the real world police, a typical malware scanner has a set of malware fingerprints that are used to identify malicious objects. But that requires the anti-malware vendor to get an example of every single malware file to be able to create a signature (fingerprint). The major problem of this detection method is, that new malware can't be detected without having a matching signature.

That's why we created a behavior based malware protection engine, called Malware-IDS (intrusion detection system). It monitors in realtime all running programs for malicious behavior. Once a program does something suspicious, it is alerted by our guard. As it can not be used to clean an infected PC, it is a perfect prevention system with 100% detection rate in many public tests.

While Mamutu is a pure behavior blocker, a-squared Anti-Malware comes with behavior blocking and a signature based disk scanner to clean infected computers.

If you already have a reliable signature based protection system, use Mamutu as a complementary program. a-squared Anti-Malware replaces anti-virus and anti-spyware programs.

ATO   I guess that keeping the software current requires continual monitoring of new threats and creating updates for your products to combat these. Can you tell us something about what you are seeing trend wise in spyware and viruses?

Christian  Everybody knows that he or she needs an anti-virus protection software, but nobody really cares about anti-spyware or anti-trojan. This fact is interesting when you keep in mind, that today, viruses are less than 5% of the total malware we combat. While most security software vendors came from the anti-virus side, we have our origins in the anti-trojan/anti-spyware sector.

ATO   Are the threats that you are experiencing regional, or is this pretty much a global village phenomonen?

Christian  I'd say both. We have seen lots of phishing bots that are limited e.g. to German language, but many others are multifunctional. Phishing is no longer limited to single banking systems. Some bots are able to handle 30 and more different types of banking environments in multiple languages to steal your PIN and empty your account.

Backdoors and Bots are usually running hidden. They don't care about your used language or your region. Your PC resources and internet bandwidth are worth money, no matter where you are.

ATO   In addition, of course, to the top of the line scanner and a good firewall, what other advice do you have for the average computer user that will help keep their machine safe?

Christian  Use your brain and don't rely purely on software. As this tip is against my business, security software can always be only a helping tool and not a replacement for personal experience and sanity. Take care when surfing unknown websites, downloading files or entering your personal data somewhere. Always check the publisher before you enter your credit card data on a website.

ATO   Does a-squared have the ability to detect rogue security software that is designed to mimic bona fide products like yours?

Christian  Sure! Rogue anti-spyware is a very fast growing danger. In a recent comparison done by dozleng.com (Calender of Updates) with 8 spyware scanners, our a-squared scanner performed significantly better than the others.

ATO    You live in Austria, but that doesn't seem to limit where you are able to provide your products. Do you think that internet security is a truly global market?

Christian  Yes. It does no longer matter where you live as the world is fully connected. Not only our customers are spread around the world. The a-squared team is a group of location independent security enthusiasts living in Europe, America and Asia.

ATO   You have a commercial ware version of your software as well as a freeware. Obviously you are in business and you need to generate sales. How can you afford to offer one of your products for free ?

Christian  a-squared Free is a disk scanner only. We think that everybody must be able to clean an infected PC without paying money. Most people who are searching for a malware scanner are in big trouble with an infection. Our first intention is to free the web from malware. Our second one is to help people prevent their computers from new infections with our behavior blocking technology.

ATO   What are the limitations on the free product?

Christian  The background guard with behavior blocking is missing. Everything else, scanning and cleaning, is included.

ATO   So, aside from Internet Security, what else do you get time to do in your busy schedule ?

Christian  You mean on holiday? What's that?? ;)

When I feel that I need some more clear thoughts, I'm hiking on the Austrian mountains.

ATO  Chris, thanks for your time today. Where can people get more information about a-squared products?

Christian  They can find out about both our free and the paid version of a-squared from our website at Emsisoft, or click on the link below.

Thanks for the interview!


Be fully protected! Paid version of a-squared Anti Malware available here.


October 2008

Back to top

Interview with Seth Fogie,
CEO of Airscanner Mobile Security


ATO   Thanks for chatting with us today, Seth. You specialise in security products for mobile phones and handheld PDAs and EDAs that connect to the internet. This is not an area many of us would have considered. Can you tell us about some of the dangers that you have come across, and then we can discuss some of the products you offer to combat these.

Seth  Sure.


ATO   We've heard that you can get a Blue Tooth virus simply by walking past a transmitting device. Is this correct, and if so, what should a user be doing to protect themselves?

Seth  This is not quite correct. While it is true that certain older phones are subject to Bluetooth related attacks, these can be used to download data such as contact lists, etc. It is also possible to send messages to a Bluetooth enabled device relatively anonymously.

All that said, it is possible for a Bluetooth enabled device to send another device a file. However, the target user must first click through a warning about accepting files, and then click on another prompt warning about installation of the file. In other words, it takes significant user interaction for Bluetooth to be a reliable attack vector. Unfortunately, enough people are willing to ignore all the warnings and end up infecting themselves.

The only exception to this is a vulnerable Bluetooth driver, which could be exploited to inject code into the target device. While I do know of one driver related bug that affects mobile devices, it only results in a crash. There are however, Bluetooth related vulnerabilities that can lead to remote code execution on laptops/desktops.


ATO   There is a lot of confidential information transmitted via these devices, particularly the type of information you would not want to fall into the hands of competitors, therefore it is our presumption that the main threat you need to protect against in this environment is predatory spyware. Is this correct?

Seth  I would say that the number one issue that mobile users need to address is the possibility that their phone gets lost or stolen. If the phone is not locked (most aren't), and the data on the phone is not encrypted (most isn't), then the phone's new "owner" can learn a lot about a target. This could include all sort of things, from passwords stored in an Excel file, to email access using stored credentials.

In addition to this, a knowledgable attacker could extract images and videos that the owner took - even if they were deleted.

After this issue is addressed, mobile users also need to understand the dangers of malware on their device. Ironically, illicit malware is not the biggest threat. Instead, it is the numerous consumer grade spyware programs that can be purchased and installed that are the biggest threat to a mobile devices owner.


ATO   One of the products you sell is an Airscanner encrypter. Don't most business mobiles already encrypt the information they transmit?

Seth  Our Encrypter is designed to secure data on a phone, in case it gets lost or stolen. As for data on the network, some businesses do - but many don't.


ATO   For those of us who don't have much experience with mobile malware, what are the key threats and your advice on a basic minimum security package?

Seth  It really all comes down to how you use the mobile device and your personality type.

If you are a very casual user, meaning you only visit a few websites, then protection is not very important. Who cares if someone steals your phone?

However, if you are a heavy user and constantly text, email, download files, and would be very upset if all this information became public, then protection is a must.

Chances are that most people fall in between these two extremes.

AV software is important for those users who do a lot of file swapping and emails on a phone. A firewall is good for these users as well, simply because a tight firewall can prevent a malicious attacker from connecting to the device and prevent malware from connecting out.


ATO   Is the security for phones normally handled by a company's IT department, or an individual user?

Seth  Most of our customers take care of their own device. If a company is larger, then chances are they will have an enterprise level solution incorporating BlackBerrys.


ATO   With interconnectivity between mobile devices and desk PCs we guess that security threats picked up by mobile devices could well be a subtle, relatively unguarded way to attack a system. Do you have any experience with this?

Seth  How interesting you should ask! I just did a bit a research into this and wrote a nice long article describing one way the connected nature of this can be exploited.

Exploiting Systems through ActiveSync - Informit
Exploiting Systems through ActiveSync - White Wolf Security

In summary, as of ActiveSync 4.0, Microsoft has incorporated the Remote Network Driver Interface Specification (RNDIS) into creation of a syncing session between a Windows Mobile device and its host PC. While the implementation of this technology has numerous advantages, it also creates an exploitable situation by which a host PC can be attacked.


ATO   We've heard there's a browser security vulnerability they call "clickjacking". Can you tell us anything about it, and how we can guard against it?

Seth  Well, clickjacking is essentially the theft of your click for purposes that you did not intend. This can take several forms, and be used in several ways.

The easiest way to describe this is to imagine that you are playing an online browser based game that requires you to click a lot. An attacker can take your click action and use it to click on an another item that you can't see.

There are several ways that this can already occur, such as using DHTML and JavaScript to move popup boxes around so they are always under your mouse. The latest version of this, AKA clickjacking, requires only DHTML and I suspect some Flash component.


ATO   What some of your favorite things in life outside your work ?

Seth  Family, kids, racing games, helping people out with their computer issues, and trying to "hack" stuff.


ATO   Thanks for talking to us today, Seth. We are sure that any readers who are interested in mobile security will find useful information on your Airscanner Mobile Security site.

October 2008

Back to top