<Post Edited Out>

Hello Wizardavc,
welcome in the forum.
You might like to read the evolving discussion in this thread
http://www.wilderssecurity.com/showthread.php?t=8490

TDS is not just an ordinary trojan scanner, it's a whole suite with lots of more options, keeping the user in the driver's seat. The resident part the exec protection.
For me TDS is central on my system, starting lots of other functions with scripts from there.
One doesn't have to use all the functions one doesn't want to, one has them all extra and after a while or sooner one learns to use them.

Don't worry, the TDS-4 family will contain 3 separate products, the Pro, a scanner and a guard, don't ask for details as i know nothing more than that till we're invited for betatesting.

Hi wizardavc,
Nice dropping by. You are right, TDS can be as complex as you want it.
It also can be as easy as you want it. If it comes to Internet security there are no programs which you install and forget about it, although TDS comes very close. If you don't want to use all those gadgets, well just don't. With the Execution Protection of TDS you are pretty safe from trojans. But if you are in some trouble you might find it very useful to have all those tools at hand.
By the way TDS-4 will come with more flavors as I understand it. If you think TDS has too many ways of detecting trojans, then realize that you never know what's being cooked and presented next.
If you want to be protected, you should be protected the best way there is.
Dolf

When I first used TDS I found it a little complicated, but after reading FanJ's basic configuration of TDS I no longer think it is. I can now do the configuration without referencing to his thread :) . I think the "complexity" is because trojans in themselves are not as easy to combat as some other types of malware. In some cases they will NEED these feautres that you claim are of no use. And personally I have no problem in putting my trust in the hands of knowledgable people like the DiamondCS team. If they feel an option is useless I am sure they would not have included it. Some people also like being able to configure a lot of the options to see what fits there computer the best. Some like more agressive protection and some feel there isnt a need for it. TDS will cater to both.

The things you put as what an anti trojan product needs is pretty general. There is usually more to it than that. How it deals with scanning the disk and how effective is the monitor is more important than just having it.

I think every user, even general users can benefit from advanced options. It might take some time to read about what these options do but I think it would be well worth it and should be included for everyone's benefit. Most likely these things will be considered in TDS 4 though, as I have read many people's opinions about this. Just thought I would add my own.

Hello Wizardavc, Along with what Jooske and Dollfile have saidl, please run the trial & see for yourself. Not only do you get the best tools for detecting and eradicating Trojans you also get support that is second to none.

Pilli

I don't think it's very complex at all. It doesn't have a pretty interface, but it works. :)

Its ok for an anti trojan product to be advanced and through but you can still do that without being unnecessarly complex. I don't think DiamondCS understands that most of TDS's users are end users with begineer-intermediate knowledge. Look at a product like Tauscan or Trojan Remover, they have a pretty large database, they are fairly through at scanning, good support, reasonably fast, but are not unnecessarly complex like TDS.

I suggest combining Port Explorer and the features in TDS not directly anti-trojan related into a separate product and TDS will be much more simplified and user-friendly which will lead to better sales.

Hi wizardavc, welcome to the Wilders forum, and thankyou for your comments.

You're correct - TDS3 is a very complex program, providing every possible avenue of attack that you can use against trojans, and going where no other anti-trojan program has ever gone. With all that power and functionality it's impossible to hide it all from the user and reduce it all down to a few buttons, but TDS3 is only as complex as you make it.

If you dont use any of the advanced features, using TDS3 is actually ridiculously simple - see this page (http://tds.diamondcs.com.au/index.php?page=easytouse). It explains how, with just two mouseclicks, you can do the two most important things in any anti-trojan program - 1) update the database, and 2) detect trojans in any part of your system.

TDS4 Professional will still maintain the advanced/complex GUI of TDS3, but there'll also be TDS4 Scanner and TDS4 Active, both of which will be very simple to use, and although they'll both be backed by our powerful new anti-trojan engine, they won't offer the extra utilities that TDS3 and TDS4 Pro offer.

Cheers,
Wayne

-{ Quote: " quoting: Wayne - DiamondCS link=board=5;threadid=10582;start=0#msg68857 date=1056336955]

TDS4 Professional will still maintain the advanced/complex GUI of TDS3, but there'll also be TDS4 Scanner and TDS4 Active, both of which will be very simple to use, and although they'll both be backed by our powerful new anti-trojan engine, they won't offer the extra utilities that TDS3 and TDS4 Pro offer.

Cheers,
Wayne

" }-

Ok, thanks for responding. Glad some changes will be made in the future. I am also doing some testing on how TDS deals with compressed/uncompressed trojans and will let you know the results.

That would be a futile test as TDS3 only has unpack support for UPX. We've already developed an unpack engine for TDS4, it currently successfully unpacks most common packers including UPX, PECompact, ASPack, Petite and many more - TDS4 and Wormguard4 both use this new unpack engine (as well as a new unarchive engine, capable of scanning archives inside archives inside archives, with support for many common formats - ZIP, RAR, TAR, CAB etc). However, until those are released, it'd be fairly pointless doing an unpack test now ... :)

TDS4 will become the first dedicated anti-trojan system with a solid unpack and unarchive engine, but it's worth noting that packing a trojan executable may/can only get it around the file scanning capabilities of TDS3, not the resident detection techniques -- as soon as the trojan is running, TDS3 can detect it in a multitude of different ways, including process memory scanning, mutex detection, window detection, to name just a few.

Cheers,
Wayne

Ok, I'll be sure to wait till TDS4. One more question, what are the names of some other droppers besides the ddsetup in Donald Dick that can make polymorphic trojans?

-{ Quote: " quoting: wizardavc link=board=5;threadid=10582;start=0#msg68876 date=1056345856]
Ok, I'll be sure to wait till TDS4" }-
No need to wait for TDS-4, the update is free
So for the best protection, go for TDS-3
I think you are NOT one of those 99% ;D

Tds is not hard to use it can be done in a few simple steps.
step 1 install
step 2 Update

step 3 Enable Excution Protection

Step 4 do full system scan

See not that hard at all.

If you Like i can do it over again in crayon like i would for Mr.Blaze.

If you needed help all you had to do was ask not insult some ones hard work.

TDS can be in-fact very easy to use.

But like you i to was blown alway by so many extra features.

That only makes it better because if i ever get up there and learn more of this stuff i get extra things to enjoy rather then other typical Anti trojan program's that is the same as every one else's.

-{ Quote: " quoting: Open Source link=board=5;threadid=10582;start=15#msg68895 date=1056351855]
If you Like i can do it over again in crayon like i would for Mr.Blaze.
" }-

Hi Open Source,

No need to put down Mr.Blaze.
He is at least as smart as you are. He just hasn't figured IESpell out yet. ;)

Regards,

Pieter

:P

-{ Quote: "He just hasn't figured IESpell out yet." }-

I thought that was due to a conscious choice of literary style, rather in the way of e.e. cummings or Ezra Pound

;)

Open Source forgot an extra refining for the configuration of the scan options.
TDS > System Testing > Scan Control, check every option and slider on highest to the right > Save configuration (you might like to add some refining to the NTFS adds streams stuff and save that too) and scan the beasty!
Thanks O.S. for the images.

For the unpackers: in the Private TDS was posted more about that, among others how to add them yourself to the TDS engine. So if you find them in the wild, read the instructions how to add them.

For all the functions which might at the first sight not seem to be related to strict trojan detection: read the parts in the helpfile about 16 ways (which are now over 20) to smell a rat, and hunting for an unknown trojan.
The network functions like the traffic bridge and TCP Port Listen are very interesting to see what packets are exchanged with your system (so we discovered new variants of CodeRed long ago looking at them, among others).
After a while people discover the many functions and how to keep their systems healthy with them.
On my system i can't use the typical 2k/NT functions, but all the rest is used more or less frequently. The protection might be too good to need them often :)

There's really no problem at all, Wiz. You simply need to look at it more closely. Few people seem to have any problems using it simply as it is, but perhaps you should look for something less challenging if you need to.

will that not true when you first see tds for very first time as a newb you get lost you really do.

but when some one take the time to show you the basic few steps your lke whoaaaaaaa

the tds interface is bulky and a little high end tech

bu what i love about tds makes up for it.

simply the best trojan killer

a tds crew that actualy cares and takes time out one on one to explaine things to you.

almost daily updates most updated program i ever seen.

and great tech support

as a new user of TDS3 I am sure that the team putting this program together would not have included all the `tools` if they were not needed at some time. I have a few tools in my garage which I only use perhaps once a year, but I still need them.

Hi Tutankamon
When i look around at handy tools i see them often already included in TDS, PE and WG, so if users find something else handy and post it to the "wishlist" these features might get included in one of the three or in a nicer way fitting the DCS line in some other tool. But none of the big tools are bloathed with functions we would never use; think it's a very useful suite.

:D i requisted lots of stuff and im sure at least two things have been granted on my wish list

1. was worm guard telling me no worm found same with tds no trojan found ful confirmation

2.that tds will now tell you exactly what has changed in auto start registry you know that really anoying warning

i asked that they included a real check like trojan check 5 in the free tool section at wilders that gives you a ful read out of whatactualy has changed

im perty sure they added this two things

I agree with openSource.
TDS-3 Updates are basically a one-click task in the registered version.
A full scan is easy to do.
These two tasks cover the basic necessities.Always update and a full scan periodiocally is a good idea.

The Scan configuration is not hard to use either.
There are lots of scan options and TDS-3 startup scan options as well.

Tools:
Maybe there are more tools than an average net surfer would use.
The fact that they are available is a huge bonus in TDS-3 IMO!
I use quite a few of them myself and I appreciate the ease of using port-related scans for an example.
I don't use all of the tools.
But it is reassuring to know that they are right there in TDS-3 if I need them!

It's true that TDS-3 is as complex or easy as you want to make it.
That's where the support and helpfiles come in very handy. ;)

Wizardavc does have a good point there, but like Wayne shows, only 2 clicks are needed to do what all those other Trojan scanners do (Make that 3 clicks if u do not have TDS on auto start :P). And what about TDS start at windows startup? I can only count 0 mouse clicks there (I miss a TDS command line option for a full system scan though)!

I think all the extras, advanced features, the help and information that is included, give the user a perfect way to learn more about the matter. Everybody knows that awareness is a necessary.

I could "accept" an extra (desktop) shortcut to be added for the more simple users that will start TDS doing a full system scan and maybe even an automated cleanup. But I am very sure Wayne will NEVER become so naive to remove all these extra's to end up loosing the competitive edge that TDS has now.

MANY years ago I fell in love with this baby; it would break my heart when she would loose her diverse, interesting and hot character. You can even dress her up pretty with the bar graphics (where are they anyway Wayne? ;)). Or you knit her a dress yourself!

Do not forget that the professionals are the ones that the more simple end users take advice from! Me personally never had ANY complains from my clients! Every single one of them has been VERY interested in the advanced features! And thought I love teaching them how to find answers by using search engines it just isn’t as efficient as a short demonstration or a few clicks in a help file.

Some of the (rare) features are surely not always used to defend against Trojans but they are great additions that make TDS a VERY powerful tool!

I felt like making a new thread; Why TDS is for 100% of PC users and what DiamondCS should do...

-----functions that i miss in TDS-----
About the tcp scanner, i prefer superscan (or nmap). Please take a look at that one Wayne, maybe it can inspire you a little. http://www.foundstone.com/resources/proddesc/superscan.htm

Bridge and port listners,
CommView and Essential NetTools Both have rare features and functionality that i havent seen in any other SMALL software packs/tool. These are both not at all of any use in defending against trojans but both are very usefull when one wants to find out WHAT the trojan does, what is send to the attacker or WHO the attack is. Now i personally wouldnt advice people to execute a trojan but this sure beats a sandbox. All u need is a bogus box which you infect, let the attacker do what he wants. And filter change the passwords or information you want to protect.

http://www.tamos.com/products/commview/
and
http://www.tamos.com/products/nettools/


Blackice from network ice also have some features that might fit in with the complex TDS ;D.
-The intrusion detection which logs and lists incomming events.
-Event info linking to an online database. Includes advice, what it means, what to do, risk levels and so on.
-Packet logs and evidence logs.

http://blackice.iss.net/product_pc_protection.php
A (flash) demo:
http://blackice.iss.net/demo.php

Of course these all are not fully anti trojan related programs and do not do what TDS does. Still i would not mind to see some of the features to be added in TDS!

P.s. Please do not make the TDS installation 50mb ;)

:D personaly what needs to be done is stuff like fan j and open source post click here click there done now this is what it does

i dont like high end talk lots of picks are a must

you know those guys at gav that made the gav manual with like 42 pages of easy to do stuff with lots of pics

you should get the gav team to do a tds full manual

if you dont belive me check out there pdf gav manual

thats how tds should be done with newbie in mind

-{ Quote: " quoting: Mr.Blaze link=board=5;threadid=10582;start=15#msg76462 date=1059459996]
:D personaly what needs to be done is stuff like fan j and open source post click here click there done now this is what it does

i dont like high end talk lots of picks are a must

you know those guys at gav that made the gav manual with like 42 pages of easy to do stuff with lots of pics

you should get the gav team to do a tds full manual

if you dont belive me check out there pdf gav manual

thats how tds should be done with newbie in mind


" }-


Lol... good point. I think we all can easily say "do this, do that, add feature X, hire guys Y". I feel a bit bad to post links and bring in so many idea’s while I know the team is already very busy. TDS still is a one of its kind. It can only grow and the team should do and make what they feel is best. I wish I had more time to support them instead of publicly criticize their work.

But is happy, no fundamental arguments have come up yet for NOT buying TDS!

I can’t wait to see TDS-4… and I hope to see diamondcs grow, grow and grow!

(Moderator please feel free to edit my posts as needed, I am new on the forum and I am not aware of the forum policy.)

One more comment:
Please DO compare the prices and effectiveness of TDS compared to the packages I mentioned above ;-). GO TDS!

Hi ICQ, welcome to the DCS forum too!
Thanks for the links, i'm sure Wayne and team knows the programs and what exactly you mean in those products.
I wondered what the 6000068 stands for? ICQ downloads?


Blaze for the TDS manual, somebody printed it and came over 300 pages, and it is very comprehensive, images, everything is inthere, with a quickstart, and more.
It does not have a copy of my msagent quickstart script which has Genie pointing the buttons and telling what to do for your first scan. Is somewhere in the forum here.

-{ Quote: " quoting: Jooske link=board=5;threadid=10582;start=30#msg76464 date=1059461958]
Hi ICQ, welcome to the DCS forum too!
Thanks for the links, i'm sure Wayne and team knows the programs and what exactly you mean in those products.
I wondered what the 6000068 stands for? ICQ downloads?" }-

Yes true hahaha, i made it look like i thought they dont know the software. But of course they do know it ;-).

iCQ... well... u know... everybody has a nickname these days when they are online. I use(d) icq a lot, to chat.. make friends, on the job and so on. I really like the icq IM program. I also play quite a lot online games... and i needed a short simple nickname that would be easy for people to remember and type in (in game chat). And i wanted it to be easy for people to find me back after a round. So i decided to just use icq 6000068 in games. So they know where to find me on icq. I couldnt use an email address since many games do not support the @ symbol in a nickname.

6000068... that is my icq number... but its also my phone number <removed for privacy reasons>. Everybody hates to remember icq numbers and phone numbers... so i tried to make it a bit more easy for people. A long time ago i had the nickname "The Extricator" but lol.. i hardly seen anybody type it in ;-).

Jooske... u know that that is a dutch/fries name?!

-------EDIT------

Och i just took a look in your profile and hahaha... ur dutch! Hmmm... haven't we ran into each other before? I remember a 'joske' being into similar... bla bla bla... can't be you... if it is... pffffffffffff (no further comment ;))

Now you make me curious and please do that part in the IM here. I'm not Joske but i'm named that a lot so... don't know i'm not overrun by people a lot, so details in the private IM please?