When will TDS add detection for "Worm.Win32.Cocoazul.e" discovered on 01/20/05 and "Trojan-Downloader.Win32.INService.ab" discovered on 01/22/05? It's the 29th of January 2005 and as of right now TDS can't detect either of these. Is it that TDS is not aware of them or they haven't found a way to detect them as of yet? What's the deal? I have antivirus programs and also another standalone anti-trojan program that detects both of them. They are not false alarms... They have been confirmed by several companies. Long story short... I purposely "fish" for trojans etc. to see how good a program is. No offence, but IME, TDS is not what it's made out to be and IMO it's too complicated of a program. I would much rather have a program be simple and have top notch early detection rather than have all the extra junk that's in TDS. I hope this is taken as constructive feedback.

Best thing to do is submit a .zip file containing the infected files to submit@diamondcs.com.au and I am sure if they are valid TDS will soon detect them if it doesn't already.

Hope this helps,

Chris

No offence, but IME, TDS is not what it's made out to be and IMO it's too complicated of a program.

Would you like to make an alternative suggestion?

-{ Quote: "No offence, but IME, TDS is not what it's made out to be and IMO it's too complicated of a program.

Would you like to make an alternative suggestion?" }-


I already have. Maybe you missed it? As I said in my original post... "I would much rather have a program be simple and have top notch early detection rather than have all the extra junk that's in TDS. I hope this is taken as constructive feedback."

IME, TDS is not detecting verified trojans and when it does, it's late in the game.

Sorry, what I meant is : Would you like to name/recommend an alternative program that does the job better ;)

-{ Quote: "I purposely "fish" for trojans etc. to see how good a program is." }- What is the purpose of your post? To be constructive please submit@diamondcs.com.au and if it is a bone fide Trojan detection will be added. Cocoazul.c is in TDS3's primary list and I suppose this .e is a new variant.
To properly test an Anti -Trojan scanner requires a lot of work and a professional methodology. Picking one Trojan and saying that the program is not good because it does not detect one sample is not particularly constructive. I am sure that you could do the same for every Trojan scanner that is available.
Regarding TDS3's other tools many people find them useful. TDS3 puts the user in the driving seat and is not a set it and forget backround scanner that may suit you better - BoClean being a good example.

Pilli

-{ Quote: "Sorry, what I meant is : Would you like to name/recommend an alternative program that does the job better ;)" }-


I'm not sure if naming an alternative product(s) would be well received here. Let me just say that after looking over your posts... if what you say is true then you already use a standalone anti-trojan program that I like. Even that program though can't compare to good antivirus when it comes to detecting trojans. If I could only use one program it would be Kaspersky. It covers all bases and that includes trojans. It's not the most pleasing to the eye and it's not the fastest scanner out there, but IME over the years it excels above all others where things really count... detection. It also has updates every hour 24/7/365. To the best of my knowledge no one else does that. I see you like NOD32... IME not only did Kaspersky do a better job than NOD32, but Norton AV did as well... believe it or not. I was very disappointed with NOD.

Most of us here use a layered defence, I too use KAV as my main AV scanner on this PC but no AV AT system is 100% and it is always good to have a second or even third opinion.
I would name all of the well known scanners as each one may suit different types of users but comparisons should be made in the more general forums. You will find many there already :)
None are perfect and can never be.

That is why I prefer prevention rather than cure using a good firewall and tools such as ProcessGuard, System Safety Monitor, Prev-X and RegRun, again these are discussed elsewhere on Wilder's forums.

Pilli

Pilli,

You obviously took offence despite me saying no offence in advance. I even said I had hoped this would be taken as constructive feedback. Personally I like it when someone brings things to my attention that I can use to improve on. I'm very sorry you were offended. Can we :-* and make up? ;D

j/k Have a good day.

P.S. BTW, I'll wait and see if TDS eventually adds detection for these that are currently going undetected. If detection isn't added soon I'll submit them if I don't forget. I can assure you they are legit. Personally I feel that 9 days in the wild is plenty of time to add detection. TDS should be detecting keyloggers as well correct? If that's the case... well it's also missing some of those that are several months old.

Pilli,

If you use KAV and have it updated then you are covered by the 2 I mentioned in my original post. KAV had detection for them almost immediately. It's an amazing program/company IME. I like you also believe in taking a layered approach... having more than one AV, more than one anti-trojan scanner as back up to the AV, firewall both hard and soft, etc. but you have to draw the line somewhere. Too much of something is not a good thing. You have to narrow things down IMO.

-{ Quote: "You have to narrow things down IMO." }- True, unfortunately the malware writers do not take the same view, though I am sure they love the simple approach made by the majority of users! :)
It is very difficult to draw a line as that line is a moving target.
If you are a careful surfer and use restricted beowser settings and even better use something like Firefox then you limit your chances of infection also, if you do not use P2P and never open dodgy attachments or downloads.
Unfortunately it is far too easy for the casual user to be sidetracked from these precautions.
If you are a more adventurous surfer then the risk is much higher, especially if you visit blackhat sites, warez etc. and inadvertantly dl and run a rootkit for instance - all your other defences are useless unless you have something like ProcessGuard which prevents .exe's from running & even if allowed to run stops driver /service installs without explicit permission.

So for me, my basic security setup would be in this order of importance:
All OS security patches.
Router - Software firewall - ProcessGuard - AV /AT, Javacools tools and Giant (MS now) resident, with second opinions by AdAware or Spybot.

-{ Quote: "I'm not sure if naming an alternative product(s) would be well received here. Let me just say that after looking over your posts... if what you say is true then you already use a standalone anti-trojan program that I like. Even that program though can't compare to good antivirus when it comes to detecting trojans. If I could only use one program it would be Kaspersky. It covers all bases and that includes trojans. It's not the most pleasing to the eye and it's not the fastest scanner out there, but IME over the years it excels above all others where things really count... detection. It also has updates every hour 24/7/365. To the best of my knowledge no one else does that. I see you like NOD32... IME not only did Kaspersky do a better job than NOD32, but Norton AV did as well... believe it or not. I was very disappointed with NOD." }-

Well, to complain so much, about those top programs like TDS and NOD32, how about you sell your computer and buy a IMac ?