I just got TDS-3 and ran a full system scan and was wandering if its suppose to take real long like it did with me. When i run trojan hunter full system scan its a looot faster than tds. Whats the difference why does it take longer ???
thanks

TDS-3 does take longer than Trojan Hunter to do a full system scan.
I use both programs also. ;)

I'm sure that someone with more knowledge about how TDS-3 works specifically will be along to answer your question.

I personally don't mind the longer scan time at all.

Welcome Blazin!
All depends on configuration, windows system, system speed, what's on it, which windows version you're using, if you checked all options to look even for trojan clients (editors) and worm slider on highest sensitivity, memory space scan, deep analysis for the NTFS streams, etc etc etc.
If i just do a quick scan for just the logical drives and not inside archives and memory and all those heuristics i can be ready in short time, but i'm used to go to the deepest, everything checked, highest sensitivity, also looking for eventual editors etc etc etc Then it depends of course on the engine used, how it works:
if you use a taskmanager like Faber Toys or other nice tools posted in the forums here frequently you see TDS is scanning multy threaded, the Full System Scan is trying to use as much CPU space as possible during that process to speed up the deep scanning: we do know that is the heaviest process and for this reason during that it's advisable (like with most scanners) to close unnecessary programs to give it as much space as possible.
I don't mind if another scanner is quicker, for me the result counts in the first place.
I see that with the online scanners too: some are ready in no time and others if you let them take hours!

On scanning any given EXE file, TDS could be running through MANY routines for detecting modified versions of powerful (popular) trojans.

While some might think it is easy to detect trojans, often there are recompiled private versions that only the trojan writers friends have copies of.. when it comes to any popular trojan we do some further analysis to add increased detection where possible. Just see this page for an example.. we cant put up 5 million screenshots, so I took a new version of SubSeven that had just been released, and a modified Optix Pro server (would probably be undetected to other scanners)

http://tds.diamondcs.com.au/web/bigscreens.php?screen=Detecting%20Trojans

And the Screen shoot says again "Good afternoon Gav" ;D
Yes, Hello TDS ;D

*lol* :D

Nice, so you see it is an original!
I see something more i'll IM Gavin about.


Michael, i really love TDS saying something nice. I remember in all the terrible shocks and confusion from 9/11 it was only that familiar little voice in my system with the friendly words i have heard thousands of times, all the rest of the world was upside down and so ... ah you know, just that little voice calling my name and asking for bites of my lunch or to add a break on the to-do list, etc... Great feature!

thanks for all the feedback it makes sense :) im starting to like tds a lot but theres also lots of tools in it i havent tried i want to. Since im using the evaluation version whats the limitations of it ? does it still detect as good as registered version?
thanks

You can't activate "Execution Protection" in the trial version.
You have to manually download the updates,in the registered version you click a button to update.
Those are the limitations that I remember from when I had the evaluation version.
If there are other differences,someone from DiamondCS or one of the expert users will have to answer that question.

You're starting to like TDS-3 a lot?
It is a fun and educational program. ;)

Some of the more experienced/knowledgable TDS-3 users are very helpful explaining the tools and TDS-3 in general.

Thats about it in real evaluation limits

Cant load SS3 scripts larger than 5kb, cant use the #INCLUDE variable.. see the back of the help file, registration area for limitations :) This may be out of date unfortunately :(

For detection, nothing. Trojan removal restrictions ? nothing.

One limitation is the limitation in time, as registered versions are licensed without time limitations, only the time you need yourself to add to your sleep list, and yeah, the 5kb scripts loading is a limit so you can load several of the example scripts including the UserSubmitted ones (don't forget to try the InnerPeace scrip!) but you can't run for instance the fabulous Screx script (which needs to be extracted in it's own Screx folder but then still is over 5kb), so the registered version adds to your usage only limited by your own imagination.
And registered users are part of the Licensed TDS Operators Family, with extra access possibilities to that special restricted area in the DCS forums on their site (see URL in my signature).
So there are a few restrictions in the evaluation version.

Hello Blazen, I usually do a full system scan weekly, usually when I go out for the evening. Use the on demand scanner (right click on the target file) for downloaded files. Have TDS do a start up scan - Configuration - with all the Initialisation & Start up scanning boxes enabled, If you do not have an NT based system disable the "Boot TDS process priority NT".

HTH Pilli

Hello,

-{ Quote: " quoting: Pilli link=board=5;threadid=9289;start=0#msg61711 date=1053420638]Use the on demand scanner (right click on the target file) for downloaded files." }-

Could you please specify this a little bit more concrete? A screenshot would be nice of it, because I have no TDS-3 command when I right-click a file... :P

Regards,

Patrice

In Windows explorer > rightclick on a file or folder > scan with TDS

Might be you need to edit the registry for proper install of those functions. Others disabled the "scan" for EXE files for instance. Just what people like!

Hi Jooske,

you can only scan folders, not files. Is that correct?

Regards,

Patrice

Possible, you can edit that in the registry, think somebody ever made a very nice script for that, in the private script forum if i remember well...... and one other to get rid of the scanning exe's .... lot of digging!

Sorry folks, I should have said directory ::)

Hi,

-{ Quote: " quoting: Pilli link=board=5;threadid=9289;start=15#msg61767 date=1053437354]
Sorry folks, I should have said directory ::)
" }-

We will NEVER EVER forgive you that! ;) LOL ;D

Hey Jooske, could you find this out for me. I would love just to scan one single file with TDS-3. I wonder if they implement this function in TDS-4... ::)

Regards,

Patrice

I don't know about you guys, but I sure can scan single files with TDS-3. And no registry hacks done to achieve it.

??? ??? ???

Now I really begin to wonder... Why the hack don't I have that as well? Anyone else who has the same problem like me? Jooske? Pilli?

Greetings,

Patrice

what are these scripts your talking about making and stuff ? what are they used for

I messed up my registry when i installed during testing TDS from the one computer on the other via the network. So this means when i want to right-click scan anything the TDS on the other computer is started to scan the file on this computer. I'll correct that some day back again!



Blazin, in TDS > SS3 > Load Script , you will see lots of example scripts. In fact you can do anything wiht them you want, you can write scripts, play other people's scripts and the examples, you can make whole movies, presentations, build databases, emulators, in the registered version you can use the Screx script to emulate trojan servers, you can make it a desktophelper, in the registered version you can play the CokeMachine script with msagents and voice commands, use it as a jukebox, there are no limits, only our imagination and knowledge of scripting. We learn, all together.
In the private (licensed operators only) part in the DCS forums is a whole part about it.

As you can produce speech, sounds, colors, start other applications, music, you can do really everything with it.
Have a script when you call your computer remotely and the script is started with your IR to start your magnetron and when home your dinner is ready, or put a timer script have it Cuckericooo you awake in the morning with fresh coffee and your emails and morning paper collected, etc. Let it pick up the phone for you and send autoresponses, or have it dialing you local store to have your fridge filled.
What the scripts are for? hmm among others these things. Oh and you can build your custom browser in it. I use it at times if i get into problems after another IE security update.
And don't forget TDS is for security in the first place, but it has so many more options!
TDS teaches to be very useful and security can be so much real fun!

Hello all,

this is the solution to all those who can't scan a single file with TDS-3:

You need these three registry entries on your system (Start -> Run -> Regedit):

[HKEY_CLASSES_ROOT\*\shell\Scan file with TDS-3\command]
@="C:\\TDS3\\tds-3.exe -scanf %1"

[HKEY_CLASSES_ROOT\Drive\shell\Scan drive with TDS-3\command]
@="C:\\TDS3\\tds-3.exe -scand %1"

[HKEY_CLASSES_ROOT\Directory\shell\Scan path with TDS-3\command]
@="C:\\TDS3\\tds-3.exe -scand %1"

Especially the first one is the one which is responsible for that TDS-3 scans a single file.

Hope that helps you out as well as it did for me! ;)

Best regards,

Patrice

P.S. Don't forget to replace the above mentioned path with the one which is correct on your system (TDS folder). I'm not responsible for any BSoD or system failures if you change the registry on your computer!

hmmm Patrice, I, like Tullilapsi, have always had thatright click option on single file without registry hack.

Hi Tassie_Devils,

I believe you, but I have written this for those who doesn't have this possibility. I think it's because I updated my version to version 3.2.1. Those of you who installed directly the version 3.2.1 won't have this problem I guess. ;)

Regards,

Patrice

You never answered if you have any registry protection / blocker which might have been up while installing TDS.

Hi'ya, :) Just thought i'd add to the confusion...LOL...but on my Win98se, i have the right-click option to scan with TDS-3 for folders, but not individual files, nor anything on the desktop. Now with my XP-Home, i have the option to use the right-click scan with TDS for folders, files, and everything on the desktop.

i am still using the TDS-3 version 3.2.0 (registered) on both pc's. Not sure if the right-click option is there for WinME....i didn't install it on the WinME. But i don't use the right-click to scan with TDS-3 only because it does take a bit before it goes through the scanning of the Processes before it gets to the one item i want scanned.

regards,

snap

Hi Jooske,

-{ Quote: " quoting: Jooske link=board=5;threadid=9289;start=15#msg62093 date=1053506074]
You never answered if you have any registry protection / blocker which might have been up while installing TDS.
" }-

Sorry, I didn't realize that you were asking me before! :o I hope you forgive me that!

Yes, sure I have a registry protection installed. The one from DiamondCS -RegProt. But I don't think this was the problem... Nevertheless Dan showed me how to solve this problem. A little registry edit, that's all. ;D

Best regards,

Patrice

On WinME it works all properly too, i can scan all kinds of files and extensions, exe, also on desktop.
What i see it doing: if i click to scan an icon on the desktop, it scans the exe it's pointed to.

Patrice, looking forward to the next AutostartGuard (still in the build) working beside AutoStartViewer.

Well I found the answer to why mine never scanned sigle files.
The original TDS reg entry was C:\TDS3\tds-3.exe -scanf %1
So adding the two back slashes to C:\\TDS3\\tds-3.exe -scanf %1 & all is OK. Strange thing is that the first entry was made by the TDS installer & I had no reg protection at the time so I wonder if it is an XP thing?

Works fine now ;D Well done Dan!

Hello Jooske and Everyone

Is it possible to set the options on TDS3 that upon right-click all the processes are not scanned but just only the single file or folder highlighted?

Hi QSection,
your question confuses me?
If you go to windows explorer, dig for the file or folder you want to scan and rightclick on it, only that file or folder is scanned.
The processes and their components, dlls, exes, etc are all scanned in the startup scans if you configured so via TDS.
In the system testing via the Disk\File scan you can choose for a folder, directory, drive, partition to be scanned.

I think you mean via the process list > double click a process to see the components and now you want to have only one file, dll whatever to be scanned, in stead of all the modules, right?
You can scan all those modules and look at each individual file, but at the moment not from there scan only one. Not sure if this is implemented in TDS4.

You must have STARTUP scans enabled. So either turn those off, or once TDS has loaded once leave it running and when you right click TDS wont start up and scan, it will already be running ;D

This is an interesting thread, i must say!
I can scan single files with my evaluation version (3.2.1.) without changing the slashes in my registry mentioned before.
I have one simple question though: when tds3 is ready with the san it states: ....files , 0 alarms in 622,8672 sec avg 29,33 files/sec. What is the worth of these figures? Is it slow or fast or is there nothing to tell? I let tds3 scan c:

Hi Hendricus, The full scan is CPU intensive & probably only required once a week. Your scan rate looks similar to mine. Not a lot of good really but at least it shows that TDS is working :)
If you have any problems they will show in the a scanner box which opens as needed, right clicking on qany problems will then show a menu for actions.

HTH Pilli