Execution Protection , one more time

Discussion in 'Trojan Defence Suite' started by sflag, Feb 27, 2002.

Thread Status:
Not open for further replies.
  1. sflag

    sflag Registered Member

    Joined:
    Feb 11, 2002
    Posts:
    10
      Hello  ,

      I  am a new user of TDS3 and I have some very basic questions to you :

      1) When I check "install / execution protection" I must close or minimize TDS3 to continue protected by Ex.Pro ?

      2) After a reboot , unless I have checked " start with Windows " , I will have again to "install/ex.pro" , isn't  it?

      3)With " Ex. Pro." installed  I have a kind of on-access  program(resident) . If I also have installed other AT , with different approach regarding detection of trojans  ( BOClean , TrojanHunter or PestPatrol ) , I will  have conflicts running both of them resident ?

                Thank  you  ,
                                       sflag
                                 
       
     
  2. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Hi sflag,

    Closing TDS will close the software, and thus execution protection. If minimized: correct.

    No. execution protection will be kept installed. When using TDS as an on demand scanner (that's what you describe) you can easily check this by starting up TDS manually, and have a look at the GUI from TDS.

    If TDS is configured to start from boot: correct.

    In general, it is not recommended to run two ATs resident to avoid conflicts - and there's no need to do so neither. PestPatrol has no resident running capacities,  BOClean will act as soon as a trojan(server) tries to activate in memory, and as forTrojanHunter, it's the Guard part that's relevant.  Personally, I would recommend running TDS resident, and others on demand.

    regards.

    paul


       

       

     
     
  3. sflag

    sflag Registered Member

    Joined:
    Feb 11, 2002
    Posts:
    10
      Hello , Paul

      In  summary  :  install Ex.Pro. > check to start from boot >

                               always minimize TDS3's GUI   =  Execution

                               Protection will ever be running on-access  
                               
                               with TDS3 's  logo  appearing .
                         

         Thank  you again ,
                                     sflag
     
  4. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    TDS-3 does not need to be started from boot for execute protection to be used, but execute protection won't be on until you start TDS-3.

    I shut down TDS-3 and start it back up again often, and execute protection always comes back on.

    I run NOD32 with its resident scanner AMON alond side TDS-3's execute protection with no problems.

    I will add that using a plethora of anti-malware programs at once quite often causes more problems than it solves.
     
  5. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    UNICRON,

    Just wondering: in case TDS isn't started from boot, wouldn't there be a possibility payloaded malware being executed? If so, starting TDS up on demand would in effect be too late.

    Thoughts?

    regards.

    paul
     
     
  6. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    Yes Paul, since TDS-3[glow=teal,10,1000]MUST[/glow] be running for execute protection to be running, booting with out TDS-3 means you are without this protection. But, if you then start TDS-3 afterwards, execute protection is started.

    I just don't want anyone to think you have to restart your machine to get execute protection on if you had to close TDS-3 for any reason.
     
  7. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Thanks!

    regards.

    paul
     
Thread Status:
Not open for further replies.