New Action Pack User....

...with some questions.

First hi all,im a semi experianced user of TDS-3 from dsl reports forums.
I have a question or three,

Does TDS-3 need to be running in tray or is it scanning in background already?

I dont see option to "ignore" files found in scan...like my Radmin(remote administrator) folder and its dll,s in \sys32 folder.I know there clean and need TDS-3 to not list it as trojan during full scan.

I had more but ill start with this and when i remember the others ill ask here.

Thanx in advance
love this proggy

 

Hello & welcome iron walker,
You will find Scan exclusions in System testing - scan control - You can exclude the radmin directory.
You are correct that Radmin is safe as I had occasion to use last year & even sent it to DCS foe analysis, it was clean but as you know Radmin does haveTrojanic capabilities
Hope you remember the other questions soon which we will endevour to answer ASAP

HTH Pilli

 

It's amazing how many trojan users seem to just send the RADMIN server and use that on unsuspecting users.

Worse is the many posts there are around about a RADMIN dropper, which is very possible (drop the files, register the service for startup, make the program run hidden). TDS will detect a lot of binders used to create such a dropper, which is a head start in this sort of detection

For TDS-4, I feel it will be best to have a warning on remote adminstration tools such as RADMIN, so those that use the program legitimately wont be alarmed by a detection, rather warned with a detailed screen about the program capabilities

 

I never like to exclude files, at least i would scan all those at a regular basis too, to avoid possible infections.
In fact it should be possible to toggle the exclusions list on and off without losing the exclusions we added before for a next time.

 

Thanks Gavin,
I used Radmin between my pc's due to a broken monitor, it was very easy to use and fast, whereas remote desktop was clunky & slow.
I can understand TDS3 seeing it as a Trojan &, at the time, was very pleased to see TDS3 recognising it as a possible nastie!
J
ooske, Another entry for the TDS4 wishlist!

 

Thanx all!


I actually found the exclusion list option.
I am curious as to weather or not its necessary to keep port explorer and TDS-3 minimised to tray.


I also run script sentry but wormguard actually over rides this.Now that doesnt bother me and i will most likely keep script sentry on and active as backup.
One thing though...wormguard doesnt have "add to allow list" or similar to stop the window alert message from popping up on "known" scripts like my vbs files for coolmon.

 

Hi ironwalker.

I presume Port Explorer has to be running to check on things, not sure, as don't have it yet, or just open it to use it.

TDS. Yes, it must be "running" otherwise Execution Protection cannot operate in "Real Time" and it would only therefore be good for scanning "after the event" so to speak.

Have it set to minimise to Sys Tray and just forget about it, as it checks in the blink of an eye, every executable you open, therefore checks hidden ones like trojans as well if they try to execute without your knowledge.

Wormguard on the other hand runs in the background. Just "install" the protection then close it down. WG4 I believe will minimise to SysTray if wanted, as it apparently will be able to do other things so I have read in forums [or just a teaser].

Cheers, TAS.

 

Thanx ok i have tds-3 minimised to tray and i knew wormguard works in background.
Port explorer,i was just wondering if it alerts me to anything had it been minimised to tray but i found the PE forum and WG forum and have been reading,im sure ill find the answers to my questions.

Thanx