AT Question

I would be highly surprised if the program of this class would be free, don't count on that, but hope it will be very affordable. It's most certainly worth every penny.

I'm in a process of uninstalling double programs i didn't use for a while to make lots of space for the new DCS invasion.

Healthy outcome? Yes, looks like it


Oops! Edited:
remember the DCS programs are really small as possible, impressive in fact, so there is not really need to make space for them. But there come so many these days from that super active DCS stable, want to concentrate on those in the first place. Making lots of older unused stuff anyway just space-clutters so i better get rid of them and be double happy with the new stuff i do like and use.
It also prevents possible unexpected behavior due to forgotten outdated system files from those oldies.
On the other hand it makes my system a very nice test-case with all possibilities for all kinds of unexpected beta-test options If it runs on my system, it does everywhere, i'm 99,99% sure!

 

Hi All

I for one like to read the debates between software developers
The kernel has always been a way of access to hackers.
Some believe the driver is the way to go and some don't.
I believe Windows XP has done a good job of protecting its Kernel.
I also know as much as many people knock MS, they are now doing a much better job in their new version of Windows coming out. This all comes about with help from the input at these forums from people like Magnus and Wayne. I have tried to steer people to the security forums anytime I can. That saves me the time of trying to explain the hows and whys of security software to each and every one of them.
I have learned much from these forums and am sure many others have as well. Some have even become addicted lol
We all crave knowledge and need to be pointed in the right direction before finding it.
BTW, how’s does TDS-3 and Trojan Hunter play together? I don’t think I have tried that combo yet. I have trailed both so can’t reinstall them again. I would never steer any common user or advanced alike to Linux. At this time.
Mandrake still has a very long way to go on its install program. I am however waiting for the process protection program soon to be released from DCS.
I believe the United States Government’s coders disassembles security software in attempts to create it’s own and uses the very same techniques. Isn’t that a scary movie number 4?
Anyway I wish you all well and keep up the good work

con

- Post modified to conform to TOS.

 

Pointing people all time to the security forums and hoping people find their ways. Often send discussion thread -URLs related to their problem that moment.


Many people can't really decide between BOClean, TH, TDS, even though each might have a special group of customers. Anyway, there are people using all three of them at a time, together with the other imperative DCS tools (of course that's what i know, they'll have probably more) and adding NOD32 to cover the virus part and email protection and it all works perfect together, no matter on which windows version.
From the DCS view we just advice people to look and shop around, use them all three for some weeks --that's what evaluation versions are for-- ask questions and decide then. With the coming TDS-4 family around the corner, certainly wise to wait unless you would decide for TDS-3, as you'll be upgraded for free anyway for one of the TDS-4 family members so better be quick before prices are raising! It could be the new tools fill exactly your needs in a bright new actual revolutionair way.
Revolution not to start a war between developers and users, but against the nasties we all try to protect our systems for. So save your security software coins while happy testing!

 

OK everybody. Just use both TDS-3 and TH like I do. I feel protected, happy, and content. And overlaping protection can NEVER hurt.

 

Well theres always that option

Never thought of that one, and no they dont conflict

 

Not in this sense, XP is the same as 2000 - rootkits are possible, termination of security programs are possible, injection of code into other processes is possible. Really there is always going to be attacks, you cant say Microsoft shouldn't allow TerminateProcess() - if it didn't exist there would still need to be a way for the SYSTEM to shut down a process that isn't responding. Sooner or later, someone with a debugger would find out how, and exploit it..

Everyone who runs unknown code on their machine needs further protection, or to only ever run in User accounts - and to be up to date with Windows Update. Im sure there are still ways to elevate privileges to that of SYSTEM, even from a user account. It still comes down to the simple fact that ANY code you allow to run on your machine should be well thought out - run anything and you could be at risk. This of course includes allowing scripting on a website, and viewing HTML email. And even having ports open like Blaster proved

 

Hello all

Does anyone know if Boclean4.11 can stop this

beast trojan? I have emailed kevin about this but no

reply yet. I'm a little worried about my protection now.

 

Hi paul

Thanks for the heads up.

Not worried anymore.

Take care
snowbound

 

@Paul:

But its not that easy. Tauscan lists Donald Dick as detected, too. But in fact it can not handle it correctly. So don't trust such list.

@snowbound:

If you want I can test if it is able to handle DLL injecting backdoors like Beast.

 

My hand got tired from clicking though all the variants of Beast in the primaries list! Thanks Gavin for adding so many!

 

Hi Andreas Haak

ok, go ahead then post your results.

I'm thinking of changing to TDS. It is a little overwhelming for someone like me but i feel i will be better protected.

Take care
Snowbound

 

@Jooske:
Apart from the fact the question was about BOClean and not TDS-3 here a short test:

TDS-3 was able to identify exactly 5 of this 16 during a file scan (parhaps more using process memory scan etc. ):

Not to mention TDS-3 doesn't have signatures for Beast before version 1.8.

 

BOClean 4.11 with latest updates:
Doesn't detect it.

TDS-3:
Doesn't detect it while Process Memory Scan, but detects it with Object Memory Scan.

 

Wasn't the older name Ulysses 1.72 among others?
(which is in the list). Hope older versions / code are covered with other references.

 

As far as I remember since 1.7 its called Beast. The whole 1.7x family is undetected for any file and process memory scan. But the object memory scan works (but isn't used by most users I know) .

 

Andreas,
Heh, that time of the month again is it? Your "a2" scanner doesn't detect any versions of The Beast or any other trojan as far as anyone here can tell because it's still just vaporware, yet once again you're wasting more time attacking other anti-trojan scanners? All I can say is - at least you can download them, and even if they only have some detection, its better than the zero detection you're offering.

Anyway, back to work. (We only wish you had some to do also, I'd love to have the free time you seem to always have).

PS. Andreas, you're only allowed to evaluate TDS3 for 30 days, yet you've been using it for many months (as your posts have shown), yet you're not a registered customer. Can you kindly explain how this is possible?

 

And instead of asking if I can send you the missed samples you just start another flame . Do your personal aversions have a higher priority than the security of your users?

 

Thought developers were so nice to each other sending the samples without asking zipped to submit@diamondcs.com.au for instance as we're all working on a common goal of keeping internet all secure and a happy experience? Thanks all guys for all contribution to my security too!

 

Andreas *sigh* you have no interest in helping us, youve demonstrated that countless times in the past so dont bother trying to make it look like youre trying to help now, it's obvious enough to everyone here what you're trying to do.

But clearly you don't think current anti-trojan scanners do a satisfactory job of detecting this one trojan, so how about you release a2 and show us all how it's done? Sound fair?

 

BOClean and TDS-3 are the only anti-trojans? *lol*

TH 3.7 for example does a good job cleaning and detecting it .

 

Lying as always Wayne? Kay ...

I am registered (and you defnitly know that) as you can see at the attached screenshoot. A friend of me (Thomas Tietz from trojaner-info.de) bought TDS-3 for me cause I didn't had a credit card. You can easyly check this looking at you selling reports. If you want I can send you the mail from Gavin, too. I asked him for a key for "Andreas Haak" after explaining why I only own one for "Thomas Tietz" and he sent me one .

BTW:
I bought all the scanners I test (Kaspersky, BOClean, Trojanhunter, NOD32, NAV, McAfee etc.).

 

Not exactly. There are a few mail lists for new samples that are used by AV vendors. But in fact you can only participate if you have something to offer (so its more like sharing samples). No vendor will give you samples as a present.

 

I never said or implied that.

In your opinion, but as we also sell our software to corporations and security experts we can't use disinfection methods that potentially violate security policies (such as code injection).

So how about it - put your money where your mouth is and release a2 to show us all how it should be done - let your software do the talking, nobody can argue with you then.

 

You instead recommend using your Advanced Process Manipulation tool that uses the same techniques as TH (injecting code) - so where is the problem?