gotta love tds :)

Discussion in 'Trojan Defence Suite' started by akcom, Jun 11, 2003.

Thread Status:
Not open for further replies.
  1. akcom

    akcom Guest

    Just have to say, as a programmer/hacker, I absolutely love TDS, everyone who knows anything uses it, its memory search is great, and defeats the purpose of 99.9% of all packers. You guys are definately the only choice, but I think that ya need to do 2 things to make your product more marketable (this is obviously just my, someone who knows next to nothing about marketing, opinion).
    a) make it more user friendly/automated
    -Norton is useless and takes no effort to defeat, but it is extremely popular, why? it looks "pretty" and gets deals with big companies to use/promote their software
    b) "get it out there"
    -I think even just a few nice looking commercials/ads on tv would get ya guys a lot of publicity, just get your name out their, then they might review it in pc mags ect (though I do believe it was rated in pcmag a while back)

    thats just my humble opinion, btw (you probally hear this a lot) when is 4.0 comin out? I can't wait :) (I'm actually going to pay for it :))
     
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Yep, We love it to and hopefully both of your comments will be addressed in four :D
    BTW Hacker? I hope in it's real meaning & not cracker ;)
     
  3. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Hi Akcom, i agree TDS is impressive and i'm glad it is.
    I am very happy a lot is not automated so it keeps me in the drivers seat to act and decide.
    The possibility to add own written scripts or working on them as a group via the registered users only parts in the private TDS forum is fabulous and enhances the limits of TDS usage beyond imagination, with which you can make it the center on your operating system.
    Together with WG and PE a real security center, especially with addition of the ASViewer and APM tools.

    You might know about the policy for registered members will be upgraded to TDS-4 for free, so no reasons to wait in any way.
    Who knows as a programmer which your own contributions might be (DCS is always open for fulfilling wishlists where possible f.e.)
     
  4. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    Wormguard 4 and TDS-4 are being worked on a lot, they both share common technology like unpacking engine, script and database engines, etc. We listen to all customer requests, a lot of them are very good ideas. :)

    A "new" TDS-3 might be out soon though because register.exe is obsolete since we moved ISP's and we need to change it. There is a few more things added though to the "new" TDS-3 that might be worth the look for old TDS users.

    -Jason-
     
  5. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Akcom is a trojan author, so at least its good that the authors praise TDS. We have TDS-4 in preparation of course which is going to be so many times better than the current version it should almost have a new name :)

    As for the current version of TDS, yes we are also going to release it soon as 3.2 Final. This is just a repackaged (smaller) TDS 3.2.1 and will be released probably tomorrow :) Current users shouldn't really bother updating, as functionality isn't really changed, only the package. Although there is a proper right click context menu item now, complete with TDS icon :D This was to cater for special shortcuts such as the MS Office toolbar, and for unassociated file extensions becoming associated with TDS.
     
  6. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Will this mean current users who do bother to update to uninstall TDS-3 completely and reinstall or is it possible do do it over the existing one (an update package) ?
     
  7. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    :Dyup tds is great and is the best at what it does alot of love and hard work when into it

    you can tell alot about the programers by the way they created it

    im currently waiting for tds 4 so i can become a reseller or it least help newbs with it

    get some cash and make a web site for it with my style

    dont want to comite to anything untill i see tds 4

    and mainy dont want to recomend it to all the ladys i know at sos not just yet

    reason why is i dont want to go on saying this and that and have them get use to it only to find out in two weeks they have to upgrade to 4 and start all over

    jooskey my frind lol who i keep misspelling her name tells me to make a web site and resell

    but honestly it not about bling bling tds is the best siply put

    boclean is the best add on

    and gav does so much extra

    perty soon i fully whist to replace my norton with gav

    ive looked at gav and how it works and it is a future step espechialy with major unpack power

    useing gav tds and boclean is the best will for newbs

    thats just my personal newb prefrence
     
  8. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    You will need to completely uninstall any other TDS installation you have before installing this one :) .

    -Jason-
     
  9. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Anyone who manually or otherwise added Scan with TDS-3 registry entries to HKCR\*\shell or the Drive and Directory keys can remove them of course, this is definitely the final release before TDS 4.0.. which has unfortunately taken longer than originally expected to perfect :)

    There will be ongoing development but the base platform needs to be carefully designed considering today and tomorrows trojan environment. We recognise this and hope other vendors think carefully about it too - especially the future. Some we know do for sure and trojan authors will not win the battle for users machines we dont intend to allow that to ever happen ! :D
     
  10. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    BTW Jooske,

    I uninstalled, but left my TDS folder intact. Then removed a few logs and other things, a scan log.. could remove everything really :) Deleted the old registry entries, if you installed 3.2.1 then uninstall will remove them. You will probably want to do this as I know you have a lot of scripts sitting there.. :)
     
  11. akcom

    akcom Guest

    @Phili no worries, not a cracker :)

    @Gavin I'm (hopefully) moving on to smaller and better things that will hopefully give ya guys a better run for your money ;)

    @Jooske While yes, I do believe that putting the above average user "in the driver's seat" it a great idea, making this product easily accessible to the common user while still retaining the more advanced settings (just an advanced settings dialog/tab/ect) would greatly enhance TDS's marketabilty along with its recognition. As much as I hate to admit it, user friendliness (I'm sure I spelled that wrong) really can make a user's decision about whether they dislike or like a product.

    btw, Im not too familiar with PE decryption/unpacking upon runtime, but wouldnt an unpacking engine be trivial when combined with TDS's mem scanner?

    Also, (something I just recently found out) win9x supports a slightly hidden but fully functional CreateRemoteThread, have you ever considered implementing hooking to premptively stopping a user from executing a file? (not sure if you already do)
     
  12. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Ohh you should run the registered version with exec protection installed!
    Give it a try!
     
  13. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Cheers Akcom! I think the new versions of TDS4 will take care of the perceived newbie marketing problem ;)

    Gavin, Thanks for the info' - think I'll leave mine as is, as it is very stable on this XP pc ;)
     
  14. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Joined:
    Jul 19, 2002
    Posts:
    1,533
    Location:
    Perth, Oz
    Why write a trojan that'll give us a run for our money? Why not write some productive, useful software, that will run you some money? :)

    Either way, it'll take you quite a while to write a trojan, it'll only take us a matter of minutes to add detection ... :)

    Process memory scanning can only be applied to running processes, so although it's great for detecting live trojans (even if their executable is compressed), it can't be used to scan files that haven't been executed. The unpack engine we've developed for TDS4/Wormguard4 allows the engine to scan for trojans inside packed executables even if they're not running, so even if a trojan has been packed, TDS4 will tell you what trojan it is and what packer was used, before you ever run the file.

    We're using a driver (VXD) to intercept file execution under Win9x, there's a few issues we need to iron out but it should be ok to go. Likewise, we're using a .SYS driver to intercept execution under 2K/XP, so it's a very powerful and low-level technique.

    Cheers,
    Wayne
     
  15. akcom

    akcom Guest

    @Gavin already working on some legit software :) (business oriented messaging/file transfer w/ encryption and some other neat features)
     
  16. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Sounds good Akcom, very helpful software by the sounds. Found out the remote desktop /access in that area is a growing market, hopefully without too many vulnerabilities.
     
Thread Status:
Not open for further replies.