Standalone TDS-3 on CD

Discussion in 'Trojan Defence Suite' started by crazy8, Dec 12, 2003.

Thread Status:
Not open for further replies.
  1. crazy8

    crazy8 Guest

    My goal is to create a known safe CD with antivirus/antitrojan software so that if my system ever becomes infected, I have something to work with (I've had virii before that target specific antivirus products, knocking them out).

    So, what I did was perform a fresh install of Win2k w/SP4 (after gdisking it), then installed TDS-3. I then attempted to copy the TDS-3 folder over to another machine I hadn't installed TDS-3 on and see if it'd work (this has worked on many other programs I've worked with). But, in this case it did not. I found the thread about the required \system32 files and have copied them into the \system32 directory and registered them with regsvr32, however it still did not work. I installed the vbruntime also mentioned, but this still didn't work. I pulled the registry settings I thought might apply and imported them, but still no luck.

    Any ideas? Thanks...
     
  2. DolfTraanberg

    DolfTraanberg Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    676
    Location:
    Amsterdam
    If a Trojan bypasses TDS, there is no use running TDS from somewhere else, because it will still not be detected.
    If you want to secure your security software, use Process Guard ;)
    Dolf
     
  3. zguest

    zguest Guest

    I have already asked a similar question....

    it would be great to have a TDS boot CD. This is because a rootkit will not be detected by TDS after it has been installed (i.e., even a signature update will not help after installation of the rootkit). By contrast, a TDS boot cd with updated sigs would help.

    I have tried Bart's PEBuilder in order to create a TDS boot CD. But it did not work. I believe to remember that I got a .ole not registered failure. In summary, it seems to me that it is the responsibility of DCS to create a boot cd. Maybe this will be possible with tds4...
     
  4. DolfTraanberg

    DolfTraanberg Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    676
    Location:
    Amsterdam
    Process Guard will protect you from rootkits.... ;)
     
  5. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Mostly :) We feel we are no longer in a race with rootkits (real driver based rootkits), they are the ones who are behind. Development of Process Guard is ongoing of course, there is still a lot we want to do in the next few weeks and beyond.

    However :) Hacker Defender 1.0 open source rootkit variants are still many months away, when that source is released and every slaphappy coder has THAT much power over Windows there will surely be a lot of trouble. We aren't too threatened by those rootkits for our customers sake, especially those with a good layered strategy.

    A good layered strategy for internet security.. hmm someone could make a (rather large) book on that these days especially with the massive amount of adware going around. A book too big to print maybe :eek:
     
  6. zguest

    zguest Guest

    @Gavin

    In principle, I agree. But PG does not protect against static injection of loadlibrary. And this WILL come. Therefore, TDS4 module scanner is not superfluous...

    Cheers zguest (will rename to ano1 since i run out of letters ; -)
     
  7. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Nasty trojans will always be around, can be sure about that. Heuristics are the next big angle of attack on them for me ;)

    And now for a coke :D enjoy your weekend ano1
     
  8. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    :doubt: isnt it out already i think i got hit by something that would knock my system to safe mode on xp

    after visting a website

    all this security and i still got hit plus im updated

    had to use goback nothing including back up registry could save me other then goback
     
  9. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Hmm a Blaze special i guess -- didn't it hit you from the kitchen sink when taking all those pictures? (guess many people would love to hire you for something like that!)

    anyway this is what happened i guess:
     

    Attached Files:

  10. crazy8

    crazy8 Guest

    Again, to DiamondCD, I ask. What is necessary to create a Standalone TDS-3? What directory structure, registry entries, registered .ocx or .dll must we do?

    Thanks...
     
  11. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    :doubt:will it could of been the ati driver card mixed with the xp fix

    but im perty sure it a new script cause i reanact everything except the adult site and it work fine

    what i dont get is im fully updated on everything

    so now i have hta and dso on xp

    will dimond registry work on xp? i want that to for extra hard core protection
     
  12. DolfTraanberg

    DolfTraanberg Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    676
    Location:
    Amsterdam
    So far as I know RegistryProt will work on XP, if it doesn't, it can't hurt.
    Dolf
     
  13. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    :cool:way cool thx for the feed back
     
Thread Status:
Not open for further replies.