TDS-3 still the Best !!

Discussion in 'Trojan Defence Suite' started by A884126, Sep 5, 2005.

Thread Status:
Not open for further replies.
  1. A884126

    A884126 Registered Member

    Joined:
    May 16, 2004
    Posts:
    191
    TDS just found a trojan while I was doing a monthly full scan of my machine, even with its old database !
    Trojan that neither KAV, Ewido or A² found. :eek:

    I was going to uninstall it in order to move to another product but in conclusion I will just keep it till our dear friends at DiamondCS release their new product.

    A real true great product.... :)
     
  2. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Hi there,
    Nice to read. With an older database there could be a growing chance for false positives, so in case of doubt, check the file for instance at jotti's or KAV online scanners and in case of no alarms there try it another time after a few days.

    There is not any reason to uninstall TDS because of the detection and other many features it has and the possibilities with some scripting to add more functionallity.
     
  3. A884126

    A884126 Registered Member

    Joined:
    May 16, 2004
    Posts:
    191
    Unfortunately I am not using scripts or the other features. Oh well, no big deal!
    BTW as I said I tried KAV as it is my main AV. No alert. But no time to waste. No risk to take. I just deleted the file :D
     
  4. Mem1

    Mem1 Guest

    Are you sure it wasn't a false positive? I'd be concerned about that if KAV didn't find it - at least submit it to Kaspersky to check before deleting.
     
  5. A884126

    A884126 Registered Member

    Joined:
    May 16, 2004
    Posts:
    191
  6. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    I'm not surprised this happened... can you remember what it was ? one of the <Adv> detections ?

    Nearly all of the major client/server FWB trojans from a while back like Beast, Bifrost, Optix and lots more are detected with generic signatures which will detect even the most modified of variants (in some regards). Its a complicated issue but sometimes even the most technical AV like KAV will miss the trojan because of packing and deliberate obfuscation. Then the generic detections work wonders :)
     
  7. A884126

    A884126 Registered Member

    Joined:
    May 16, 2004
    Posts:
    191
    Actually I did save it under TXT format in order to post it. Unfortunately I realized it has been overwritten by another report. Also I could not get anymore the name of the Trojan. Next time I will make a back up of it.

    I hope that DiamondCS will at least release their new product for Christmas. That will be a nice gift!
     
  8. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    When your scan finished, rightclick one of the alerts and save to scandump.txt. Now, go into that TDS directory and rename that file, for instance into scandump120905.txt so it will not be overwritten.
    Or open the file with notepad and copy / paste the wholr content in your posting or email, wherever you want it.
    Hope this helps for a next occasion.
     
  9. A884126

    A884126 Registered Member

    Joined:
    May 16, 2004
    Posts:
    191
    Thanks
     
Thread Status:
Not open for further replies.