When will TDS add detection for these?

Discussion in 'Trojan Defence Suite' started by BlackHawk1, Jan 29, 2005.

Thread Status:
Not open for further replies.
  1. BlackHawk1

    BlackHawk1 Registered Member

    Joined:
    Jul 22, 2004
    Posts:
    32
    When will TDS add detection for "Worm.Win32.Cocoazul.e" discovered on 01/20/05 and "Trojan-Downloader.Win32.INService.ab" discovered on 01/22/05? It's the 29th of January 2005 and as of right now TDS can't detect either of these. Is it that TDS is not aware of them or they haven't found a way to detect them as of yet? What's the deal? I have antivirus programs and also another standalone anti-trojan program that detects both of them. They are not false alarms... They have been confirmed by several companies. Long story short... I purposely "fish" for trojans etc. to see how good a program is. No offence, but IME, TDS is not what it's made out to be and IMO it's too complicated of a program. I would much rather have a program be simple and have top notch early detection rather than have all the extra junk that's in TDS. I hope this is taken as constructive feedback.
     
  2. Chris12923

    Chris12923 Registered Member

    Joined:
    May 31, 2004
    Posts:
    1,097
    Best thing to do is submit a .zip file containing the infected files to submit@diamondcs.com.au and I am sure if they are valid TDS will soon detect them if it doesn't already.

    Hope this helps,

    Chris
     
    Last edited: Jan 29, 2005
  3. beethoven

    beethoven Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    1,040
    No offence, but IME, TDS is not what it's made out to be and IMO it's too complicated of a program.

    Would you like to make an alternative suggestion?
     
  4. BlackHawk1

    BlackHawk1 Registered Member

    Joined:
    Jul 22, 2004
    Posts:
    32

    I already have. Maybe you missed it? As I said in my original post... "I would much rather have a program be simple and have top notch early detection rather than have all the extra junk that's in TDS. I hope this is taken as constructive feedback."

    IME, TDS is not detecting verified trojans and when it does, it's late in the game.
     
  5. beethoven

    beethoven Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    1,040
    Sorry, what I meant is : Would you like to name/recommend an alternative program that does the job better ;)
     
  6. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    What is the purpose of your post? To be constructive please submit@diamondcs.com.au and if it is a bone fide Trojan detection will be added. Cocoazul.c is in TDS3's primary list and I suppose this .e is a new variant.
    To properly test an Anti -Trojan scanner requires a lot of work and a professional methodology. Picking one Trojan and saying that the program is not good because it does not detect one sample is not particularly constructive. I am sure that you could do the same for every Trojan scanner that is available.
    Regarding TDS3's other tools many people find them useful. TDS3 puts the user in the driving seat and is not a set it and forget backround scanner that may suit you better - BoClean being a good example.

    Pilli
     
  7. BlackHawk1

    BlackHawk1 Registered Member

    Joined:
    Jul 22, 2004
    Posts:
    32

    I'm not sure if naming an alternative product(s) would be well received here. Let me just say that after looking over your posts... if what you say is true then you already use a standalone anti-trojan program that I like. Even that program though can't compare to good antivirus when it comes to detecting trojans. If I could only use one program it would be Kaspersky. It covers all bases and that includes trojans. It's not the most pleasing to the eye and it's not the fastest scanner out there, but IME over the years it excels above all others where things really count... detection. It also has updates every hour 24/7/365. To the best of my knowledge no one else does that. I see you like NOD32... IME not only did Kaspersky do a better job than NOD32, but Norton AV did as well... believe it or not. I was very disappointed with NOD.
     
  8. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Most of us here use a layered defence, I too use KAV as my main AV scanner on this PC but no AV AT system is 100% and it is always good to have a second or even third opinion.
    I would name all of the well known scanners as each one may suit different types of users but comparisons should be made in the more general forums. You will find many there already :)
    None are perfect and can never be.

    That is why I prefer prevention rather than cure using a good firewall and tools such as ProcessGuard, System Safety Monitor, Prev-X and RegRun, again these are discussed elsewhere on Wilder's forums.

    Pilli
     
  9. BlackHawk1

    BlackHawk1 Registered Member

    Joined:
    Jul 22, 2004
    Posts:
    32
    Pilli,

    You obviously took offence despite me saying no offence in advance. I even said I had hoped this would be taken as constructive feedback. Personally I like it when someone brings things to my attention that I can use to improve on. I'm very sorry you were offended. Can we :-* and make up? :D

    j/k Have a good day.

    P.S. BTW, I'll wait and see if TDS eventually adds detection for these that are currently going undetected. If detection isn't added soon I'll submit them if I don't forget. I can assure you they are legit. Personally I feel that 9 days in the wild is plenty of time to add detection. TDS should be detecting keyloggers as well correct? If that's the case... well it's also missing some of those that are several months old.
     
  10. BlackHawk1

    BlackHawk1 Registered Member

    Joined:
    Jul 22, 2004
    Posts:
    32
    Pilli,

    If you use KAV and have it updated then you are covered by the 2 I mentioned in my original post. KAV had detection for them almost immediately. It's an amazing program/company IME. I like you also believe in taking a layered approach... having more than one AV, more than one anti-trojan scanner as back up to the AV, firewall both hard and soft, etc. but you have to draw the line somewhere. Too much of something is not a good thing. You have to narrow things down IMO.
     
  11. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    True, unfortunately the malware writers do not take the same view, though I am sure they love the simple approach made by the majority of users! :)
    It is very difficult to draw a line as that line is a moving target.
    If you are a careful surfer and use restricted beowser settings and even better use something like Firefox then you limit your chances of infection also, if you do not use P2P and never open dodgy attachments or downloads.
    Unfortunately it is far too easy for the casual user to be sidetracked from these precautions.
    If you are a more adventurous surfer then the risk is much higher, especially if you visit blackhat sites, warez etc. and inadvertantly dl and run a rootkit for instance - all your other defences are useless unless you have something like ProcessGuard which prevents .exe's from running & even if allowed to run stops driver /service installs without explicit permission.

    So for me, my basic security setup would be in this order of importance:
    All OS security patches.
    Router - Software firewall - ProcessGuard - AV /AT, Javacools tools and Giant (MS now) resident, with second opinions by AdAware or Spybot.
     
  12. DonKid

    DonKid Registered Member

    Joined:
    Jun 27, 2004
    Posts:
    566
    Location:
    S?o Paulo, Brazil
    Well, to complain so much, about those top programs like TDS and NOD32, how about you sell your computer and buy a IMac ?
     
Thread Status:
Not open for further replies.