Discussion in 'Trojan Defence Suite' started by wizardavc, Jun 22, 2003.
<Post Edited Out>
welcome in the forum.
You might like to read the evolving discussion in this thread
TDS is not just an ordinary trojan scanner, it's a whole suite with lots of more options, keeping the user in the driver's seat. The resident part the exec protection.
For me TDS is central on my system, starting lots of other functions with scripts from there.
One doesn't have to use all the functions one doesn't want to, one has them all extra and after a while or sooner one learns to use them.
Don't worry, the TDS-4 family will contain 3 separate products, the Pro, a scanner and a guard, don't ask for details as i know nothing more than that till we're invited for betatesting.
Nice dropping by. You are right, TDS can be as complex as you want it.
It also can be as easy as you want it. If it comes to Internet security there are no programs which you install and forget about it, although TDS comes very close. If you don't want to use all those gadgets, well just don't. With the Execution Protection of TDS you are pretty safe from trojans. But if you are in some trouble you might find it very useful to have all those tools at hand.
By the way TDS-4 will come with more flavors as I understand it. If you think TDS has too many ways of detecting trojans, then realize that you never know what's being cooked and presented next.
If you want to be protected, you should be protected the best way there is.
When I first used TDS I found it a little complicated, but after reading FanJ's basic configuration of TDS I no longer think it is. I can now do the configuration without referencing to his thread . I think the "complexity" is because trojans in themselves are not as easy to combat as some other types of malware. In some cases they will NEED these feautres that you claim are of no use. And personally I have no problem in putting my trust in the hands of knowledgable people like the DiamondCS team. If they feel an option is useless I am sure they would not have included it. Some people also like being able to configure a lot of the options to see what fits there computer the best. Some like more agressive protection and some feel there isnt a need for it. TDS will cater to both.
The things you put as what an anti trojan product needs is pretty general. There is usually more to it than that. How it deals with scanning the disk and how effective is the monitor is more important than just having it.
I think every user, even general users can benefit from advanced options. It might take some time to read about what these options do but I think it would be well worth it and should be included for everyone's benefit. Most likely these things will be considered in TDS 4 though, as I have read many people's opinions about this. Just thought I would add my own.
Hello Wizardavc, Along with what Jooske and Dollfile have saidl, please run the trial & see for yourself. Not only do you get the best tools for detecting and eradicating Trojans you also get support that is second to none.
I don't think it's very complex at all. It doesn't have a pretty interface, but it works.
Its ok for an anti trojan product to be advanced and through but you can still do that without being unnecessarly complex. I don't think DiamondCS understands that most of TDS's users are end users with begineer-intermediate knowledge. Look at a product like Tauscan or Trojan Remover, they have a pretty large database, they are fairly through at scanning, good support, reasonably fast, but are not unnecessarly complex like TDS.
I suggest combining Port Explorer and the features in TDS not directly anti-trojan related into a separate product and TDS will be much more simplified and user-friendly which will lead to better sales.
Hi wizardavc, welcome to the Wilders forum, and thankyou for your comments.
You're correct - TDS3 is a very complex program, providing every possible avenue of attack that you can use against trojans, and going where no other anti-trojan program has ever gone. With all that power and functionality it's impossible to hide it all from the user and reduce it all down to a few buttons, but TDS3 is only as complex as you make it.
If you dont use any of the advanced features, using TDS3 is actually ridiculously simple - see this page. It explains how, with just two mouseclicks, you can do the two most important things in any anti-trojan program - 1) update the database, and 2) detect trojans in any part of your system.
TDS4 Professional will still maintain the advanced/complex GUI of TDS3, but there'll also be TDS4 Scanner and TDS4 Active, both of which will be very simple to use, and although they'll both be backed by our powerful new anti-trojan engine, they won't offer the extra utilities that TDS3 and TDS4 Pro offer.
Ok, thanks for responding. Glad some changes will be made in the future. I am also doing some testing on how TDS deals with compressed/uncompressed trojans and will let you know the results.
That would be a futile test as TDS3 only has unpack support for UPX. We've already developed an unpack engine for TDS4, it currently successfully unpacks most common packers including UPX, PECompact, ASPack, Petite and many more - TDS4 and Wormguard4 both use this new unpack engine (as well as a new unarchive engine, capable of scanning archives inside archives inside archives, with support for many common formats - ZIP, RAR, TAR, CAB etc). However, until those are released, it'd be fairly pointless doing an unpack test now ...
TDS4 will become the first dedicated anti-trojan system with a solid unpack and unarchive engine, but it's worth noting that packing a trojan executable may/can only get it around the file scanning capabilities of TDS3, not the resident detection techniques -- as soon as the trojan is running, TDS3 can detect it in a multitude of different ways, including process memory scanning, mutex detection, window detection, to name just a few.
Ok, I'll be sure to wait till TDS4. One more question, what are the names of some other droppers besides the ddsetup in Donald Dick that can make polymorphic trojans?
No need to wait for TDS-4, the update is free
So for the best protection, go for TDS-3
I think you are NOT one of those 99%
Tds is not hard to use it can be done in a few simple steps.
step 1 install
step 2 Update
step 3 Enable Excution Protection
Step 4 do full system scan
See not that hard at all.
If you Like i can do it over again in crayon like i would for Mr.Blaze.
If you needed help all you had to do was ask not insult some ones hard work.
TDS can be in-fact very easy to use.
But like you i to was blown alway by so many extra features.
That only makes it better because if i ever get up there and learn more of this stuff i get extra things to enjoy rather then other typical Anti trojan program's that is the same as every one else's.
Hi Open Source,
No need to put down Mr.Blaze.
He is at least as smart as you are. He just hasn't figured IESpell out yet.
I thought that was due to a conscious choice of literary style, rather in the way of e.e. cummings or Ezra Pound
Open Source forgot an extra refining for the configuration of the scan options.
TDS > System Testing > Scan Control, check every option and slider on highest to the right > Save configuration (you might like to add some refining to the NTFS adds streams stuff and save that too) and scan the beasty!
Thanks O.S. for the images.
For the unpackers: in the Private TDS was posted more about that, among others how to add them yourself to the TDS engine. So if you find them in the wild, read the instructions how to add them.
For all the functions which might at the first sight not seem to be related to strict trojan detection: read the parts in the helpfile about 16 ways (which are now over 20) to smell a rat, and hunting for an unknown trojan.
The network functions like the traffic bridge and TCP Port Listen are very interesting to see what packets are exchanged with your system (so we discovered new variants of CodeRed long ago looking at them, among others).
After a while people discover the many functions and how to keep their systems healthy with them.
On my system i can't use the typical 2k/NT functions, but all the rest is used more or less frequently. The protection might be too good to need them often
There's really no problem at all, Wiz. You simply need to look at it more closely. Few people seem to have any problems using it simply as it is, but perhaps you should look for something less challenging if you need to.
will that not true when you first see tds for very first time as a newb you get lost you really do.
but when some one take the time to show you the basic few steps your lke whoaaaaaaa
the tds interface is bulky and a little high end tech
bu what i love about tds makes up for it.
simply the best trojan killer
a tds crew that actualy cares and takes time out one on one to explaine things to you.
almost daily updates most updated program i ever seen.
and great tech support
as a new user of TDS3 I am sure that the team putting this program together would not have included all the `tools` if they were not needed at some time. I have a few tools in my garage which I only use perhaps once a year, but I still need them.
When i look around at handy tools i see them often already included in TDS, PE and WG, so if users find something else handy and post it to the "wishlist" these features might get included in one of the three or in a nicer way fitting the DCS line in some other tool. But none of the big tools are bloathed with functions we would never use; think it's a very useful suite.
i requisted lots of stuff and im sure at least two things have been granted on my wish list
1. was worm guard telling me no worm found same with tds no trojan found ful confirmation
2.that tds will now tell you exactly what has changed in auto start registry you know that really anoying warning
i asked that they included a real check like trojan check 5 in the free tool section at wilders that gives you a ful read out of whatactualy has changed
im perty sure they added this two things
Separate names with a comma.