Hello all! ;D

There is a problem with my setup of TDS3. I cannot update, no respons at al when I do cnrl-u or via the menu!

Also a Trace is not possible. No reaction either!

My setup is WIN XP with a router (Vigor 2200E) and a software firewall (Norman)
Wich gates should be opened?
Normally the software asks if the application can get to the internet, but with TDS no reaction at all

in short: HELP!!!!

Frans

Hi,

First reinstall it over itself, to the same folder

Then visit this page and if you have any problems, describe your problem back in this thread

http://tds.diamondcs.com.au/index.php?page=files

First install the VB6 Runtime package on that site please :)

Frans, you do have a registered version, do you?
As evaluation versions don't allow updating via the menu, manually on the pagen Gavin just posted only for those.

Hi Fraha, It sounds like you have a firwall problem, the Updater goes to port 80 of the download sever and the local port that TDS sends out on is variable.

With Trace route I should think again it is your firewall, if you leave the ip address as 127.0.0.1 you should get this, if so it is probably your firewall stopping traceroute from outbound connection to a real IP address:

16:30:13 [Trace] Initialising traceroute to 127.0.0.1 ...
16:30:14 [Trace] Tracing route to 127.0.0.1 (localhost)
16:30:14 [Trace] 02: 0ms 127.0.0.1 (localhost)
16:30:15 [Trace] Trace complete!

HTH Pilli

ok, klet me see where to start answering! ;-)

1. Yes I do have the Registered version.

2. I already installed the full version over the try version and installed the regkey again.

Next I'm going to this link and see what I can install there....

I'll be back!

Frans

ok, more problems,

Where do I install all those DLL files? I see three options. system32, lastgood and dllcache.

I'm guessing al in system32 but I would like to know for sure!

samew goed for the VB module, do I run it or plase it over the same file somewhere?
Where should it go?

Frans (very ??? ???

Default, over the existing one, did you check the version number of the vb6

please! I'm a beginner. What is default in this case???

Frans

How are you updating then?
have the TDS download, click on it and it should unpack/install all automatically where it belongs?
"standaard"
You might like to tell the installation to do it in C:\ or C:\program files\
or c:\program files\diamond computer systems\
or anywhere you like, you will like in this case most probably to do it over the existing installation, wherever it is, after put the keyfile in it again (you did follow instructions for that i hope, if it had to be unzipped or renamed or anything else?)

Where are the files now then?
After install put your keyfile back into it, reboot computer and all should be fine.

I could only imagine a possible problem with the keyfile due to the email, eventually if this wouldn't work. But that could be checked by support.
First look at this install, just like the first time, over itself preferably.

By clicking on Help - About TDS3, you should see that TDS is registered to you ie. Your name.
Please read this link for basic infromation ans settings :)
http://www.wilderssecurity.com/showthread.php?t=2871

Hope This Helps - Pilli

HI Fraha.

While I'll leave the help given to you by Jookse/Pilli/Gavin for the rest, you asked a question re VB6 file. [VisualBasic runtime 6 SP5 it is]

Simply download that file to, say, desktop.

Then just double click it, it will install install itself. Even though it may not ask for a reboot, best to do so.

Then at least that's one problem out of the way, that file will be the latest.

If it does not cure the problem, then proceed to download each of the rest of the files on that page and simply replace them.

If unsure where they go, do a Search for Files and Folders, take a note where they 'live' and then put the new downloaded ones into the appropriate place.

If you don't feel comfortable replacing them, make a back-up of your original ones.

Simple way is to make a folder on desktop...go to the folder the files live in, then click on one at a time, then while holding the Ctrl key down, drag them into the new folder you created. [You will see a little + sign when dragging, this means it's copying them. In case you did not know how to do this. :) or, right click on each, select 'Copy', then put cursor into the new folder, right click and select 'Paste'.

In Win XP they live in C:/WINDOWS/System 32

There is one file at the above link though that is only for Win9x so don't d/l that one. :)

Cheers, TAS

oke, this is what I've done and what happened.

I ran the VBfile from the diamnodcs site and ran it. Booted after that and still no luck with Trace and Update. Not even after closing down the firewall!

Ping gives a one-liner:
Ping reply from 127.0.0.1: size=32 status=0 time=0ms ttl=250

The resolve butten gave this:

21:05:36 [DNS] Resolve IP: 127.0.0.1
21:05:36 [DNS] Full name: localhost
21:05:36 [DNS] IP address 1: 127.0.0.1
21:05:36 [DNS] Alias 1: abcsearch.com
21:05:36 [DNS] Alias 2: admin.abcsearch.com
21:05:36 [DNS] Alias 3: admin.abcsearch.com
21:05:36 [DNS] Alias 4: www3.abcsearch.com
21:05:36 [DNS] Alias 5: www3.abcsearch.com
21:05:36 [DNS] Alias 6: www3.abcsearch.com
21:05:36 [DNS] Alias 7: www.abcsearch.com
21:05:36 [DNS] Alias 8: www.abcsearch.com
21:05:36 [DNS] Alias 9: www.abcsearch.com
21:05:36 [DNS] Alias 10: www.abcsearch.com
21:05:36 [DNS] Alias 11: acestats.com
21:05:36 [DNS] Alias 12: acestats.com
21:05:36 [DNS] Alias 13: acestats.com
21:05:36 [DNS] Alias 14: acestats.com
21:05:36 [DNS] Alias 15: acestats.com
21:05:36 [DNS] Alias 16: www.acestats.com
21:05:36 [DNS] Alias 17: www.acestats.com
21:05:36 [DNS] Alias 18: www.acestats.com
21:05:36 [DNS] Alias 19: www.acestats.com
21:05:36 [DNS] Alias 20: www.acestats.com
21:05:36 [DNS] Alias 21: www.acestats.com
21:05:36 [DNS] Alias 22: actualnames.com
21:05:36 [DNS] Alias 23: actualnames.com
21:05:36 [DNS] Alias 24: actualnames.com
21:05:36 [DNS] Alias 25: actualnames.com
21:05:36 [DNS] Alias 26: actualnames.com
21:05:36 [DNS] Alias 27: actualnames.com
21:05:36 [DNS] Alias 28: actualnames.com
21:05:36 [DNS] Alias 29: www.actualnames.com
21:05:36 [DNS] Alias 30: www.actualnames.com
21:05:36 [DNS] Alias 31: www.actualnames.com
21:05:36 [DNS] Alias 32: www.actualnames.com
21:05:36 [DNS] Alias 33: www.actualnames.com
21:05:36 [DNS] Alias 34: www.actualnames.com
21:05:36 [DNS] Alias 35: www.actualnames.com
21:05:36 [DNS] Alias 36: www.actualnames.com
21:05:36 [DNS] Resolve time: 0,8125 seconds.

I don't know what to do about this from here.

Then I tried a trial version on the other computer and there all works fine. The ping is like in the example above (From you guys) m/v (M/F)
with the 4 lines.

I'm puzzled. Should I uninstall now boot and install again?

Frans

Hi Frans,

- in Dutch-

Hoi,

Ik heb het gevoel, als ik je lijst van Resolve zo zie, dat er iets gedaan moet worden aan je HOSTS bestand.
Dit is een bijzonder bestand: geen extensie als .exe of .txt of zoiets.
Misschien moeten we daar eerst iets aan doen.
Wellicht ook een HijackThis draaien en de log posten.
Of anders in ieder geval hier een copie van je HOSTS file plaatsen.
Ik ben geen expert op het gebied van HijackThis, dus ik moet dat aan de experts als Pieter overlaten.


- in English -

I have the feeling, after looking at that Resolve, that there is something wrong with your HOSTS file.
Maybe it is a good idea first to look at that.
Maybe even better to run HijackThis and post its log so the experts like Pieter can have a look at it.

Thanks for your input!

I renamed the HOSTS file (TDS is complaining about it) bootet the system en all is the same.
I'll goto the hijack this forum and publish that there for Pieter to look at!

Any more tips? It's getting quiet here! ;-)

Frans

The HijackThis log from Fraha is posted here:
http://www.wilderssecurity.com/showthread.php?t=25867

Frans,

I have some problems with my eyes at the moment, but I saw this at your HijackThis log:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = wwwproxy.xs4all.nl:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local>


I have to admit ( :-[ ) that I am not quite sure about those two lines.
I need experts on this......
Sorry !

In that context I am wondering what your settings are in TDS-3 for your proxy server; see screenshot.

Cheers, Jan.

Hi Fanj

After a quick check i can tell you that the proxi is not active. Not in the browser and not in TDS!
I guess the second line confirms that?

Frans

-{ Quote: " quoting: FanJ link=board=5;threadid=25829;start=0#msg150346 date=1080338828]I have some problems with my eyes at the moment, but I saw this at your HijackThis log:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = wwwproxy.xs4all.nl:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local>" }-

Hi Fraha,

If you are sure you are not using a proxy, then have HJT fix those 2 lines and reboot....

Regards,
Kent

Did that, booted and looking again into HT-log it is back again!
??? ::)

Should that happen or is this a trojan / worm?

Frans

Do you have any type of proxy software that runs on startup that could be changing these entries?

Kent

Not that I'm aware off!

Now I did the following:

Deleted all entries for TDS from the firewall rules.
Uninstalled TDS totally. Only execprot.dll could not be deleted (Could be that execprotection was on, but by that time the software was uninstalled) Even after a boot this file could not be deleted so i installed again tds, put the key in there and it knows me again!

When I send the test message, the firewall complained. Gave the tds3smtp.exe file permission to goto the intenet. After that no questions from my firewall when trying to update what soever!

This is NOT good, I guess...

Now I reset my firewall to default settings, again no luck!

This does not surprise me because when I switched off the engine of the firewall, all stays the same!

Can I have a list of stuff that should be in the registry for TDS? Perhaps there lies the problem? Is that possible?

Out of options now. Off to bed!

Frans

Hi Frans,

Some general remarks:

1.
In general:
With respect to un-installing TDS-3:
You should first dis-able in TDS-3 itself execprot.dll :
In TDS-3:
TDS > Execution Protection > Remove
And then a reboot, and then un-install it.
That's the way to do it.

2.
Once again:
I'm really not sure about those two registry-entries:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = wwwproxy.xs4all.nl:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local>

I hope some experts will jump in here.

Maybe also some users of the Dutch provider "xs4all" could jump in here and tell us whether it needs a proxy-server; I really don't know....
There ARE here at the Wilders-board users of that Dutch provider !

In the IE browser, > Extra > Internet options > Verbindingen (connections) > look for your default connection (standaard) > bottom LAN settings > there could be the xs4all proxy checked. Note down what there is so you don't lose it if you need it back.
Uncheck the proxy, ok, ok close and reopen all browser windows before you start again.
Many ISP's like you to use their proxies as it saves them lots of bandwidth, and it should not make much of a difference for users, certainly not the kind you run into. But ok, first try it without the proxy to get correct results.


What is happening at the moment with your TDS install is not clear to me.
Gavin only asked to get a new version of the VB6 from the site and install TDS as a whole over the eisting one.
There is a warning on the site XP users don't need to replace those system files generally spoken, as XP has it's own protection for overwriting files.
Now i understand your question with what you're all doing where to put files.
Since you're mentioning system32 i suppose you run XP so all those files should not be needed for you.
Look for the names of the files one by one, search for them on your system, and you will see rightclicking on them you have the same or newer versions on your system.
Only if some would have been overwritten due to some install it should be replaced, but XP would have warned, i guess.

Now the exec protection was still installed while you uninstalled TDS, to have that part working properly again you'll have to install TDS, get to that exec protection and uninstall it, reboot, try in TDS to install it again
(where's a test? anybody has a testfile which should be stopped but is not dangerous?)
look carefully at the message you get, if it says "failed" press the uninstall of exec protection, uninstall TDS, install TDS again over itself, reboot, install exec protection again and all should be well.

Did you reboot after your first install? not doing so could give some problems of TDS not working properly.
This is for most security programs i know, so even on XP you're not rid of the reboots in all cases.



How is now the current situation?
You have now a working re-installed TDS, have you?
Does it update or tell you are uptodate already when you press in TDS > Update TDS databases NOW!
What exactly happens when you do this?

Is the problem the firewall is blocking or not blocking the problem?
Firewalls can have the habit of lerning so if you allowed the action/connection it might know for a future occasion program update.exe is allowed to connect to internet so the firewall will not alarm nor beep if you are doing so a next occasion, unless you made you settings to alarm each time.

Did you reboot the syustem after enabling the firewall again? If you have ZoneAlarm for instance, for some annoying reasons it keeps the changes till reboot.
Try it for instance with a page needing cookies etc and you allow them in the settings, even closing all browsers and reopening one you will see in many cases your changes did not really take place, site still asking for cookies accepting, till you rebooted and get there again. Really annoying and a risk factor, for i wonder if i tighten my settings for such a site if those higher security does take place instantly or not. But that discussion is for the firewall threads.
Anyway, if you use ZA(pro) it can be several of the allowance settings stayed up for the program so you won't get warnings.

Silent here you said? hm think people have been looking all around the clock for you; for instance i started writing around 5 in the morning my time and it's around 6 in the morning now, i see Jan was here after midnight and before midnight, so 24/7 supoport here!
And you're lucky, many software developers of lots of kinds of software are looking around here too, hence a good reason to ask questions in the right forum areas to attract their attention for support, just in case! 8)

OK, thanks Jooske (I did put a ;-) after that line with "it's getting quiet around here"
Believe me, I know that you take this seriously And I don't have any critizism whatsoever about you guys (M/F)

As I'm off to work right now, I can't go into detail about youre large mail. Most of it I did without any luck.

But there is light!

Fresh this morning I had a brainwave. I ran the Update.exe manually and it worked!!! The firewall asked permission and I gave it all the permission there is to give.
The problem is still there if I try to update from within the program!

If I do a control-U or use the command from TDS >> updatreTDS database now, there is no reaction from the program what so ever.
After the manual update there where lines in the main screen of TDS telling me this:

08:32:48 [Radius] Radius Systems loaded. <Databases updated 27-03-2004>
08:32:48 [Radius Update] Update complete.

You think about this and I'll be back around 1700 hrs CET to takkle this a bit more... ;D

Thanks again and greetings from The Netherlands


Frans

-{ Quote: " quoting: Fraha link=board=5;threadid=25829;start=15#msg150535 date=1080373247]
OK, thanks Jooske (I did put a ;-) after that line with "it's getting quiet around here"
Believe me, I know that you take this seriously And I don't have any critizism whatsoever about you guys (M/F)

As I'm off to work right now, I can't go into detail about youre large mail. Most of it I did without any luck.

But there is light!

Fresh this morning I had a brainwave. I ran the Update.exe manually and it worked!!! The firewall asked permission and I gave it all the permission there is to give.
The problem is still there if I try to update from within the program!

If I do a control-U or use the command from TDS >> updatreTDS database now, there is no reaction from the program what so ever.
After the manual update there where lines in the main screen of TDS telling me this:

08:32:48 [Radius] Radius Systems loaded. <Databases updated 27-03-2004>
08:32:48 [Radius Update] Update complete.

You think about this and I'll be back around 1700 hrs CET to takkle this a bit more... ;D

Thanks again and greetings from The Netherlands


Frans
" }-

In that case it is 99% sure to be something to do with the firewall settings

Frans, just to make sure: you did close all the AV and AT --also the resident parts!!-- during install, did you? I saw in your HJT log you have a bunch of them, so those really shopuld be put to rest before installing any other software, after reboot and you can fire them up again.
I forgot your firewall, might be special settings.

So that you could use the update.exe at all gives some light indeed.
You can do yourself another favor with grabbing my test-demo file on top and load it via TDS, as that has an update.exe as will in between the other joy, so you can locate if there might be something with the TDS install or something else could be the matter like proxies, such things.......

Tooske,

Yes i did install with all av and AT stuff off-line.

Can you elaborate on the testfile you mention? Where can I find that and how do I load it via TDS?

Due to all hassle I did not have much time yet to read much helpfile....

What kind of file is it and what's the name?

Frans

Hi Frans, was not around, shopping time!
http://www.wilderssecurity.com/showthread.php?t=24123
In the sticky threads on top, little by little i created a little thingy, read the description: running from desktop it should give certain error messages and refuse to run further due to your protection, running via TDS it should run all till the end:
get both files from the first message, put the kope_van_welcomeF.wav in your C:\ (yes, the root! ) to make sure it runs anyhow,
so you can see via TDS some little surprises and lots of little tests to get used to.
Hope you have speech working too in the meantime!
Have fun with them!

Jooske,

This happened after your VBS script was run via TDS

A popup screen came up and I had to hit OK.
Then the text in TDS's mainscreen.

That's all.
No sound and no updating.

Updating is never called upon as far as I can tell.
No error msgs, nothing.

As the update file works if called direct. I take it the firewall works correctly. (See above)

This is something within TDS.
Perhaps the TDS folder / Directory is not set so TDS cannot find update.exe ?

I'm thinking this way. What Options do you have? (left)

Frans

-{ Quote: " quoting: Fraha link=board=5;threadid=25829;start=15#msg150757 date=1080419401]
Jooske,

This happened after your VBS script was run via TDS

A popup screen came up and I had to hit OK.
Then the text in TDS's mainscreen.

That's all.
No sound and no updating.

Updating is never called upon as far as I can tell.
No error msgs, nothing.

As the update file works if called direct. I take it the firewall works correctly. (See above)

This is something within TDS.
Perhaps the TDS folder / Directory is not set so TDS cannot find update.exe ?

I'm thinking this way. What Options do you have? (left)

Frans
" }-


I still think it's a firewall problem, if you are manually updating you are doing that through IE or mwhichever browser and the firewall is set to allow all IE bits

if you don't get any warnings from the firewall when tds tries to access the net, then it is set to automatically block neww applications and you need to find and alter those settings to allow TDS to access the net

I think you misunderstood something.

I executed the file setup.exe in the TDS folder. The first time I did that, after I did this numerous times from TDS without any reaction on the TDS screen, my firewall asked if it was OK to allow update.exe access to internet.
After this, the update ran and was registered in the TDS mainscreen, with the date of the file (27 march)

I'm guessing that TDS does this in a similair fashion, but somehow, somewhere something goes wrong (duhh!) ;-)

TDS itself does not need internet access untill now, because I did not see anything going that way.

Adding to this that when the firewall is disconnected noting changes.
Furthermore I installed the trial version of TDS on my other system and it works like a charm, except for the update function, wich is not supported in the trial version.

Greetz

Frans

Hi Frans,

Some remarks:

1.
The HijackThis-log of you was posted here:
http://www.wilderssecurity.com/showthread.php?t=25867

2.
I would advise to check your firewall-rule(s) for TDS-3.
BTW: which firewall are you using?

3.
I would advise that you contact your (Dutch) provider XS4ALL, and ask them what exactly the proxy settings need to be.
Maybe you can find that info on their website; I don't know.
Maybe there is also a support-forum from your provider; I don't know.

3.
I still don't understand those registry keys:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = wwwproxy.xs4all.nl:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local>

I need a Registry-expert on this !

4.
If you need to use a proxy-server from your provider, then I would advise to set it up also in the TDS3-Configuration-server-tab:

http://www.wilderssecurity.com/attachments/Fraha_2004_03_26_1.gif

Quote from the TDS-3 Help-file:
"Use Proxy for Web Access:
If users are behind a proxy server, they can configure this option so that TDS-3 uses the proxy server to connect to the outside world.
TDS-3 Update is one example of being able to go through a proxy server."

The high-lighting is from me.
What I do not know is this:
It says only that "TDS-3 Update is one example of being able to go through a proxy server".
It does not say that it is required by TDS-3 !

We need Wayne/Gavin/Jason to tell us that.

5.
In your HijackThis-log thread dvk01 posted this:
"I have seen several reports of OVERNET.exe being infected with a backdoor trojan. backdoor blarul

whether it wa a false positive or not but the overnet forum users don't all think so
http://forum.overnet.com/viewtopic.php?t=59140&highlight=blarul

it's open to debate but!!!!!!!"

I would like to give a link to the PestPatrol-site about this:
http://pestpatrol.com/pestinfo/o/overnet.asp

It's your decision what to do about it.

I would like to ask Gavin to have a look at this issue and see whether this is something for TDS-3 to detect.

6.
I have to admit that I don't understand your initial listing from TDS3-Resolve.
Maybe I was wrong when I thought that there was something wrong with your HOSTS file.

I hope that Wayne/Gavin/Jason will jump in here.

7.
At the moment it looks to me that the issue about the proxy-server is the most important one for the moment, but of course I could be wrong.

Cheers, Jan.

An additional remark:

If this registry-key gives the right proxy-settings for your provider:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = wwwproxy.xs4all.nl:8080

then try to put those in that TDS3-Configuration-Server-tab, save, close TDS-3, reboot, and see whether things will work OK now.

Note that I wrote "if".

If that is true, then:
- put a checkmark in the box "Use Proxy Server".
- put wwwproxy.xs4all.nl in the Server-box.
- put 8080 in the Port-box.

Jan:
can you do me a favor, as you have very high security settings on your system too, to get the testdemo and wav file from the top sticky thread and see if it does everything for you too:
just put the test thing on your desktop and the sound file in c:\ and load it from inside TDS.
For Frans it does run including the joke lines in the end, but not even any message about updating TDS, not even a detection the radius is already up to date and the action aborted like this:
[Radius Update] Database already up-to-date - transfer aborted.
But there is hope: Frans does see the messageboxes to click on, so the Windows Scripting Host at least is working OK.
This "upsdated" line should appear between the joke lines at least after the update window appeared a few moments.
The wav file in c:\ should use the normal original windows basic sound system, in the end the jokelines are only written, while in the very end the TDS voice says some thanks, which is the speech engine (TTS)


Noticed something more:
when you click in the TDS console somewhere in the field and press contr+A for me it selects (highlights)all the text there and a few instances after it brings up the Autostart explorer, when i click in the top of the console somewhere in an empty place and press contr+A i get only the autostart explorer opening. For some reason it is logical, but never had it happening before.
Not sure if this works the same for all?
Contr+U brings up the update console.

Frans:
Did you try both the contr+U and clicking the menu option itself for the update?
for the update: if radius is uptodate you won't get a new update, just that like i wrote above, so don't let that confuse you.
I would suggest to try everything on your second computer too and find out if there are any differences in settings or possible infections. Update the radius also in your other system, check in both systems all possible options and close other av/at scanners (NOD32 you run? norman?) including your TH resident protection in this case as a test, and try first your script / update action again, see if that makes any differences, after close all windows and applications you don't need as you're going to step from the system anyway and have a full system scan done.
There could be some infection playing games, maybe there is nothing.......

I remember i saw in your HJT the United Divices. I used those too long time ago, no real problems with TDS or other programs, but my windows itself was running very much better when i closed it and finally decided to uninstall it. Same with Seti. I have an older slow system, so for me that counted. Not sure if that makes any difference for you. Did you temporary close UD during the TDS install? Worth trying everything of course.

-{ Quote: " quoting: Jooske link=board=5;threadid=25829;start=30#msg150904 date=1080440343]
Jan:
can you do me a favor, <snip>, to get the testdemo and wav file from the top sticky thread and see if it does everything for you too:
just put the test thing on your desktop and the sound file in c:\ and load it from inside TDS.
" }-

Hi Jooske,

I wanted to post this in your sticky thread but couldn't do that cause it is closed.
Maybe move this posting to there: your decision ;)

I did a quick test (a bit too late in the night here now ;) ).
I didn't test dual extension.
I tested it from within TDS-3.
- Got the message-box "this is a vbs script running".
- Got the message box "TDS Trojan check".
- Saw this in the TDS console:

04:40:00 [Radius Update] Database already up-to-date - transfer aborted.
04:41:25 [TDSTrojanTest] Please standby for testing.....
04:41:30 [TDSTrojanTest] It seems that you are infected
04:41:34 [TDSTrojanTest] .....checking....
04:41:39 [TDSTrojanTest] TDS trojan detected!
04:41:41 [TDSTrojanTest] Yes, you're definitely infected with the TDS addict trojan.
04:41:41 [TDSTrojanTest] Sympthoms: always running TDS, visiting TDS forums, playing scripts,
04:41:42 [TDSTrojanTest] waiting for the latest updates.
04:41:43 [TDSTrojanTest] Is there a cure? No.
04:41:44 [TDSTrojanTest] You'll always be addicted to the TDS trojan.
04:41:45 [TDSTrojanTest] the good news: it's a happy experience of only recycled electrons.
04:41:46 [TDSTrojanTest] And it's the first using SS3!
04:41:48 [TDSTrojanTest] Congratulations to be tested succesfully positive among the first!

- My firewall log shows that TDS-3 tried to update ;)

Thanks a lot Jan,
I did not close it myself, as i would like people to add their testfiles, will discuss that with the DCS - testfile - responsibles! :)

I miss the sound parts in your story:
the first message box after pressing OK the welcomeF.wav should sound which is the normal windows basic sound used for that
and at the end after the addiction display the TDS voice thanking you for this infection.
In that first welcomeF wave part the little radius update window shows up like normal, as the update exe is called. and it did work properly as you got that line displayed with the radius already up-to-date and thus further action aborted.
So it works all properly as it should, and i hope you liked trying it.

Ahhhhhhhhh i see why the WelcomeF.wav did not sound!
In my script the name is C:\WelcomeF.wav and i see the file here in the board is renamed Kopie_van_WelcomeF.wav ! (i really don't remember why i did that!)
easiest to rename that file back to WelcomeF.wav !
Big sorry! I'm really very sorry for that, it can not call a file with another name of course. I'm sure if you rename that back and try again you will really like that! I never noticed as i have both versions on my system so it always worked.
If you prefer of course you can make that change in name also in the script itself (on top, where it calls c:\WelcomeF.wav ) whatever you prefer!

Yes, when TDS is trying to update it needs an outside world connection.

Now i wonder, for Frans the update.exe itself from outside TDS works, there should be a firewall permission too, no matter how you do it.
But from inside the update.exe doesn't work, not via the menu, not via the contr+u, not via this demo script, no firewall permission either.
This makes me think of missing files or bad install!
Frans,
Jan always recommends to close everything in the TaskManager what is not really needed, so keep explorer and systray, but all the rest can go, true Jan?

Now there are a few options:
something was blocking a proper install or something is blocking a proper functioning.
So either close things one by one and try the radius update from within TDS, till it does, till there is nothing more to close.
Then you know the install was not ok.
The other way like Gavin recommended install TDS over itself in the same folder. Still no luck?

There has been a windows problem with longer file names on XP system, which has been solved in TDS, but maybe due to ??? still a problem on your system.
If the above did not work, uninstall the exec protection and uninstall TDS completely (first copy the keyfile away to a safe place!!) You might like to copy the radius and scripts folder and speech spchapi.exe to safety too.
Then uninstall again.
As i noticed you have C:\Program files\TDS-3
(or was it in D:\ ? must check again your log ) anyway........
You might like to have it in c:\fantasyname\tds-3 as long as the fantasyname is not broken, as you might not like it immediately in c:\ for security reasons and for the fine architecture on your system.
I don't think it is this, but it's the last i can think of if other programs have not been blocking a proper install.
But Jan's way of really making sure everything in the taskmanager is closed exept the systray and explorer could be something.

I don't have TDS in the autostart, btw, i start it manually after all the other reboot is ready to give it all room to start up all and everything properly and doing all it's startup scans.

Everything for not wasting your sunday you need most probably for other nice things!

BTW: does your firewall make problems when your United Devices wants to send and receive new datapackets? I used to have problems with it frequently, for which they kept sending excuses but... anyway, removing that was much better for my system!

Hi, here's sick me (soar throat)

Forgive my English

Uninstalled TDS agian today and booted up in SAFE mode. The installed again and, you gueassed it. No luck. :'(

Now this is the way you want it don't you? I'mean safe mode is the same as "kill all extra software" right?

When I update myself via the program update.exe the firewall asked permission the first time. After that I told the firewall to remember this and don't ask again.
If I remove that RULE in the firewall software, and run update.exe again, the question from the firewall komes back.

So this is NOT the problem.

None of the plugins even start!! Found that out today when I tried the software on the other (W2K) machine
Control-a and control-u does NOTHING. No reaction from TDS AT ALL
Only when the cursor is in the main window control-a selects all text.

All software on this machine is also installed on the other. (Spywareguard Trojan Hunter UD.exe etc.)
The install went the same, every option got permission to goto internet and remembered bij the firewall.

As I told above, I have an option in my firewall settings to "remember" that a certain program can have access, so I don't have to allow it each time it is run.
UD never gave me any problems and the fight agains Cancer is a big topic for me so I want to keep it running.
The "homework" packets go to and from the UD server like a charm. As go the life updates for Norman AV, trojan Hunter Spyware guard etc.

What else can I do?

I did get sound from the pc speaker BTW when running the demo. With the renamed WAV file I also got success!! (YESS!).

Can I check my registry on where the TDS homefolder is specified?

Frans

Looks like TDS self-defence is showing some of itself.......
Guess you're not looking into a reformat and start again.
Or... XP ... do you still have a valid restore point from before you ever installed TDS the first time?
If possible go back to that moment, install TDS, insert the keyfile, reboot, and see what happens then?


Hope your throat is ok soon again, not nice on your sunday!
The wav is nice eh? All created with a TTS engine, no human voice in there. If you got TDS speaking in the meantime, you might like to use TDS as a pronounciation engine too, i do when not sure about a word; type
speak "hello word to procounce" and after the enter you get what you typed between the " "

Are you connected via a network with your wife's computer? How about installing CryptoSuite on both systems and have your own home message system?
If you can't speak it with your sore throat you can still write it! Might be the evaluation version is not able to host the chat server, but you can both connect as a client to other servers on internet to have an idea.

No, sorry that is not an option. Never used that step back stuff before.
On top of that, I have no idea when i forst started the trial version. It did not work then so i forgot about it untill it was to late to try to make it work.
Then I assumed that those functions did not work because of the trial.

But how come there is no error msg at all? No reaction at all seems not good to me!

Frans

;D !!!!!!! IT WORKS !!!!!!! ;D :o

You will not believe when you see this solution.
I deleted the complete installation for the 10th time and booted.
Installed theTDS in c:\TDS3 with all security ON, firewall, AV en all the rest.
No problem at all, just the change to the new folder did the trick. :-\

What can I say? Thank you for all the imput and time spend on this subject. I hope this helps in future and for others ass well.

Now I can go and buy some more goodies from Diamond CD PG will be first as soon as I get the discount stuff working...

Did I win a prize? ;D

Frans

So! Congratulations! Does now everything work fine, including the update via TDS and all of that, the contr+A, netstat, seeing the autostartviewer, plugins, etc etc?
This is great! Make sure you have all the scripts and speech parts (from the TDS downloadpage) too, for all your pleasure have all the goodies from those pages and see what will be the next steps.
Oh, and register for the DiamondCS forum on the site too, and especially for the TDS private registered operators only forum.
Now if you have the speech parts and msagent parts installed too you will will great happiness load the InnerPeace script from the scripts files 8) a very good one for such a happ sunday.
For the happy ocasion a karma cookie to start your apetite! :) Enjoy TDS! (and the other wonderful programs, YESS!)

-{ Quote: " quoting: Fraha link=board=5;threadid=25829;start=30#msg151003 date=1080473805]
;D !!!!!!! IT WORKS !!!!!!! ;D :o
" }-

Congrats Frans (gefeliciteerd) !!!

Karma cookie for you *puppy*

Groetjes, Jan.

Well done Fraha! ;D have another Karma cookie from me.

Now you will have to try the other goodies like Port Explorer, Process Guard & CryptoSuite - All fun to use and leading edge security for your system :)

Thank you all for all those yummy cookies! :-*

And for the good advice about the other TDS stuff. I'm evaluating PG now and I ask myself if I need CS. What can one do with that? I use pgp now for secret messages and signing. Does CS do more than that?

Further I would like to have the Manual for TDS in a more readable format.
Can somebody make that a WORD file or, better still, a PDF file (Adobe) ?

I'm off to evaluating CS now, bye

Frans

Fraha, When you try CryptoSuite please join us on our chat channel
Server: 81.105.28.14 Port: 5096 Pass Word: pc2
Then click connect -Your firewall will probably ask for permission but it will work :)

Process Guard is probably the single most powerful weapon developed against malware at this time and without the need for daily updates.

Enjoy - Pilli

Hi Philli,

PG is working here in trial now. Looks good.

Crypto chat cannot connect with the info you gave me. No reason given.
Any idea?

(Should we start another tread?)
oops, wrong port used. It works. Thank you! ::)
Frans

For CryptoSuite, yes best look /write in the CryptoSuite forum :) (look exactly at the IP, port, password, Pilli gave you! and give a username for yourself and press connect -- tell your firewall you need permission to get out and it should work like a charm; let your wife conect from her pc to the chat server too so you can see how that works too!)

It's much more then a chat and ah lots more will come!
Fire up TDS and Port Explorer:
in Port Explorer look with which port you're going out to the chatserver, and set TDS port listen on that port or your incoming port for that activity.
You should get only unreadable stuff as it is encrypted.
Now in Port Explorer look for the application and process, enable socket spy and look for the datapackets to and from your system!
Most probably you will have to grant Port Explorer internet connection too if you want to do some stuff like using those utilities (part will be disabled in the evaluation version)
So you can discover how to work with the several programs together!
I'm sure you will sort it out to get into the chat too!