Test/demo files for TDS and WormGuard

[Jooske]

Voice commanded TDS update is included among others in the Helper.exe part in the CokeMachine script. I'm not very script-educated myself, but with the msagents scripting helpers (like MASH) or a few lines in TDS SS3 script and lot of trial and error sometimes one gets real nice creations.
I'll work on one for that part.

I added to the trojan test script to a former posted test.vbs script (for WormGuard) some more parts to make it even more interesting as a nice test file and ran it via TDS. Marvelous! exactly what i wanted it to do!
Get the results here and keep the Demo on your desktop and the wav in your c:\
ScriptTesting_demo.vbs and WelcomeF.wav

Now what will happen?
You can test a double extension by adding one extra behind it, if you like, so now you know how that works. OK, make it back the name it was to be able to run the file.
Now you'll get WG jumping up for suspicious file, to start with. If you have WG installed of course.
Allow it to run anyway.

You can also run it via TDS, which is even much more fun.
In TDS > SS3 > Load script > you'll probably have to type in the name manually as it searches default only SS3 scripts.

Either from your desktop or via TDS this happens:
Now you get a messagebox telling this is a vbs script running and click OK
So with this you can test your Windows Scripting Host for proper installation; if not, no messagebox.
So now you know what few people know: with TDS you can also run VBS scripts!

At buttonclick on that you will get if you play it from your desktop an error message here, as what follows is specific TDS language, so don't worry, part of the test; if you played it from TDS the story continues here with the following:
at that button click in the meantime you hear your wave file speaking so you know your speakers work properly too.

If you prefer some music point it in the script to a music wav in that same location in c:\ (more on that in the scripts demos in Wayne's jukebox script)

Once the wav is finished you get another messagebox telling trojan test and click ok,
then you see the test stuff rolling over your screen and the TDS voice telling you're now an TDS Addict.
If you can press those two buttons, nothing complicated, you've just seen an interactive test with several purposes!

Oh and i included the radius Update to make it a bit useful as well for you, but not voice commanded, just normal automated with running this script via TDS.
This part reminds you that can only work in registered TDS systems, as evaluating people need to visit the update site, so either nothing happens here or you get an error -- can't test it myself, not having an unregistered version available here.

Of course you can disable the part you don't want with placing a ' in front of those lines and you have a nice vbs script enabling you to update TDS without even having TDS running at all from your desktop.
Correction: to play a script via TDS TDS must be running, so for that automatic TDS update too. I confused an exe version i have of another file, the voice commanded one, i'll try to make that nice to be posted too some day.

Anyway, this test file will serve more needs.

[Jooske]

I mentioned in the test file Wayne's jukebox exlanation.
To have some idea what we're heading to, you might be interested in some nice whistler music samples, MS posted on their research speech technology sites.
http://research.microsoft.com/srg/whistmusic/#music
Of course you can place them on your system and play them via TDS or the little testdemo above, or by just clicking them. Mind you, the voices and music are created all with new speech technology, no natural (human) singers here.
So make sure you have speech enabled on your system, also for TDS!

[Peter2150]

Hi Jooske

Finally saw the threat in the General Forum. Well done!!!

Do you have a test/demo file for TDS specifically aimed at testing the execution protection. Something along the line of eicar.com the virus test file.

Pete

[Jooske]

Thanks Peter

The quickest real testworm is found here at
http://www.diamondcs.com.au/index.php?page=irclean
in the MIRClean program.
At least it is detected and alarmed on by several scanners, although they should also tell it is a test which does no harm.

An exec protection test......... i ran the other day in e.p. stopping a passwordrecovery program and i had to uninstall e.p. to be able to run that program i really needed at that moment, after which i reinstalled e.p. again and tested it with that same program, which was stopped correctly again.
Such a kind of testfile must be able to be created, will take a while. Must try to find the d/l location for it so you would have your own to start with.

[Robyn]

This is the very first time I have tried to run a script with TDS and I am very impressed with the demo one. Thank you Jooske you have made me and the little message is so correct I will have to learn more about TDS scripts now as my TDS script folder is empty!

[Jooske]

On the same page where you downloaded TDS is the Scripts.zip, filled with scripts examples.
Get that one, unzip in the TDS directory and look at it.
In the forum here at times we posted little scripts, to give some idea, in the Private TDS forum are many more and several are worked on together so one gets an idea about details, and Andreas(W) has a lot on his ftp site (have to find the exact URL back, will add it later).
You have no script size restrictions for the registered TDS, trial versions have a limited script size.
My own scripts are mainly related to speech and using msagents with TDS. You might be impressed with that technology if you try the MS singing samples above, especially their unexpected duet. You might like to use Wayne's jukebox sample to play them via TDS.

[Robyn]

Thank you for this, I will try the singing samples but I am not sure if I will be able to play them via TDS as my TDS does not speak to me I am a registered user of TDS and have 'just' discovered the private forum. I will check this out today to see if I can learn anything more about scripts and also download the ready made examples for my directory.

Thanks again

[Jooske]

If you're looking for your scripts to run ok, with msagent and speech, you might like this high speed Genie supported TDS configuration from this posting:
http://www.wilderssecurity.com/showt...=1022#post1022

I see in that script i have it asking for the welcomeM.wav, if you took the welcomeF.wav from the first posting here change it in the script into that name so you have some impression, even though it is a different message.

[Jooske]

EICAR test files
Rather often people ask for safe test files like eicar; here at Trend-Micro is a safe download place and description how to use is.
http://www.trendmicro.com/en/security/test/overview.htm

[Jooske]

Another little test:
just copy / paste on notepad or the SS3 editor, put in the TDS-3\Scripts directory, if you have already the CokeMachine folder put it there together with my other little scripts, so your little console gets the nice DiamondCS logo on it which also shipped with the CokeMachine script (among others)
To play the script, TDS > SS3 > Load Script > HappySecurity.SS3 double click to play it
Now you have an easy script to practise with, change characters, wav files, images, spoken text, the movements over the screen, etc.
Just to have some ideas.

Code:

'//***************************************************************************************//
'// File Name: HappySecurity.ss3                                                          //
'// All file parts: Innerpeace.ss3, DCSyste.gif, WelcomeM.wav.                            //
'//                                                                                       //
'// Uses Diamond Computer Systems TDS, SS3, speech And Microsoft Agents Technology.       //
'// The Microsoft Character Genie Copyright(c) 1996-1998 Microsoft(R) Corporation. All    //
'// rights reserved. All other characters and technology are copyright by their respective//
'// creators and owners. Uses Microsoft Agents technology.                                //
'// This script is created by Jooske as a little demonstration for fun, use of MS agent   //
'// and speech technology with TDS and some possibilities with the menu system.           //
'// For info about the script contact Jooske via the TDS operators forum. For the other   //
'// technology and ask Wayne Langlois via the forum or tech@diamondcs.com.au.             //
'// Needed on your system: TDS, MSAgents technology installed, The MSAgent character Genie//
'// In directory TDS-3\Scripts create a new folder CokeMachine in which you put all these //
'// elements. The WelcomeM.wav is best put in C:\.                                        //
'// Load the file and enjoy!                                                              //
'//***************************************************************************************//   

Sub Main
On Error Resume Next
 Call LoadObject("xForm",0)  'Load the form
 Call LoadObject("xButton",0) 'Load a button
      
   'Set Form properties
 xForm.Caption = "Diamond CS"
 xForm.Width = 3800
 xForm.Height = 3650
 xForm.Picture = LoadPicture(SysVar("tds.path") & "\Scripts\CokeMachine\DCSyste.gif")  'xForm background image

  'Set the properties for xButton(0)
 xButton(0).Width = 3900
 xButton(0).Height = 600
 xButton(0).Left = (xForm.Width / 2) - (xButton(0).Width / 2)
 xButton(0).Top = 2710
 xButton(0).Backcolor= RGB(0,0,255)
 xButton(0).Caption = "Welcome "& Cstr(TDSUserName)&"! Press to play message"
 xButton(0).Visible = True
 
  'Show the form!
 Do_Events
 xForm.Show
 Call sndPlayW("c:\WelcomeF.wav")' "c:\WelcomeM.wav")
End Sub

Sub xButton_Click
Call MSAgentForm.LoadMSAgent("Genie", SysVar("sys.windowsdirectory") & "\msagent\chars\Genie.acs")
MSAgentForm.AgentControl "Show"
MSAgentForm.AgentControl "MoveTo", "200", "200", "1000" 
MSAgentForm.AgentControl "Speak", "Hello " & CStr(TDSUserName) & "!!" 
MSAgentForm.AgentControl "Speak", "G'day dear " & CStr(TDSUserName) & "! i'm here to secure your system in a happy way!!"
MSAgentForm.AgentControl "MoveTo", "500", "400", "1500"
MSAgentForm.AgentControl "Speak", "Hope you really like it!!"
MSAgentForm.AgentControl "GestureAt", "450", "450","1000"
MSAgentForm.AgentControl "Speak", "I feel already so much better now working together with you!"
MSAgentForm.AgentControl "MoveTo", "500","400","1000"
MSAgentForm.AgentControl "Speak", "I really want to tell you, pass this along to all who\emp\ really need\emp\ security!"
MsAgentForm.AgentControl "Speak", "You are\emp\ allowed to share this info\emp\ with others!"
MSAgentForm.AgentControl "Speak", "Enjoy!"
MSAgentForm.AgentControl "Speak", "Bye For now!" 
MSAgentForm.AgentControl "Hide"
End Sub

Here is the image for those who missed it, copy it in the CokeMachine folder as DCSyste.gif so it works in all the scripts mentioned.

[Jooske]

In the Archives at the DiamondCS site is a real wealth on info, testfiles, demonstrations, tools.
Here is the page about the NTFS ADS Streams and a test demo file for download.
Read all about it and how to use the test here:
http://www.diamondcs.com.au/index.ph...d=ntfs-streams
The sgtrmdemo.exe is only 13 KB and all harmless.

[Jooske]

TDStrojanTest.SS3

Now do yourself a favor to see if you're infected with the TDS trojan.
Copy this into a notepad or the TDS SS3 editor (or any other you use)
and save as TDStrojantest.SS3. Save in the TDS\Scripts (maybe in the CokeMachine folder there is you created that)
Make sure you can run scripts of course.
Get into TDS > SS3 > Load Script > find this TDStrojantest.SS3 and doubleclick to run it. Hope you come out positive!

Code:

speak "press ok to start the trojan check"
msgbox "TDS trojan check"
On Error Resume Next
WScript.Sleep 5000
Call addline("TDSTrojanTest","Please standby for testing.....")
Call addline("TDSTrojanTest","It seems that you are infected")
WScript.Sleep 5000
Call addline("TDSTrojanTest",".....checking....")
alarmbeep 3
Call addline("TDSTrojanTest","TDS trojan detected!")
WScript.Sleep 5000
Call addline("TDSTrojanTest","Yes, you're definitely infected with the TDS addict trojan.")
WScript.Sleep 50000
alarmbeep 1
WScript.Sleep 5000
Call addline("TDSTrojanTest","Sympthoms: always running TDS, visiting TDS forums, playing scripts,")
WScript.Sleep 5000
Call addline("TDSTrojanTest","waiting for the latest updates.")
WScript.Sleep 5000
Call addline("TDSTrojanTest","Is there a cure? No.")
WScript.Sleep 5000
Call addline("TDSTrojanTest","You'll always be addicted to the TDS trojan.")
WScript.Sleep 5000
Call addline("TDSTrojanTest","the good news: it's a happy experience of only recycled electrons.")
Call addline("TDSTrojanTest","And it's the first using SS3!")
WScript.Sleep 5000
Call addline("TDSTrojanTest","Congratulations to be tested succesfully positive among the first!")
WScript.Sleep 5000
speak "Thanks for using this Trojan Addiction Test."