PLEASE READ ! Radius file update at 12-July-2004

Whoooeee! Also just did the update thing and amazed to see all these Trojan Droppers flash before my eyes. Thank god this forum works and good to see the responses....most helpful!

 

I'm very happy many TDS users see something is not right and investigate in the forums! So in case you see people in trouble and before they get desperate please tell them to try it at another mirror as something went wrong. I'm sure Gavin / DiamondCS will do their utmost to have this solved as soon as possible.
Must not think of the many people who deleted necessary files!
Hope SFC is an option, or in fact i hope people saved the scandump before starting to delete.

 

is it that diamondcs servers have been just hacked and tds3.radius file changed?

 

No hack, something must have gone wrong with uploading to several mirrors as several others are ok
Is your update ok? 35749 references you should have.

 

Re: Radius file update at 12-July-2004

ikya, very sorry to read your problem!
anytime you recieve that many problems(flase positives) after
an update you should always look into it(very deep)
programs are made by man and man is not always perfect!!
using programs in the past and screwing them up has always been
a shame(live and learn)
Hopefully you have system restore on you pc or go-back?
can you post what version of windows your using?

 

Thankfully I did not delete any files and looked into this forum. Like most people I could not believe that every file in the start-up list had a worm in it, but, was worried. Thanks for the help.

 

Glad you were carefull but some were not that lucky!
I'm really sorry and hope system restore is an option. Imagine people who did not have system restore enabled......

 

then they are fools and should know better,Jooske not your fault at all

 

Imagine the following:
people have been infected, maybe cleansed out with the HJT stuff or a spybotS&D scan, whatever, disabled restore, think to do a TDS scan to be really sure, with the intention to put restore back after that. iiieeeeeeee no system restore. If they only please do not delete any files but.......
What can they do if they did and can't reboot into windows anymore?

 

I too am really, really sorry if people got into all kind of problems after having installed this corrupted Radius-update.


The first lesson should be:
Get yourself a backup-imaging program to make a full backup image of every thing on your system, and make frequently a backup image.
Choose the backup imaging program that works for you: Norton Ghost, DriveImage (formerly from PowerQuest, now also from Symantec), Acronis TrueImage, or whatever program that you feel comfortable with!!!

Second lesson should be:
Don't panic in case you get an alert !
Try to see whether there is info about it at the internet, go to the support-forum of the program that gave those alerts, ask questions about it, send an email to the developper of that program.

Third lesson:
If you have the money for it, use another scanner to get a second opinion.

 

yes, this was a serious nightmare!! I was deeply involved in something else this morning (a legitimate problem | which I fixed) which involved wiping a hdd on a backup system and restoring date. when that was all done, I installed 2 small apps that I had been holding and then opened tds3 and updated, and sure enough, it reported trojandropper, keyword:GOD and RAT:Cabroater in key files. in a panic, I did not delete, I bought a new hdd, laid down a ghost image and the ghost was from this morning and had the same radius so all the same errors reported. from there it went slightly more crazy. but at least I had a clean backup I can go back to.
1) really disappointed that DCS let this happen
2) that they did not send out email alert to their registered users, during the day no time to come here.
3) I saw no alert on the DCS web page.
so how is this prevented or mitigated in future ??

 

AAAAAHHHHHHH!!!!!! What a day I picked to download and run TDS-3 for the first time.

I went from thinking my computer was so infested with trojans that couldnt be removed that I'd have to reformat and reinstall, to thinking TDS was actually a trojan in disguise, to (fortunately) finding this forum and this thread. WHEW! Everythings okay now , but what a scary introduction to TDS-3.

 

Hi poogimmal,

I am so sorry that you too got so much in trouble after this corrupted radius update.

Let us all please keep in mind that the DiamondCS guys did soooo much GREAT work in the past.
It is now our turn to show our gratitude and thankfulness to them !
Let us all please be patient and give the DCS guys the time to solve this.
Several of us are trying to post warnings at several forums, just to inform TDS-3 users.
So once again: let us all keep our trust in the DCS guys and give them the time to try to fix this.
I for one will definitely do so !!!!!

Best regards, Jan.

 

FanJ, Now I know why I am A fan of J's!!
Very well put.
I am a new user to this product and so far am
very impressed with the software and very impressed with the
help I have and will receive in the future!!
thank you

 

Purchased the program on 7/7/04 and finding a problem inside of the first week of ownership. Question to the forum... Has this happened before?

 

Hi BlueIsis,

Glad everything is OK on your system now !!!
Sorry for the trouble.

And welcome to the Wilders-board !

Cheers, Jan.

 

Hey Gordon !

Welcome to TDS-3 !

Thanks for your kind and warm words !!!

Warm regards, Jan.

 

Hi Hyde_Park,

Welcome to TDS-3
You said that you purchased TDS-3 recently. So now you can also ask for to read and post at the private DiamondCS-forum

You asked "Has this happened before?"
The answer is "no".
Some more about this:
In TDS-3 is an option to update it from within TDS-3 (not working for trial-users).
That feature uses a file in your TDS-3 directory called update.cfg
That file lists the update-servers, there are several of them.
That file is frequently updated.
It has happened before that a server on that list had a problem (those things happen; could have been caused by several reasons).

The thing that you should keep in mind, is this:
On working days the definitions for TDS-3 are usually updated.
Gavin posts those updates at such a day here at Wilders at the Update forum.
It is always very much adviced to check his postings and, after having updated your TDS-3, to check whether you have the same numbers.

I hope this might help.

Cheers, Jan.

 

I too have had trouble with the update. Went to the Turvamies site and downloaded. Did it help? Did it hell. Now TDS 3 freezes during its initial scan and refuses to respond. I must admit that I have never felt comfortable with TDS 3. Far too complicated. A monster that I have always left well alone.

As a result of this update trouble, I have installed Trojan Hunter - and you know what? I really like it - and I don't need a degree in computer software to understand it.

 

Hi Grantley,

I'm sorry to hear about your problem.
Well, there is NO degree in computer software required for TDS-3
Could you post what your TDS-3 is telling about this, from its console:

04:50:45 [Init] • Systems Initialised [35749 references - 13992 primaries/9984 traces/11773 variants/other]
04:50:45 [Init] Radius Systems loaded. <Databases updated 12-07-2004>

Cheers, Jan.

 

The database problems have been corrected and measures are now being put in place to ensure that this cannot happen ever again.

This also happened to one of the updates the day before. It's a strange problem - it only occurred when we switched over to a newer, faster ISP, but the problem was actually isolated to Microsoft's own ftp.exe which I found quite bizarre to say the least, and only a few bytes were being corrupted (from a 1.3mb file). It may be due to the huge packet size that ftp.exe uses, but I'm not going to waste any more time finding the exact problem in ftp.exe. Instead, I'm writing my own FTP client to automate the uploading of these files, as well as adding a second check to ensure that the CRC32 of each uploaded file matches our local image to ensure that such corruptions cannot happen again. This will all be done by the end of the day so tonights update should be flawless, but like I said, todays/last nights databases have already been corrected.

We sincerely apologise for any inconvenience, confusion or delay that this has caused anyone.

Best regards,
Wayne