TDS-3

Discussion in 'Trojan Defence Suite' started by yobert, Sep 14, 2003.

Thread Status:
Not open for further replies.
  1. yobert

    yobert Registered Member

    Joined:
    Sep 4, 2003
    Posts:
    10
    Hi all

    I used TDS3 for the first time today and i got this when i did a scan. Is this anything to worry about?

    Scan Control Dumped @ 00:30:08 15-09-03
    Live trojan found (in process memory):
    File: C:\WINDOWS\System32\smss.exe

    Live trojan found:
    File: C:\WINDOWS\system32\winlogon.exe

    Live trojan found:
    File: C:\WINDOWS\system32\services.exe

    Live trojan found:
    File: C:\WINDOWS\Explorer.EXE

    Live trojan found:
    File: C:\WINDOWS\system32\spoolsv.exe

    Live trojan found:
    File: C:\Program Files\PestPatrol\PPControl.exe

    Live trojan found:
    File: C:\PROGRA~1\PESTPA~1\PPMemCheck.exe

    Live trojan found:
    File: C:\PROGRA~1\PESTPA~1\CookiePatrol.exe

    Live trojan found:
    File: C:\Program Files\Eset\nod32kui.exe

    Live trojan found:
    File: C:\Program Files\Creative\ShareDLL\CtNotify.exe

    Live trojan found:
    File: C:\WINDOWS\System32\P2P Networking\P2P Networking.exe

    Live trojan found:
    File: C:\Program Files\Creative\ShareDLL\MediaDet.Exe

    Live trojan found:
    File: D:\Program Files\WinZip\WZQKPICK.EXE

    Live trojan found:
    File: C:\PROGRA~1\Altnet\DOWNLO~1\asm.exe

    Live trojan found:
    File: C:\WINDOWS\System32\CTSvcCDA.exe

    Live trojan found:
    File: C:\Program Files\Eset\nod32krn.exe

    Live trojan found:
    File: C:\WINDOWS\System32\nvsvc32.exe

    Live trojan found:
    File: C:\Program Files\Internet Explorer\iexplore.exe

    Live trojan found:
    File: C:\WINDOWS\msagent\AgentSvr.exe

    Suspicious Filename: Filename consists only of spaces (except for extension)
    File: c:\program files\common files\symantec shared\symsetup\.exe

    should i delete them or what shall i do?
     
  2. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Hello Yobert and welcome to the forum!
    Did you close all your other AV/AT and registry protections tools and close every other application before installing TDS? Maybe even unchecked them in the Autostart (MsConfig > Startup is the easiest as you can check them back on after the install) --reboot to make sure they're reallyu closed -- install TDS -- enable the autostarts -- reboot.
    Did you reboot after installing TDS?
    Did you also go back to the site and got the last update, put it in the TDS-3 directory and started TDS then?
    Suppose you run it on XP?
    Did you install both as an administrator and as a user or was this a scan from the user account without having it installed on that level or without a link to "run as" a service with the admin password?
    Those things come in mind in the first place.
    If this was not the case please try to do so and scan again with every scan option checked and on highest sensitivity.
    Tell us how the results are with that please!
     
  3. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    No name there after the :

    Corrupt database must be the case :( download an updated database and restart TDS
     
  4. yobert

    yobert Registered Member

    Joined:
    Sep 4, 2003
    Posts:
    10
    Ok, i did what Jooske said turn off all programs in msconfig and reinstalled it. This time when i ran TDS-3 i dident find any Trojan =)
    Thanks for the help. On thing more this has nothing to do with TDS so you dont need to awnser. Should i always turn of all programs with msconfig when i install stuff like graphich drivers etc..
     
  5. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Hi again, glad it worked for you! Now keep it updated!

    Make it a rule to always close all programs which are not really needed but most certainly AV/AT scanners (TDS not as it's only resident part exec protection doesn't actually "run") when (un)installing other software, doing a scandisk/defrag etc.
    TDS/WG/PE all go rather deep into your system so with those it is rather essential to have everything else closed, things like a utility, a drawing program, such might be less important but again do close the AV/AT for them a few moments (after you first scanned the file you're intending to install of course).

    Hope this helps in your safe computing!
     
Thread Status:
Not open for further replies.