TDS - Not Responding (XP Pro)

Discussion in 'Trojan Defence Suite' started by Dilraig, Jan 27, 2004.

Thread Status:
Not open for further replies.
  1. Dilraig

    Dilraig Registered Member

    Joined:
    Aug 5, 2003
    Posts:
    11
    If anybody has any general advice they'd like to offer, I'm all ears ;)

    Had TDS3 for over 12 months & it's been running fine on XP Pro till now... Drive file scan hangs:

    Background prior to problem
    Re-installed the OS & made it a stand alone box. I copy the Radius TDS3 file from a dummy internet connected computer after I update that machine TDS3 v3.2.0.0.

    Default config start up scan, works correctly.
    Nominated file scans also work.
    Noted that it tends to hang on particular folder during drive scan.
    Excluded the folder scan progressed further to another folder which also hung.
    Removed flag from Deep Search - no change

    Although some consistency in hanging on the same initial file type "DS_STORE file"... it does the same later in c:\Windows & its not limited to any one folder.

    Any ideas on what to do next?
     
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Dilraig, Try disabling deep search in archives and let us know your results please
     
  3. Dilraig

    Dilraig Registered Member

    Joined:
    Aug 5, 2003
    Posts:
    11
    Yep already covered above "Removed flag from Deep Search - no change"
     
  4. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    OK, Can I suggest that the install may not have been 100% so disable Executive prevention , if you have it installed and uninstall TDS. Tehn reinstall TDS. One other thing delete any 0byte files in the TDS folder, may help.
     
  5. Dilraig

    Dilraig Registered Member

    Joined:
    Aug 5, 2003
    Posts:
    11
    Thanks, I'll try that & let u know.
     
  6. Dilraig

    Dilraig Registered Member

    Joined:
    Aug 5, 2003
    Posts:
    11

    Ok un-installed TDS3, downloaded a fresh copy & installed.

    Using "scan control" - elected c:\Windows & ran different config combinations.

    Only selection that failed to finish the scan was "Scan for hidden executables"

    I replicated this by scanning another folder which TDS3 which caused it to freeze previously.

    So for me "Deep Search" works fine, but "Scan for hidden executables" appears not to like some files on the current system... is this likely or perhaps something a little more molevelent at work?
     
  7. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Dilraig, I'm not sure what you should try next :( Unless ther is a file that TDS cannot read and gets stuck on - Maybe a self installer .exe?
    Have you scanned for spyware using AdAware or Spybot just to ensure youhave no other nasties?
     
  8. Dilraig

    Dilraig Registered Member

    Joined:
    Aug 5, 2003
    Posts:
    11
    Thought less likely as this is not network connected & all files have been pre-scanned before installing.

    Ran Ad-aware & Nortons AV (up-to-date def's) - appears clean as a whistle - no problems completing scans on the drive.

    It apears I have RAT.RVC 0.91 (dll) [File name: pthreadvse] which I've found is a real threat:

    Category:

    RAT: (Remote Administration Tool) A Trojan that when run, provides an attacker with the capability of remotely controlling a machine via a "client" in the attacker's machine, and a "server" in the victim's machine.
    Variants:
    RVC 0.91
    RVC 0.92

    TDS3 gave a positive id for it within a program folder. Strangely there was no running processes:
    rvc.exe
    rvs.exe

    Nor any mentionin the registry.

    I believe this was installed along with a program I downloaded as it was found in the same install folder... it was originally a compressed image which I scanned with TDS3, but returned a verdict of clean against the original image file.

    Don't know whether this bears on my original problem... but good to see it was picked up!
     
  9. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    If you have a copt of it, would you please zip it & send it to DCS submit@diamoncs.com.au

    Cheers!
     
  10. Dilraig

    Dilraig Registered Member

    Joined:
    Aug 5, 2003
    Posts:
    11
    Done.

    Thanks for your help :)
     
  11. flkeyman

    flkeyman Guest

    While this is happening to me on Windows 2000 Pro, it seems to be a very recent occurence right after the download and install of the latest Microsoft security patch. My system works on boot but sometime afterwards, locks or freezes to the point that I need to power off. Reminds me of the old "memory leak" issues of yesteryear. MS Knowledgebase has advice on disabling IPSec but that did not stop freeze/lockup. Only thing that stopped it was not turning on TDS-3.

    Any help appreciated.
     
Thread Status:
Not open for further replies.