TDS3 Hanging at Startup ? Help Plz

Discussion in 'Trojan Defence Suite' started by pazuzu, Sep 4, 2004.

Thread Status:
Not open for further replies.
  1. pazuzu

    pazuzu Registered Member

    Joined:
    Nov 26, 2003
    Posts:
    27
    Location:
    N Z
    o_O Hi Gang , Its been a while since ive needed to pick your collective brain (so to speak) lol . now is one of those , TDS is not loading properly on reboot , running win xp sp1 & installed 2 today . i had to uninstall , therefore no exe protection . which unnerves me . i will enclose a log of my autostart
    for yall , maybe something is conflicting , please help . thanx . Pazuzu , nice to be back by the way :)

    DiamondCS Autostart Viewer (www.diamondcs.com.au) - Report for Pazuzu@W98-7VDJ5PK1, 09-05-2004
    c:\windows\system32\autoexec.nt
    C:\WINDOWS\system32\mscdexnt.exe
    C:\WINDOWS\system32\redir.exe
    C:\WINDOWS\system32\dosx.exe
    c:\windows\system32\config.nt
    C:\WINDOWS\system32\himem.sys
    c:\windows\system.ini [drivers]
    timer=timer.drv
    c:\windows\system.ini [boot]\shell
    C:\WINDOWS\Explorer.exe
    c:\windows\system.ini [boot]\scrnsave.exe
    C:\WINDOWS\System32\logon.scr
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
    C:\WINDOWS\Explorer.exe
    HKCU\Control Panel\Desktop\scrnsave.exe
    C:\WINDOWS\System32\logon.scr
    HKCR\htafile\shell\open\command\
    C:\Program Files\AnalogX\Script Defender\sdefend.exe %1 %*
    HKCR\vbsfile\shell\open\command\
    C:\Program Files\AnalogX\Script Defender\sdefend.exe %1 %*
    HKCR\vbefile\shell\open\command\
    C:\Program Files\AnalogX\Script Defender\sdefend.exe %1 %*
    HKCR\jsfile\shell\open\command\
    C:\Program Files\AnalogX\Script Defender\sdefend.exe %1 %*
    HKCR\jsefile\shell\open\command\
    C:\Program Files\AnalogX\Script Defender\sdefend.exe %1 %*
    HKCR\wshfile\shell\open\command\
    C:\Program Files\AnalogX\Script Defender\sdefend.exe %1 %*
    HKCR\wsffile\shell\open\command\
    C:\Program Files\AnalogX\Script Defender\sdefend.exe %1 %*
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\WinampAgent
    C:\Program Files\Winamp\winampa.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\NeroCheck
    C:\WINDOWS\System32\\NeroCheck.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Ulead Memory Card Detector
    C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 Trial\Monitor.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Keylogger Killer
    C:\Program Files\Keylogger Killer\KeyloggerKiller.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\pccguide.exe
    C:\Program Files\Trend Micro\Internet Security\pccguide.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\PCClient.exe
    C:\Program Files\Trend Micro\Internet Security\PCClient.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\TM Outbreak Agent
    C:\Program Files\Trend Micro\Internet Security\TMOAgent.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\MRUBlaster
    C:\Program Files\MRU-Blaster\indexcleaner.exe -COOKIES
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\Index Washer
    C:\Program Files\Webroot\Washer\WashIdx.exe "Pazuzu"
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE
    C:\WINDOWS\system32\ctfmon.exe
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run\MsnMsgr
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Window Washer
    C:\Program Files\Webroot\Washer\wwDisp.exe
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Yahoo! Pager
    C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Steam
    C:\Program Files\Steam\Steam.exe -silent
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\Index Washer
    C:\Program Files\Webroot\Washer\WashIdx.exe "Pazuzu"
    HKU\.Default\Software\Microsoft\Windows\CurrentVersion\Run\CTFMON.EXE
    C:\WINDOWS\System32\CTFMON.EXE
    HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
    C:\WINDOWS\system32\SHELL32.dll
    C:\WINDOWS\system32\SHELL32.dll
    C:\WINDOWS\System32\webcheck.dll
    C:\WINDOWS\System32\stobject.dll
    C:\WINDOWS\Tasks\1 Copernic Intra-Daily ~W98-7VDJ5PK1 Pazuzu.job
    C:\Program Files\Copernic Agent\CopernicAgent.exe
    C:\WINDOWS\Tasks\2 Copernic Daily ~W98-7VDJ5PK1 Pazuzu.job
    C:\Program Files\Copernic Agent\CopernicAgent.exe
    C:\WINDOWS\Tasks\3 Copernic Weekly ~W98-7VDJ5PK1 Pazuzu.job
    C:\Program Files\Copernic Agent\CopernicAgent.exe
    C:\WINDOWS\Tasks\4 Copernic Monthly ~W98-7VDJ5PK1 Pazuzu.job
    C:\Program Files\Copernic Agent\CopernicAgent.exe
    C:\Documents and Settings\Pazuzu\Start Menu\Programs\Startup\SpywareGuard.lnk
    C:\Program Files\SpywareGuard\sgmain.exe
    C:\Documents and Settings\Pazuzu\Start Menu\Programs\Startup\MRU-Blaster Scheduler.lnk
    C:\Program Files\MRU-Blaster\scheduler.exe
    C:\Documents and Settings\Pazuzu\Start Menu\Programs\Startup\MRU-Blaster Silent Clean.lnk
    C:\Program Files\MRU-Blaster\mrublaster.exe
    C:\Documents and Settings\Pazuzu\Start Menu\Programs\Startup\
    C:\Documents and Settings\Pazuzu\Start Menu\Programs\Startup\Reboot.exe
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GetRight - Tray Icon.lnk
    C:\Program Files\GetRight\getright.exe
    HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
    autocheck autochk *
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
    C:\WINDOWS\system32\userinit.exe
    HKLM\System\CurrentControlSet\Control\WOW\cmdline
    C:\WINDOWS\system32\ntvdm.exe
    HKLM\System\CurrentControlSet\Control\WOW\wowcmdline
    C:\WINDOWS\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386
    HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\
    C:\WINDOWS\system32\mswsock.dll
    C:\WINDOWS\system32\rsvpsp.dll
    HKLM\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}\
    C:\WINDOWS\inf\unregmp2.exe /HideWMP
    HKLM\Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}\
    C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE
    HKLM\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS\
    RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    HKLM\Software\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}\
    C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
    HKLM\Software\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}\
    C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    HKLM\Software\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}\
    %ProgramFiles%\Outlook Express\setup50.exe
    HKLM\Software\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}\
    rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
    HKLM\Software\Microsoft\Active Setup\Installed Components\{4b218e3e-bc98-4770-93d3-2731b9329278}\
    C:\WINDOWS\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf
    HKLM\Software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}\
    rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
    HKLM\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\
    rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
    HKLM\Software\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}\
    %ProgramFiles%\Outlook Express\setup50.exe
    HKLM\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}\
    regsvr32.exe /s /n /i:U shell32.dll
    HKLM\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\
    C:\WINDOWS\system32\ie4uinit.exe
    HKLM\System\CurrentControlSet\Services\VxD\JAVASUP\
    C:\WINDOWS\system32\JAVASUP.VXD
    HKLM\System\CurrentControlSet\Services\AudioSrv\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\BITS\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\Browser\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\CryptSvc\
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\DcomLaunch\
    C:\WINDOWS\system32\svchost -k DcomLaunch
    HKLM\System\CurrentControlSet\Services\Dhcp\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\dmserver\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\Dnscache\
    C:\WINDOWS\System32\svchost.exe -k NetworkService
    HKLM\System\CurrentControlSet\Services\ERSvc\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\Eventlog\
    C:\WINDOWS\system32\services.exe
    HKLM\System\CurrentControlSet\Services\Fallback\
    C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys
    HKLM\System\CurrentControlSet\Services\Fsks\
    C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys
    HKLM\System\CurrentControlSet\Services\helpsvc\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\K56\
    C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys
    HKLM\System\CurrentControlSet\Services\lanmanserver\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\lanmanworkstation\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\LmHosts\
    C:\WINDOWS\System32\svchost.exe -k LocalService
    HKLM\System\CurrentControlSet\Services\mdmxsdk\
    C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys
    HKLM\System\CurrentControlSet\Services\PccPfw\
    C:\Program Files\Trend Micro\Internet Security\PccPfw.exe
    HKLM\System\CurrentControlSet\Services\PlugPlay\
    C:\WINDOWS\system32\services.exe
    HKLM\System\CurrentControlSet\Services\PolicyAgent\
    C:\WINDOWS\System32\lsass.exe
    HKLM\System\CurrentControlSet\Services\ProtectedStorage\
    C:\WINDOWS\system32\lsass.exe
    HKLM\System\CurrentControlSet\Services\RemoteRegistry\
    C:\WINDOWS\system32\svchost.exe -k LocalService
    HKLM\System\CurrentControlSet\Services\RpcSs\
    C:\WINDOWS\system32\svchost -k rpcss
    HKLM\System\CurrentControlSet\Services\SamSs\
    C:\WINDOWS\system32\lsass.exe
    HKLM\System\CurrentControlSet\Services\Schedule\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\seclogon\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\SENS\
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\SharedAccess\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\ShellHWDetection\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\SoftFax\
    C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys
    HKLM\System\CurrentControlSet\Services\Spooler\
    C:\WINDOWS\system32\spoolsv.exe
    HKLM\System\CurrentControlSet\Services\srservice\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\SVKP\
    \??\C:\WINDOWS\System32\SVKP.sys
    HKLM\System\CurrentControlSet\Services\Themes\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\Tmfilter\
    C:\WINDOWS\System32\drivers\TmXPFlt.sys
    HKLM\System\CurrentControlSet\Services\Tmntsrv\
    C:\Program Files\Trend Micro\Internet Security\Tmntsrv.exe
    HKLM\System\CurrentControlSet\Services\Tmpreflt\
    C:\WINDOWS\System32\drivers\Tmpreflt.sys
    HKLM\System\CurrentControlSet\Services\tmproxy\
    C:\Program Files\Trend Micro\Internet Security\tmproxy.exe
    HKLM\System\CurrentControlSet\Services\tm_cfw\
    C:\WINDOWS\System32\Drivers\tm_cfw.sys
    HKLM\System\CurrentControlSet\Services\Tones\
    C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys
    HKLM\System\CurrentControlSet\Services\TrkWks\
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\V124\
    C:\WINDOWS\System32\DRIVERS\HSF_V124.sys
    HKLM\System\CurrentControlSet\Services\Vsapint\
    C:\WINDOWS\System32\drivers\Vsapint.sys
    HKLM\System\CurrentControlSet\Services\W32Time\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\WebClient\
    C:\WINDOWS\System32\svchost.exe -k LocalService
    HKLM\System\CurrentControlSet\Services\winmgmt\
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\wscsvc\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\wuauserv\
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\WZCSVC\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    Hope it makes more sense to you , TDS is uninstalled at present . Thanx
     
  2. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    I have had something similar on a couple of systems.
    Turn off the run at windows startup inside TDS-3.
    Drag a copy of the TDS-3 icon into the Start/All Programs/Startup menu.
    It worked for me so far.
     
  3. pazuzu

    pazuzu Registered Member

    Joined:
    Nov 26, 2003
    Posts:
    27
    Location:
    N Z
    thx Devincio , will try that one just downloaded another eval copy then licenced it didnt seem to have a problem now . thx a lot tho :D maybe sp2 helped ?
     
  4. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    SP2 was or was not sinstalled before you solved the hanging problem?
    I really like to know this, to be able to help other users too.
    If you say it's better to re-install TDS after having installed SP2 then we know that.
    Hope you're doing fine with TDS now? also the updating etc.
     
  5. pazuzu

    pazuzu Registered Member

    Joined:
    Nov 26, 2003
    Posts:
    27
    Location:
    N Z
    yes Jooske I installed sp2 2 days ago , tds still hung , i guess its something to do with an old copy ? of TDS ,downloaded a new copy and all is fine now tho so thank ya's all . :D Pazuzu.
     
  6. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Did your TDS copy after install also immediately update itself? I saw it happening, don't even remember if that was before or after the system reboot, but most probably after putting in the keyfile.
    And did you also notice you need to get the scripts and speech packs separately to be all complete again?

    I wait a little longer with SP2 because that XP is a dutch version.
    But now i'm at least prepared. So thank you for the warning. Hope your system and TDS all run fine again!
     
  7. pazuzu

    pazuzu Registered Member

    Joined:
    Nov 26, 2003
    Posts:
    27
    Location:
    N Z
    Thx Jooske , I honestly cant rember , i think i had to press ctrl - U to get the update, but am having a few speech issues , i never really had TDS Speaking so im trying to sort it out , havent got sapi 4 yet but have 5 , do i need 4 ? downloaded everthing i need , i think . Looked at threads on speech by you and others and have just downloaded scripts. Sam is my def voice (sapi 5 ?)
    i am not sure you are the expert here ... oh well thanx for the help yet again .
    Now for the Speech ... lol wish me luck, Pazuzu o_O . maybe ill start a Speech thread ?
     
  8. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
Thread Status:
Not open for further replies.