Tech Support Forum - View Single Post

hewwingman · 05-31-2005, 03:16 PM

Hi again. I used KillBox as instructed..haven't rebooted yet, in case it was important..
Ran TDS. Here are the results:
20:47:40 [Init] Trojan Defence Suite v3.2.0 (UNLICENSED)
20:47:40 [Init] Started 31-05-05 20:47:40 GMT Standard Time (UTC: 0), Internet Time @866.44
20:47:40 [Init] Loading TDS-3 Systems ...
20:47:40 [Init] Token successfully adjusted.
20:47:40 [Init] • TDS Privileges : OK. Adjusted TDS-3 token privileges to maximum
20:47:40 [Init] • Plugins : OK. Loaded 13
20:47:40 [Init] • Exec Protection : Not Installed
20:47:40 [Init] WARNING: Your Radius.TD3 database needs to be updated!
20:47:40 [Init] Please download the latest from http://tds.diamondcs.com.au/radius.td3
20:47:40 [Init] Licensed users can use the Update facility from the TDS menu
20:47:40 [Init] Loading Radius Advanced Scanning Systems ... <R3 Engine, DCS Labs>
20:47:45 [Init] • Radius Advanced Specialist Extensions on standby for 13 trojan families
20:47:45 [Init] • Systems Initialised [39471 references - 16560 primaries/10873 traces/12038 variants/other]
20:47:45 [Init] Radius Systems loaded. <Databases updated 14-10-2004>
20:47:45 [Init] TDS-3 Ready. <Adam@82.34.186.126, 127.0.0.1 - United Kingdom>
20:47:46 [Tip Of The Day] Did you know? - DiamondCS are the only anti-trojan company that updates DAILY.
20:47:46 [TDS] Good evening Adam.
20:47:53 [Mutex Memory Scan] Started...
20:47:55 [Mutex Memory Scan] Finished (no trojan mutexes found).
20:47:55 [TDS-3] This is an EVALUATION demo of TDS-3. Please see the help file for help on registering.
20:48:18 [Setup] Configuration saved.
20:53:52 [Quit] Unloading ...
20:58:26 [Init] Trojan Defence Suite v3.2.0 (UNLICENSED)
20:58:26 [Init] Started 31-05-05 20:58:26 GMT Standard Time (UTC: 0), Internet Time @873.91
20:58:26 [Init] Loading TDS-3 Systems ...
20:58:26 [Init] Token successfully adjusted.
20:58:26 [Init] • TDS Privileges : OK. Adjusted TDS-3 token privileges to maximum
20:58:26 [Init] • Plugins : OK. Loaded 13
20:58:26 [Init] • Exec Protection : Not Installed
20:58:26 [Init] WARNING: Your Radius.TD3 database needs to be updated!
20:58:26 [Init] Please download the latest from http://tds.diamondcs.com.au/radius.td3
20:58:26 [Init] Licensed users can use the Update facility from the TDS menu
20:58:26 [Init] Loading Radius Advanced Scanning Systems ... <R3 Engine, DCS Labs>
20:58:32 [Init] • Radius Advanced Specialist Extensions on standby for 13 trojan families
20:58:32 [Init] • Systems Initialised [56746 references - 29748 primaries/14723 traces/12275 variants/other]
20:58:32 [Init] Radius Systems loaded. <Databases updated 31-05-2005>
20:58:32 [Init] TDS-3 Ready. <Adam@82.34.186.126, 127.0.0.1 - United Kingdom>
20:58:32 [Tip Of The Day] Can't remember the port that a particular service uses? Or perhaps you can't remember the service that a particular port uses? Try the Port Reference and Reverse Port Reference utilities - available in the Utilities menu!
20:58:32 [TDS] Good evening Adam.
20:58:39 [Mutex Memory Scan] Started...
20:58:40 [Mutex Memory Scan] Finished (no trojan mutexes found).
20:58:40 [TDS-3] This is an EVALUATION demo of TDS-3. Please see the help file for help on registering.
20:58:47 [CRC32] Started - verifying 29 files ...
20:58:49 [CRC32] Test finished.
21:00:51 [Memory Scan] Memory scan started, please wait a moment ...
21:00:54 [Memory Scan] Memory scan complete.
21:00:54 [Mutex Memory Scan] Started...
21:00:55 [Mutex Memory Scan] Finished (no trojan mutexes found).
21:00:55 [Trace Scan] Started...
21:01:00 [Trace Scan] Finished.
21:01:00 [Service\Driver Scan] Scanning for services and drivers ...
21:01:05 [Service\Driver Scan] Scanned 298 services and drivers.
21:01:05 [File Scan] Scanning in A:\ ...
21:01:06 [File Scan] Scanned 0 files: 0 alarms in 1.03125 seconds (Avg 1. files/sec)
21:01:06 [File Scan] Scanning in C:\ ...
21:17:18 [Locked File] Couldn't open c:\windows\system32\d?dplay.exe for read access, file is locked
21:20:03 [Locked File] Couldn't open c:\windows\system32\??erinit.exe for read access, file is locked
21:25:30 [File Scan] Scanned 28873 files: 4 alarms in 1463.719 seconds (Avg 20.73 files/sec)
21:25:30 [File Scan] Scanning in D:\ ...
21:25:30 [File Scan] Scanned 0 files: 4 alarms in 0 seconds (Avg -1.#IND files/sec)
21:25:30 [File Scan] Scanning in E:\ ...
21:53:40 [File Scan] Scanned 13933 files: 4 alarms in 1690.141 seconds (Avg 9.24 files/sec)
21:53:40 [Scan] Finished.

Scan Control Dumped @ 22:13:38 31-05-05
Positive identification: Riskware.ProcessRestart
File: c:\program files\kodak\kodak software updater\7288971\6.1.4.37-7288971l\program\restart.exe

Positive identification <Adv>: Possible WebDownloader
File: c:\windows\helptw.exe

Positive identification (DLL): Adware.PopCap (dll)
File: c:\windows\downloaded program files\popcaploader.dll

Positive identification: Riskware.Dialer.PlayGames
File: c:\windows\downloaded program files\ringtone.exe

05-31-2005, 03:16 PM	#7 (permalink)
hewwingman Registered User Join Date: May 2005 Posts: 8 OS: windows XP pro	Hi again. I used KillBox as instructed..haven't rebooted yet, in case it was important.. Ran TDS. Here are the results: 20:47:40 [Init] Trojan Defence Suite v3.2.0 (UNLICENSED) 20:47:40 [Init] Started 31-05-05 20:47:40 GMT Standard Time (UTC: 0), Internet Time @866.44 20:47:40 [Init] Loading TDS-3 Systems ... 20:47:40 [Init] Token successfully adjusted. 20:47:40 [Init] • TDS Privileges : OK. Adjusted TDS-3 token privileges to maximum 20:47:40 [Init] • Plugins : OK. Loaded 13 20:47:40 [Init] • Exec Protection : Not Installed 20:47:40 [Init] WARNING: Your Radius.TD3 database needs to be updated! 20:47:40 [Init] Please download the latest from http://tds.diamondcs.com.au/radius.td3 20:47:40 [Init] Licensed users can use the Update facility from the TDS menu 20:47:40 [Init] Loading Radius Advanced Scanning Systems ... <R3 Engine, DCS Labs> 20:47:45 [Init] • Radius Advanced Specialist Extensions on standby for 13 trojan families 20:47:45 [Init] • Systems Initialised [39471 references - 16560 primaries/10873 traces/12038 variants/other] 20:47:45 [Init] Radius Systems loaded. <Databases updated 14-10-2004> 20:47:45 [Init] TDS-3 Ready. <Adam@82.34.186.126, 127.0.0.1 - United Kingdom> 20:47:46 [Tip Of The Day] Did you know? - DiamondCS are the only anti-trojan company that updates DAILY. 20:47:46 [TDS] Good evening Adam. 20:47:53 [Mutex Memory Scan] Started... 20:47:55 [Mutex Memory Scan] Finished (no trojan mutexes found). 20:47:55 [TDS-3] This is an EVALUATION demo of TDS-3. Please see the help file for help on registering. 20:48:18 [Setup] Configuration saved. 20:53:52 [Quit] Unloading ... 20:58:26 [Init] Trojan Defence Suite v3.2.0 (UNLICENSED) 20:58:26 [Init] Started 31-05-05 20:58:26 GMT Standard Time (UTC: 0), Internet Time @873.91 20:58:26 [Init] Loading TDS-3 Systems ... 20:58:26 [Init] Token successfully adjusted. 20:58:26 [Init] • TDS Privileges : OK. Adjusted TDS-3 token privileges to maximum 20:58:26 [Init] • Plugins : OK. Loaded 13 20:58:26 [Init] • Exec Protection : Not Installed 20:58:26 [Init] WARNING: Your Radius.TD3 database needs to be updated! 20:58:26 [Init] Please download the latest from http://tds.diamondcs.com.au/radius.td3 20:58:26 [Init] Licensed users can use the Update facility from the TDS menu 20:58:26 [Init] Loading Radius Advanced Scanning Systems ... <R3 Engine, DCS Labs> 20:58:32 [Init] • Radius Advanced Specialist Extensions on standby for 13 trojan families 20:58:32 [Init] • Systems Initialised [56746 references - 29748 primaries/14723 traces/12275 variants/other] 20:58:32 [Init] Radius Systems loaded. <Databases updated 31-05-2005> 20:58:32 [Init] TDS-3 Ready. <Adam@82.34.186.126, 127.0.0.1 - United Kingdom> 20:58:32 [Tip Of The Day] Can't remember the port that a particular service uses? Or perhaps you can't remember the service that a particular port uses? Try the Port Reference and Reverse Port Reference utilities - available in the Utilities menu! 20:58:32 [TDS] Good evening Adam. 20:58:39 [Mutex Memory Scan] Started... 20:58:40 [Mutex Memory Scan] Finished (no trojan mutexes found). 20:58:40 [TDS-3] This is an EVALUATION demo of TDS-3. Please see the help file for help on registering. 20:58:47 [CRC32] Started - verifying 29 files ... 20:58:49 [CRC32] Test finished. 21:00:51 [Memory Scan] Memory scan started, please wait a moment ... 21:00:54 [Memory Scan] Memory scan complete. 21:00:54 [Mutex Memory Scan] Started... 21:00:55 [Mutex Memory Scan] Finished (no trojan mutexes found). 21:00:55 [Trace Scan] Started... 21:01:00 [Trace Scan] Finished. 21:01:00 [Service\Driver Scan] Scanning for services and drivers ... 21:01:05 [Service\Driver Scan] Scanned 298 services and drivers. 21:01:05 [File Scan] Scanning in A:\ ... 21:01:06 [File Scan] Scanned 0 files: 0 alarms in 1.03125 seconds (Avg 1. files/sec) 21:01:06 [File Scan] Scanning in C:\ ... 21:17:18 [Locked File] Couldn't open c:\windows\system32\d?dplay.exe for read access, file is locked 21:20:03 [Locked File] Couldn't open c:\windows\system32\??erinit.exe for read access, file is locked 21:25:30 [File Scan] Scanned 28873 files: 4 alarms in 1463.719 seconds (Avg 20.73 files/sec) 21:25:30 [File Scan] Scanning in D:\ ... 21:25:30 [File Scan] Scanned 0 files: 4 alarms in 0 seconds (Avg -1.#IND files/sec) 21:25:30 [File Scan] Scanning in E:\ ... 21:53:40 [File Scan] Scanned 13933 files: 4 alarms in 1690.141 seconds (Avg 9.24 files/sec) 21:53:40 [Scan] Finished. Scan Control Dumped @ 22:13:38 31-05-05 Positive identification: Riskware.ProcessRestart File: c:\program files\kodak\kodak software updater\7288971\6.1.4.37-7288971l\program\restart.exe Positive identification <Adv>: Possible WebDownloader File: c:\windows\helptw.exe Positive identification (DLL): Adware.PopCap (dll) File: c:\windows\downloaded program files\popcaploader.dll Positive identification: Riskware.Dialer.PlayGames File: c:\windows\downloaded program files\ringtone.exe