Ok, I was test drving TDS-3 and TrojanHunter (trying to decide which one) I had loaded the demo trojan thats available on this site, and was testing it with that, I then went to test TrojanHunter again, got busy, turned off trojan hunter, and forgot about the demo trojan, then, after doing a port scan, I found I was going about the internet (On IRC, browsing the web, etc) While TCP port 65 was OPEN! somehow, The Demo trojan server opened the port, because as soona s I unloaded it, it closed again :-\ wa sI at risk? is there a possibilty I was hacked, what?

Are you talking about the TrojanSimulator.zip from http://www.wilders.org/downloads.htm?

That file was made by Magnus Mischel (http://www.wilderssecurity.com/index.php?board=25;action=viewprofile;user=Magnus+Mischel) the creator of Trojan Hunter and a person we believe is above reproach.

I just downloaded and tested with it and I don't see it opening any ports on my system. Perhaps others who have used that simulator can confirm whether it attempts to use an "open port" as a trojan simulation method... :-\

Did you actually use a port to process mapper to see if the trojan simulator was holding the port open, or did you assume it was because it was gone after you closed the program?

Yes, thats the simulator, and yeah, I did assume it was because of it, due to it stopped after closing the program.. I wasnt online at the time I was doing the test, I was scanning over for trojans, and it said "Port 65 open." or something, then I killed the process, and done another scan, found nothing, went to Shields up, it was complete stealth :-\

Yeah, it is hard to say what is was... :-\

From my quick tests the simulator doesn't appear to open any ports, thus my answer above. But, let's see what others have to say. If not the simulator, then perhaps doing a couple quick scans with the products you are evaluating (since you have them) is in order. Just in case. (You never know ;) )

Yeah, I'll scan over with TDS-3 and TrojanHunter.. And then do another Shields Up test..