Hi all
i have a question about the exec protection in tds
there is a trojan simulator in TH's site you know and tds detect
this trojan simulator anyway whenever i run its server,tds
prevent the execution but do the same thing with its install program
the server runs and reside in the memory so the protection is bypassed
is it possible to block the execution with tds ,when a loader program install the
server.exe

here is the problem
when i run the TSserv.exe directly
the program blocks the execution
[ExecProt] WARNING: c:\downloads\trojansimulator\tsserv.exe has been blocked from executing

but installing the server via trojansimulater.exe
tsserv.exe is loaded to memory

PS:trojan simulator has two program one is installer(TrojanSimulator.exe)
the other one is server(TSServ.exe).

i hope i am clear

thx alot

Hi SteelRasH and welcome!
Do you have all the options in the scan console checked on, including client/server?

Hi SteeLRasH :).

The TrojanSimulator.exe is basically a pretend Client/EditServer, and as such you will need to have "Scan for Clients/EditServers" ticked under Scan Control options in TDS.

Here is a screenshot of TDS after trying to run each ;).

Regards,
Jade.

thanx Bowserman and Jooske for help
you are right server/client option had been unchecked
then the protection is outstanding :)
thanx again for your kindness and fast response

You're welcome1 keep it clean and safe :) !