Tiny Telnet Server ? trojan

Discussion in 'malware problems & news' started by bsinwa, Apr 2, 2002.

Thread Status:
Not open for further replies.
  1. bsinwa

    bsinwa Registered Member

    Joined:
    Apr 2, 2002
    Posts:
    2
    Greeting all!

    Hope I didn't miss the search feature...
    I recently installed Sygate Pro 5 on my XP Pro system and while running the trojan detector it informed me that port 23 was open and Tiny Telnet Server was possibly active. I have seen no suspicious flow in the logs and have NAV (up to date) running which has also not reported anything unusual. This is a new laptop which came w/ NAV from day 1. I am running a D-link wireless router / WAP on a DSL connection and Gibson research Leaktest also pointed out the open port 23 but said it was likely being used by the router. Have searched the registry and the HD for windll.exe which I understand is a marker for TTS, but found nothing.. so, do I or don't I have this trojan operating and if so, how can I find / remove it?
    \
    Thanks in advance!

    BS
     
  2. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Hello BS,

    I suggest installing a (trial) version from TDS3 (available from our downloads page:

    www.wilders.org/downloads.htm

    grab and install the latest radius update from the DCS website:

    www.diamondcs.com.au  (downloads section)

    and perform a full scan, all files included.

    Please post your results.

    regards.

    paul
     
  3. bsinwa

    bsinwa Registered Member

    Joined:
    Apr 2, 2002
    Posts:
    2
    Hi Paul,

    Thanks for the tip re: TDS... I ran ver 3.2.1 and founf no trojans so I guess The telnet being ID'ed is the network connection...

    Thanks again!
     
  4. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    My pleasure, BS  :) Glad to see all's clean!

    regards.

    paul
     
Loading...
Thread Status:
Not open for further replies.