i suspect trojan - TDS wont scan it

Discussion in 'Trojan Defence Suite' started by trojan scientist, Feb 16, 2004.

Thread Status:
Not open for further replies.
  1. hi , i have bought the action pack of TDS-3 , Port Explorer and Wormguard and so far im very impressed, i am still working it all out , but ill think ill get there,lol.

    well the other day i was surfing links from google and i hit a link from one of the sites i was browsing , to come under a javascript attack.

    it opened up about 6 or so pages i think maybe more, and since i have crazy browser , i dont have to worry about popups attacking my screen , but during this attack , i had start page hijacks and the rest , and also what i believe was a trojan , from this link below, hope its ok to post it. o_O

    Link removed for review Pilli DCS Moderator

    i have SSM running at all times and this prevented the trojan from executing , but when i try to scan it with TDS-3, it just hangs for up to 20 minutes, norton says it has nothing bad. :D

    i know it is something because the string extractor says it is written in delphi, and its only 14 kb in size.

    would the fact that this trojan wasnt allowed to execute by SSM , have any affect on TDS ability to scan it , i didnt think so.

    last time i got a trojan i downloaded the trial version of TDS and it removed the actual file no worries , and all i had to do was clear all the registry entries and it was completely gone.

    this was the reason i bought the whole pack , i think TDS is the best, and i dont think ill be able to get through all its features for a while, but this file is the first thing that TDS has not been able to scan for me.

    also i was wondering if i can i submit this file from a yahoo or hotmail account to the DCS team , as i dont have a email account set up with my ISP at this moment.?

    and thanks for all your work you guys. :cool:

    i will register very soon too. :D
     
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi trojan scientist, There are certain files that TDS cannot scan. Certain multiple .zp files and corrupted .rar files and TDS locks up.
    Also a full scan with all options including Scan Clients/edit servers can tale a long time to complete on larger hard disks, so it is best to run the full scan at time when you are not actively using your PC.

    Regarding SSM I run it with TDS execution protection installed and have had no problems but I do not usually run SSM when doing a TDS full system scan. :)

    HTH Pill.
     
  3. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,331
    Location:
    Netherlands
    Hi Trojan scientist,

    I have the file in my possession and will send it to DCS if they want it.
    Just to be on the safe side.
    Download and run: http://www.merijn.org/files/CWShredder.exe
    Use the Fix button and follow the intructions you will be prompted.

    Regards,

    Pieter
     
  4. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Thanks Pieter, I am sure Gavin would like to disect it! ;)
     
  5. Trojan scientist

    Trojan scientist Registered Member

    Joined:
    Feb 16, 2004
    Posts:
    16
    thanks Pilli for the quick response. :D

    yes i only try to directly scan the .exe file , with everything (all security progs) turned off while i was offline, i also have everything checked in scan control except for the NTFS ADS.

    should i leave it to scan for longer than 20 minutes, i thought it shouldnt take that long, but i would wait longer if it can tell me what it really is.. :cool:

    i dont think i had execution prot installed at the time, but i did install it quickly after that :oops: , i know nothing was written to the registry by this thing, so no real worries.

    uh-oh sorry about the posted link , i just read the registration rules about those things...still it wasnt a live link..

    lucky for me , instant banishment , i only just joined ,lol. ;)


    EDIT: thanks for the CWshredder link , downloading now.
    ill be very interested to see any results form this, thanks guys.
     
  6. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    A full scan on this PC takes about two hours 30 odd gB's of data/programmes etc.
    AMD XP 2200 cpu and 512MB of RAM.

    Good luck with shredder :)
     
Thread Status:
Not open for further replies.