In need for a "trojan" sample

Discussion in 'Trojan Defence Suite' started by eyal_car, Aug 25, 2004.

Thread Status:
Not open for further replies.
  1. eyal_car

    eyal_car Registered Member

    Joined:
    Aug 25, 2004
    Posts:
    1
    Hello,
    I would like to test the execution protection capability. Can you recommend of a trojan sample that is both safe and simple?
    Thanks
     
    eyal_car, Aug 25, 2004
    #1
  2. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    Hello eyal_car, welcome to forums :)

    Go here.. this is a trojansimulator.... ok....

    Similar to an AV's Eicar test.

    http://www.misec.net/trojansimulator/

    Have fun.... Cheers, TAS
     
    Tassie_Devils, Aug 25, 2004
    #2
  3. sleepy

    sleepy Guest

    TDS clearly detects this trojan sample but it didnt stop this from installing. i have TDS in the system tray, execution protection installed but when i installed this trojan sample, TDS didnt do anything. when i look in the task manager the trojan server is running, TDS is also running.

    it only detected this sample when i click on reload. i then deleted the file with TDS hoping that it could clean all that remains of that sample but it only deleted the server, not the registry that it created.

    now what if its a real trojan?

    or is there something wrong with my settings?
     
    sleepy, Aug 25, 2004
    #3
  4. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    Sorry sleepy for not getting back to you sooner, for some reason this post was not highlighted as 'new' for me after your reply, and only remembered it when I saw a similar post.

    Anyhow, I noticed another thread exactly the same as this, where Pilli answered another user's query and the answer, about settings. Making sure you had Clients/EditServers checked in Scan Control settings, on the main GUI of TDS [attached pic to show you].

    One thing, you stated that the registry entry was still there, that in itself is not a worry, the main serverclient was removed via TDS, just left a reg entry, however, :) ... it did say on the test site, to remove via the simulator itself [Uninstall] and that will remove everything completely...including the reg entry. You will have to have the TDS GUI up on screen to see results also.

    In testing, I would run the test, see TDS response, but Unistall via the Simulator.

    I personally haven't tried it, simply because I cannot even download it. :D

    Kaspersky 4.5 PRO [my AV] jumps up all over it, and stops download [it even says it's 'Not a Trojan', so cannot complain about that]. I have no intention of turning off KAV for a second, just to try a dl of it either. ;)

    Cheers, TAS
     

    Attached Files:

    • 057.GIF
      057.GIF
      File size:
      14.7 KB
      Views:
      102
    Tassie_Devils, Aug 26, 2004
    #4
  5. Bowserman

    Bowserman Infrequent Poster

    Joined:
    Apr 15, 2003
    Posts:
    510
    Location:
    South Australia
    A thread over at DSL Reports on this topic also :). Have a look here.

    Regards,
    Jade.
     
    Bowserman, Aug 26, 2004
    #5
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...