Post amended from earlier, but ?? remains.

Discussion in 'other anti-trojan software' started by thorn, Apr 3, 2002.

Thread Status:
Not open for further replies.
  1. thorn

    thorn Registered Member

    Joined:
    Mar 28, 2002
    Posts:
    7
    Location:
    Mid Hudson Valley US
    Help not neccessarily needed, but assitance is vital! Use this test for what you will. I did and was shocked that it found 4 trojans which my Ad-Aware freeware by LavaSoft could not detect: http://leader.ru/secure/who.html
    Sorry folks. I really screwed up that one. This is how it should have read:

    The trojan scan performed here http://leader.ru/secure/who.html detected 2 open ports after scanning 314 ports, and says these trojans are present on my system, or does it?? On port 1024: NetSpy. On port 5000: Bubbel, Sockets de Troie, Back Door Setup, ICKiller, and Blazer5. The Cleaner by MooSoft Developement tested negative for the same ones. Am I being deceived? What results do you get?
     
  2. MickeyTheMan

    MickeyTheMan Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    1,016
    Re: Trojans detected, but not by my Ad-Aware share

    Hi, Ad-aware is a tool to get rid of spyware and has nothing to do with that site which is scanning your system for open ports.
    A port scanner test scans about 400 ports, another test checks if bios port is open and the third one check some trojan ports !
    If any post are showing open, then you need to properly configure your firewall.
     
  3. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,451
    Location:
    North Carolina, USA
    The test is just telling you of open ports and the trojans that frequent those ports.  Since those ports are open, it is possible that you have a trojan using that particular port.  You have to use a trojan scanner such as TDS to actually detect and tell if you have a trojan installed.

    Hope this helps,
    Kent
     
  4. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    I'm pretty sure 1024 is NetBIOS, and I'm certain that 5000 is uPnP.  If you're running ME or XP, certainly.
     
  5. FanJ

    FanJ Guest



    1024: OLD_FINGER - old_finger, RATs: Psyber Streaming Server, NetSpy, R.A.T

    5000: COMMPLEX-MAIN - Complex Main, SSDP - Web-XML Parser for Universal Plug & Play, RATs: Back Door Setup, Blazer5, Bubbel, ICKiller, Sockets des Troie, Bionet Lite
     
Thread Status:
Not open for further replies.