Penetration Testing mailing list archives
Re: [PEN-TEST] Suspect .EXE Trojan
From: Rainer Duffner <duffner () FH-KONSTANZ DE>
Date: Thu, 14 Dec 2000 21:07:45 +0100
On Thu, 14 Dec 2000, Ruso, Anthony wrote:
Hi, I have a suspect executable that I think may be a Trojan. A search on the .exe doesn't return any result with any virus vendor. Are there any tools
VMWare. It has a feature to write a "redo-log" for the filesystem. Not your everyday el-cheapo solution, though. Would filemon and regmon from www.sysinternals.com be usefull ? Is there a way to intercept them ? I don't know. cheers, Rainer -- ======================================== Rainer Duffner , Konstanz, Germany eMail: duffner () fh-konstanz de rainer.duffner () surf24 de http://www-stud.fh-konstanz.de/duffner/ ========================================
Current thread:
- [PEN-TEST] Suspect .EXE Trojan Ruso, Anthony (Dec 15)
- Re: [PEN-TEST] Suspect .EXE Trojan outcast (Dec 15)
- Re: [PEN-TEST] Suspect .EXE Trojan Rainer Duffner (Dec 15)
- Re: [PEN-TEST] Suspect .EXE Trojan Steve Goldsby (Dec 15)
- Re: [PEN-TEST] Suspect .EXE Trojan Ryan Russell (Dec 15)
- Re: [PEN-TEST] Suspect .EXE Trojan Eric Fitzgerald (Dec 15)
- Re: [PEN-TEST] Suspect .EXE Trojan Mike Forrester (Dec 15)
- <Possible follow-ups>
- Re: [PEN-TEST] Suspect .EXE Trojan Ken Pfeil (Dec 15)
- Re: [PEN-TEST] Suspect .EXE Trojan WernerC (Dec 15)
- Re: [PEN-TEST] Suspect .EXE Trojan Dom De Vitto (Dec 15)
- [PEN-TEST] Raw Disk Mounter Clem Colman (Dec 15)
- Re: [PEN-TEST] Raw Disk Mounter Crist Clark (Dec 16)
- Re: [PEN-TEST] Raw Disk Mounter Ryan Russell (Dec 16)
- Re: [PEN-TEST] Suspect .EXE Trojan Dom De Vitto (Dec 15)