Re: somewhat OT- trojans in filesharing programs?
From: sponge (mtubi@python.net)Date: 12/31/01
- Next message: Charles Johnston: "Re: Zone Alarm Pro ripoff?"
- Previous message: Rüdiger: "Re: morpheus and outpost!"
- In reply to: Ashley: "somewhat OT- trojans in filesharing programs?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: mtubi@python.net (sponge) Date: Mon, 31 Dec 2001 06:39:06 GMT
I've heard reports about dlder.exe. It was posted in
alt.privacy.spyware under the thread "Limewire." It is not at all
suprising. It's part of a larger problem.
Spyware seems to be the "in thing" lately, especially among P2P
programs, so it doesn't come as much surprise. KaZaa is the worst
offender with some the scariest spyware: five kinds. The new Limewire
is a close second with four, and but it apparently has some
proprietary ones too. Bearshare has spyware as well. Supposedly
Morpheus and Grokster don't, but they may add it in if they haven't
done so already.
The trojans you talk about are very likely a part of the spyware.
That would seem to be the case with Limewire. Very likely proprietary,
so while Limewire, KaZaa, Bearshare, etc. are making money off the
spyware, they're also collecting their own data on you to sell. That
would mean that they may not yet be on the known-spyware lists used by
Ad-Aware, and are not truly considered trojans by AV programs like
Nortons. (I'm not sure of your Norton's settings, but in the absence
of an identification, I'm assuming Norton's only flagged it at all
because it was displaying trojan-like behavior.)
At any rate, I would suggest sending a sample of dlder.exe to
McAfees, Nortons, and - most importantly, to Ad-Aware. Oh, and
Norton's trojan-finding ability is horrible. You may want to look at
something like Tauscan, TDS-3, AVP, or similar to ID trojans.
By the way, do you know what IP address (or domain) the trojan you
spoke of tries to contact? Thanks!
Ad-Aware reporting
urizen@lavasoft.de
contact@lavasoft.de
McAfee
www.mcafee.com
Norton's reporting
www.symantec.com
Tauscan TDS-3 (I think)
www.agnitum.com
AVP
www.avp.ch
On 30 Dec 2001 23:00:59 GMT, silver2473@aol.complete (Ashley) wrote:
>this is technically off topic but i know many readers here use music
>filesharing services so i thought i'd let everybody know about this. i got a
>trojan virus a few days ago- dlder.exe and explorer.exe (i got a message from
>outpost firewall- i believe it was c:/windows/explorer/explorer.exe was asking
>to access www.2001-007.com). this trojan was EXTREMELY difficult to delete,
>even WITH norton antivirus (which caught the virus but didn't seem completely
>effective in keeping it quarantined because the filename kept changing, even in
>front of my very eyes when looking at it in windows explorer) and avg (which
>btw did not catch the trojan) installed. i am certain that i got the virus when
>i downloaded grokster (from their official website, no less!). there have been
>some discussions on dslreports.com regarding this, also. has anybody heard
>about this?
>
>http://www.dslreports.com/forum/remark,2097513~root=security,1~mode=flat
>http://www.dslreports.com/forum/remark,2106937~root=sware~mode=flat
>
>
>Ashley
>
>Remove the 'plete' from "complete" to e-mail me.
>
- Next message: Charles Johnston: "Re: Zone Alarm Pro ripoff?"
- Previous message: Rüdiger: "Re: morpheus and outpost!"
- In reply to: Ashley: "somewhat OT- trojans in filesharing programs?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
