Re: somewhat OT- trojans in filesharing programs?
From: Ashley (silver2473@aol.complete)Date: 12/31/01
- Next message: Ashley: "Re: somewhat OT- trojans in filesharing programs?"
- Previous message: JBDragon: "Re: Linksys Router & ZoneAlarm"
- In reply to: sponge: "Re: somewhat OT- trojans in filesharing programs?"
- Next in thread: Ashley: "Re: somewhat OT- trojans in filesharing programs?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: silver2473@aol.complete (Ashley) Date: 31 Dec 2001 08:24:17 GMT
>i've heard reports about dlder.exe
apparently it's very new. it's also known as g-1-backdoor, or something along
those lines. i think i was one of the first people to get infected- or at
least, one of the first to notice it- because when i got it, there was
virtually no info on the net and even in 2 days, the amount of info avaliable
about it seems like it's doubled!
> Spyware seems to be the "in thing" lately, especially among P2P
>programs, so it doesn't come as much surprise.
it's a shame, though, because sometimes removing the spyware cripples an
otherwise nice program but leaving them there is a huge waste of space and
computer resources.
>(I'm not sure of your Norton's settings, but in the absence
>of an identification, I'm assuming Norton's only flagged it at all
>because it was displaying trojan-like behavior.)
norton's heuristics are set on high but it didn't pick it up right away,
actually- i think the program was on my machine for a day and then, suddenly,
an alarm went off with a warning of 'backdoor.trojan' which i suppose was their
generic definition for it. after i downloaded the latest set of definitions, it
flagged the virus as win.32.dlder. as i said, this is just breaking news right
now, which is why some of the AV companies (AVG, for one, didn't catch this on
my computer) have yet to even add this specific definition to their libraries.
>. You may want to look at
>something like Tauscan, TDS-3, AVP, or similar to ID trojans
downloaded Moosoft's The Cleaner, which detected it and was more successful
than cleaning it out than NAV, but i still had to edit the registry manually.
also downloaded TDS-3 just to be safe but it didn't find anything, so i'm
hoping that i'm in the clear now. i have ad-aware, run it regularly and have
the latest defs but it didn't pick it up. over at the lavasoft forums, this
matter has been brought to their attention, but i don't think they even knew
about it. it's also being discussed at bearshare.net, grc discussion groups,
dslreports.com, and the gnutella forums online (gnutellaforums.com, i think?).
i really do believe this is some kind of trojan (especially because of the
g-1-backdoor reference) AND spyware, or at least that's definitely what it
seems like at this point.
i'd mail the file to ad-aware but i've (thankfully) completely rid my system of
all of its traces. however, from what i've seen so far, they will have no
trouble getting their hands on one :P
personally, i think i'll stick with blubster for downloading music now as it
seems to be completely spyware free and the interface is simple. though i'm
much more leery about downloading things off the net now, obviously...i used to
stick to websites such as cnet.com but this trojan is spreading through
*official* software websites of supposedly reputable companies...it's a shame,
so many people are going to be infected and not even realize it.
Ashley
Remove the 'plete' from "complete" to e-mail me.
- Next message: Ashley: "Re: somewhat OT- trojans in filesharing programs?"
- Previous message: JBDragon: "Re: Linksys Router & ZoneAlarm"
- In reply to: sponge: "Re: somewhat OT- trojans in filesharing programs?"
- Next in thread: Ashley: "Re: somewhat OT- trojans in filesharing programs?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
