Vulnerability Development mailing list archives
Re: Netdetect.exe with backdoor? (ICQ)
From: jonh () APAK CO UK (Jon Hadley)
Date: Mon, 17 Jan 2000 13:28:38 -0000
Hi, AVP just gave me a post lunch break heart attack and reported the same Trojan infection for my older build of ICQ (again only downloaded from trusted sources). I assume, as Brad Griffin mentions, that AVP mistakes the connection monitoring activities of Ndetect as Trojan activity. A quick search of various virus sites suggests that AVP is mistaking Ndetect for SubSeven, a 'fairly advanced' Trojan that uses ICQ / Email to notify the originator that the victim is online.
-----Original Message----- From: WolF Knox [SMTP:wolfbh () BIGFOOT COM] Sent: Saturday, January 15, 2000 5:55 PM To: VULN-DEV () SECURITYFOCUS COM Subject: Netdetect.exe with backdoor? (ICQ) Importance: High Hello everyone... I was doing a rotine virus scan with AVP... and he told me that Netdetect.exe was infected with the trojan Backdoor.IP_Protect . Well, i don't use to download programs like ICQ from any unsecure site. Just mirabilis.com, tucows.com, cnet.com, etc... What is that trojan? Anybody have a clue? P.S: I Use ICQ Version 99b Beta 3.19 Build #2569 thanx, Wolf Knox. -- .... UIN: 33778118 .... . . EMail: wolfbh () bigfoot com . . . . NICK: Wolf Knox . . ..... ..... "From ashes we rise, ..... ..... ..... ..... to ashes we shall ..... ..... .... Fall." .... []-----------Ex-Inferis----------[] [] S e c u r i t y s p h e r e [] [] www.exinferis.cjb.net [] []-----------Ex-Inferis----------[] ________________________________________________________________ GET PAID U$1,00/Hour for doing absolutely ANYTHING on your computer, as long as you are using your mouse!!! http://www.getpaid4.com/cgi-bin/joinnow.cgi?wolfknox you already do it, why not GetPaid4 it?
Current thread:
- Re: Netdetect.exe with backdoor? (ICQ) Jon Hadley (Jan 17)
- Re: Netdetect.exe with backdoor? (ICQ) Vladimir Dubrovin (Jan 17)
- <Possible follow-ups>
- Re: Netdetect.exe with backdoor? (ICQ) Jon Hadley (Jan 17)