Vulnerability Development mailing list archives

Re: Netdetect.exe with backdoor? (ICQ)

From: vlad () SANDY RU (Vladimir Dubrovin)
Date: Mon, 17 Jan 2000 19:07:51 +0300


Hello Jon Hadley,

17.01.00 16:28, you wrote: Netdetect.exe with backdoor? (ICQ);

J> Hi,

J> AVP just gave me a post lunch break heart attack and reported the same
J> Trojan infection for my older build of ICQ (again only downloaded from
J> trusted sources). I assume, as Brad Griffin mentions, that AVP mistakes the

This is well-known problem in one of old AVP virus bases releases, and
this  fact  means  you didn't updated your bases for a few months. You
are   at   high   risk   in   this   situation.   Update  bases  from
ftp://ftp.avp.ru/updates or ftp://ftp.avp.ru/bases

J> connection monitoring activities of Ndetect as Trojan activity.

J> A quick search of various virus sites suggests that AVP is mistaking Ndetect
J> for SubSeven, a 'fairly advanced' Trojan that uses ICQ / Email to notify the
J> originator that the victim is online.

  +=-=-=-=-=-=-=-=-=+
  |Vladimir Dubrovin|
  | Sandy Info, ISP |
  +=-=-=-=-=-=-=-=-=+

Current thread:

Re: Netdetect.exe with backdoor? (ICQ) Jon Hadley (Jan 17)
- Re: Netdetect.exe with backdoor? (ICQ) Vladimir Dubrovin (Jan 17)
- <Possible follow-ups>
- Re: Netdetect.exe with backdoor? (ICQ) Jon Hadley (Jan 17)