Vulnerability Development mailing list archives
Re: Clicktilluwin DLDER Trojan
From: mezzanine <mezzanine () brokenhalo org>
Date: Sat, 22 Dec 2001 15:11:52 -0800
Hi,I hate to say this, but I highly doubt there is any legal reprecussions you can use.
Did you read the User Agreement? I'd be willing to bet that Agreementstates that by using that (kazaa, limewire) program you grant permission to (Kazaa, Limewire) to install it's third party software, wether you choose to or not. Sadly, by agreeing to use their software you're also agreeing to install third party spyware.
This may not be the case, but If i were a company issuing spyware, I'd be sure to legally
cover my six. Michael Watson wrote:
hey. i had the latest kazaa installed on my computer and it gave me that dlder trojan. also, for some time, when kazaa was starting when window booted, in the upper left corner on my screen was a small gray box that wouldn't respond to anything. after i stopped kazaa.exe in my system processes, it went away. also, that dlder.exe was a pain in the ass to get rid of. something weird is going on. maybe the limeware and kazaa people got hacked and someone is having a little fun, or maybe they are intentionally doing this for some reason. isn't there some kind of legal way for this to be stopped? id sue for all the crap i had to go thru just to get everything working again. im using w2k also. -----Original Message----- From: jon () kirkbrideonline com [mailto:jon () kirkbrideonline com] Sent: Monday, December 31, 2001 10:04 AM To: vuln-dev () securityfocus com Subject: Clicktilluwin DLDER Trojan In-Reply-To: <20011230032402.5229.qmail () mail securityfocus com> I found this vulnerability in the latest Limewire 2.0.2 gnutella client download. This crap gets installed whether you like it or not. On my WinXP machine, it was running a new service called bargains.exe that was located in c:\program files\bargain buddy. The dlder.exe file resides in C:\windows. I deleted the files before I looked at their content but there appeard to be some DB type files in the folder. Norton's latests pattern files (12/29) will detect the dlder.exe file but there's no info on their website about it yet. Anyone have a handle on what this thing is doing?
Current thread:
- Clicktilluwin DLDER Trojan jon (Dec 31)
- RE: Clicktilluwin DLDER Trojan Michael Watson (Dec 31)
- Re: Clicktilluwin DLDER Trojan Jonas M Luster (Dec 31)
- Re: Clicktilluwin DLDER Trojan mezzanine (Dec 31)
- RE: Clicktilluwin DLDER Trojan Michael Watson (Dec 31)