Re: Clicktilluwin DLDER Trojan

[mezzanine <mezzanine () brokenhalo org>]

Hi,

I hate to say this, but I highly doubt there is any legal reprecussions 
you can use.
Did you read the User Agreement? I'd be willing to bet that Agreement
states that by using that (kazaa, limewire)  program you grant 
permission to (Kazaa, Limewire) to install it's third party software, 
wether you choose to or not. Sadly, by agreeing to use their software 
you're also agreeing to install third party spyware.

This may not be the case, but If i were a company issuing spyware, I'd 
be sure to legally
cover my six.



Michael Watson wrote:

> hey. i had the latest kazaa installed on my computer and it gave me that
> dlder trojan. also, for some time, when kazaa was starting when window
> booted, in the upper left corner on my screen was a small gray box that
> wouldn't respond to anything. after i stopped kazaa.exe in my system
> processes, it went away. also, that dlder.exe was a pain in the ass to get
> rid of.
>
> something weird is going on. maybe the limeware and kazaa people got hacked
> and someone is having a little fun, or maybe they are intentionally doing
> this for some reason. isn't there some kind of legal way for this to be
> stopped? id sue for all the crap i had to go thru just to get everything
> working again.
>
> im using w2k also.
>
>
>
>
> -----Original Message-----
> From: jon () kirkbrideonline com [mailto:jon () kirkbrideonline com]
> Sent: Monday, December 31, 2001 10:04 AM
> To: vuln-dev () securityfocus com
> Subject: Clicktilluwin DLDER Trojan
>
>
>
> In-Reply-To: <20011230032402.5229.qmail () mail securityfocus com>
>
> I found this vulnerability in the latest Limewire 2.0.2
> gnutella client download. This crap gets installed
> whether you like it or not. On my WinXP machine, it
> was running a new service called bargains.exe that
> was located in c:\program files\bargain buddy. The
> dlder.exe file resides in C:\windows. I deleted the files
> before I looked at their content but there appeard to
> be some DB type files in the folder. Norton's latests
> pattern files (12/29) will detect the dlder.exe file but
> there's no info on their website about it yet. Anyone
> have a handle on what this thing is doing?