Vulnerability Development mailing list archives
Clicktilluwin DLDER Trojan
From: <jon () kirkbrideonline com>
Date: 31 Dec 2001 15:04:15 -0000
In-Reply-To: <20011230032402.5229.qmail () mail securityfocus com> I found this vulnerability in the latest Limewire 2.0.2 gnutella client download. This crap gets installed whether you like it or not. On my WinXP machine, it was running a new service called bargains.exe that was located in c:\program files\bargain buddy. The dlder.exe file resides in C:\windows. I deleted the files before I looked at their content but there appeard to be some DB type files in the folder. Norton's latests pattern files (12/29) will detect the dlder.exe file but there's no info on their website about it yet. Anyone have a handle on what this thing is doing?
Current thread:
- Clicktilluwin DLDER Trojan jon (Dec 31)
- RE: Clicktilluwin DLDER Trojan Michael Watson (Dec 31)
- Re: Clicktilluwin DLDER Trojan Jonas M Luster (Dec 31)
- Re: Clicktilluwin DLDER Trojan mezzanine (Dec 31)
- RE: Clicktilluwin DLDER Trojan Michael Watson (Dec 31)