raillex
join:2001-06-26
Libertyville, IL | reply to Gary44
Re: Limewire Installed Trojan I downloaded Limewire last Tuesday and used it to
locate and download MP3s. Unfortunately, I discovered that the program not only installs Aureate and Cydoor spyware, but also a trojan called backdoor-g-1.
The backdoor-g-1 trojan is buried in a compressed file named
"ctywinstaller.exe" which is created during the Limewire installation process. The program then creates a file called "dlder.exe" in the Windows directory. Both of these were detected by Norton Antivirus.
Uninstalling the Limewire software using Windows add/remove programs actually REinstalled the trojan after I had removed the original and thought all was well.
This trojan is particularly pernicious in that it changed (or -shudder- allowed someone who subsequently hacked into my system from a remote location to change) one of my Norton Internet Security firewall rules to expressly permit inbound and outbound communications with BackOrifice. The mere possibility that someone might have successfully hacked into my system led me to replace all the files on my hard drive with a backup stored on a Norton Ghost CD.
Nasty stuff. |
|
| said by raillex:
Unfortunately, I discovered that the program not only installs Aureate and Cydoor spyware, but also a trojan called backdoor-g-1.
Correct me if I am wrong, but isn't the trojan identified as "backdoor-g-1" also known as SubSeven? |
|
