i got a warning that TROJAN IP_PROTECT98A had been detected in a program that i'd had for a long time and had been test to many times to count. so was the trojan all ways there or is it new and how can i check to make sure its gone and is it a bad trojan or harmless?
i serched google and only found two links one in spanish and one in english they were not much help. i searched here and couldnt find any post about this so if there is one let me know and i'll erase this.
also heres some other virus that i've found on my computer recetly
win32/hantaner
ONLY_GAME
i-worm/kindal
worm/sddrop
worm/kwbot
if thats of any intrest to you

What was the program you where using that has this trojan?
What kind of scanner picked this up?

Better be a bit more careful when dowloading from Kazaa. All of those virusses you've picked up spread through Kazaa.

kwbot (http://vil.nai.com/vil/content/v_99555.htm)
sddrop (http://vil.nai.com/vil/content/v_99555.htm)
kindal (http://vil.nai.com/vil/content/v_100207.htm)

i'm runing win98
my primary av is avg by grisof

the program was icq99a - i wasnt running it i just had it on my computer from when i download icq back in 99'
and the av that picked it up was bullguardlite

You could try TheCleaner (http://www.moosoft.com) from moosoft.com, or you could try Tauscan (http://www.agnitum.com) if you have'nt already.

thanks i'm downloading the cleaner now.

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=#post) by ZeTtA_bYtE
thanks i'm downloading the cleaner now.

While you're downloading, download the latest version of ICQ. There where some security issues with older versions.

If your going to use kazza, never use it on your root account. Make a limited account and run kazza as root from that one.... rightclick "run as" on the executable. Couple that with TheCleaner and AVG, and you should be just fine.

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=#post) by FrameWork
If your going to use kazza, never use it on your root account. Make a limited account and run kazza as root from that one.... rightclick "run as" on the executable. Couple that with TheCleaner and AVG, and you should be just fine.

Huh? He's running win98. There is no 'root' account on windows.
Why does Kaazaa need root anyway?????

Huh? He's running win98. There is no 'root' account on windows.
Why does Kaazaa need root anyway?????

Theres no such thing as an administator account on windows 98?

Kazza would need to be run as root or admin, because if you don't all of your downloads will fail. Atleast this has been my experience with kazaa. I was just giving him an example of what i do, i have a limited account, and when i run a program i always right click "run as" to avoid viruses/trojans. If you run kazza on a root/admin account, whenever you recieve a virus it is immediately able to execute itself because it has all of the appropriate permissions. If your on a limited account running kazza as root, the viruses/trojans will not be able to distribute their payload. That is unless you download an executable and then run it as root without having scanned it with an antivirus.

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=#post) by FrameWork
Theres no such thing as an administator account on windows 98?

There's no such thing as even the most basic security in win98. So no, there is no administrator account on win98.


Kazza would need to be run as root or admin, because if you don't all of your downloads will fail. Atleast this has been my experience with kazaa. I was just giving him an example of what i do, i have a limited account, and when i run a program i always right click "run as" to avoid viruses/trojans. If you run kazza on a root/admin account, whenever you recieve a virus it is immediately able to execute itself because it has all of the appropriate permissions. If your on a limited account running kazza as root, the viruses/trojans will not be able to distribute their payload. That is unless you download an executable and then run it as root without having scanned it with an antivirus.

I can only suggest finding out why you need admin privs to get Kazaa working. If there's any problem with Kazaa itself you will be in a lot of trouble. Maybe your account doesn't have write permission to the incoming folder? Kazaa shouldn't need any admin privs.

If you run everything by using 'Run as..' as root/admin you would still have the same kind of protection as you would if you logged in as root/admin in the first place. So this will NOT help you prevent virus/trojan infections. Installing a good virusscanner, keeping your system up to date and running everything on a limited account will prevent it (or atleast limit it's 'reach').

All in all it's a bad suggestion.

I can only suggest finding out why you need admin privs to get Kazaa working. If there's any problem with Kazaa itself you will be in a lot of trouble. Maybe your account doesn't have write permission to the incoming folder? Kazaa shouldn't need any admin privs.

If you run everything by using 'Run as..' as root/admin you would still have the same kind of protection as you would if you logged in as root/admin in the first place. So this will NOT help you prevent virus/trojan infections. Installing a good virusscanner, keeping your system up to date and running everything on a limited account will prevent it (or atleast limit it's 'reach').

All in all it's a bad suggestion.

No offence, but your wrong.

Every time i try to run kazza from a limited account, the downloads will fail, but when i run it as root the downloads succeed.

Look, when you run kazza as root from a limited account and you happen to download a virus/trojan it will not be able to execute. If you are running kazza soley from a admin account and you get a virus it will in most cases immediately cause damage to your machine. I think your a little confused about this sirdice. You can't possibly try to tell me that running programs from a limited account as root is a bad suggestion. It is a safe practice, and it keeps everyone on the net safer in the meantime.

If you run everything by using 'Run as..' as root/admin you would still have the same kind of protection as you would if you logged in as root/admin in the first place. So this will NOT help you prevent virus/trojan infections.

True, if you have a virus infected program and you run it from a limited account as root then indeed you will harm your computer. That's not what i am referring to, i am talking about while using p2p programs it is always a good idea download files from a limited account. If you cant see what im talking about then i don't know how to explain it to you any better.

I don't know how to explain it better to ;) No offence but I still think you're wrong. You have the right idea but you are using it the wrong way.

Running Kazaa as root/admin is a bad idea period. If there's any exploitable bug (not unlikely) in Kazaa you are screwed.

This type of activity happens everyday here at work. Oh, this application doesn't work properly on a limited account. Well, just give it root/admin. Hey, it works. Then they leave it running like that. Bad practice anytime. Just take the time and effort to find out WHY it works on an root/admin and not on a limited account. Turn up the logging/accounting and see WHY it fails. There's probably a very simple explanation for it to fail.

Using 'Run as..' and running something as root/admin should ONLY be used when you need to make configuration changes that cannot be done without root/admin privs. Run your day to day applications on a limited account.

I see your point.

I know for a fact that many programs will not function properly unless run as root, maybe your right, maybe kazza lite(the version i'm running) does'nt have to be run as root. But i know for certain earlier versions of kazza would not download files unless i ran them as root. They would simply show up as "failed".

Ok, if your right and kazza does'nt need to be run as root to function properly, then yes don't run it as root. I was just always under the impression that it did need to be run as root from my prior experiences with the app.

__________

edit/

Here SirDice, i have uploaded a shot of what happens with my kazza lite when i dont run it as root from this limited account.

:cool:
FrameWork
well part of your problem is your running old kazaa
i have the newest version and part of the setup for download you can set how it downloads ie. if it opens the program after download or just saves it
plus i use avg6 by grisof as soon as you try to open a folder that contains a file with a virus it warns you and tells you what file is infected plus avg is free
i've never had a problem downloading but every once and a while avg finds viruses before the download is complete whichis nice but for some reason its a pain in the ass to delet the files
till there done downloading another problem you might be having is with your write to disk privlages or fire wall

/edit

i looked at your pic and it looks like kazaa doesnt have access to the download folder
maybe the path or file name has been changed i got that message or one simular once and it was becuase the file my shared folder had been moved