February 15th, 2003, 12:29 AM
i was looking for socks5 free proxy servers to use for P2P progs and can across this program http://glocksoft.com/aatools.htm i decided to use this because i read in the forums here http://www.justlan.com/forum/viewtopic.php?t=18 of someone explainging how to use the program to search for socks5 proxys when you import your http proxy list.it worked i found alot of servers but every single one said possible trojan: WinHole.so i did a virus scan and came up with nothing so my question is a)why is this prog saying possible trojan:WinHole b)what would happen if i decided to use the server anyways c) why is nothing coming up in two diff AV scans using AVG and nortan AV 2003 ( both with the latest updates)? and last what could i do to correct the problem? any help would be greatly appreciated.
"Just because I don't know something, don't assume I can't understand it" --ME
February 15th, 2003, 12:56 AM
HateBreed, I have Norton as well, updated every Wednesday and Full System scans about 2 times a week. So when The Cleaner found the BDE Trojan (Kazaa spyware) I was kinda shocked. Point? don't rely too heavily on just AV programs alone. Keep pace with MooSoft programs and other various Trojan finding techniques.
The object of war is not to die for your country but to make the other bastard die for his - George Patton
February 15th, 2003, 01:36 AM
Trojans, RATS, Keyloggers and Spyware are problems as far as I'm concerned. The first three are or at least can be hacker tools and the last is a commercial invasion of your privacy. They are all floating around. You have to scan your system(s) frequently to get rid of them. I average once a week and that is probably not frequently enough.
February 15th, 2003, 06:33 AM
AV isn't all that great agianst trojans and things since mainly all your AV will ever do is looks for code that could possably be a security risks. The reason why AV can't hardly find trojans is because trojans and legit remote admin tools that are in the market are alot like trojans only they will have options for pranks or maybe payloaded worms and things while the average admin tool will only have options for opening files. I've played with AV and beleave me... most of the time if your scanning a rare problem then you'll get different results. I've heard of trojans with options for proxxy but i bet its probably requesting some wierd connection while listening to some weird port thats makeing your AV go out of whack. You should check with something like pest patrol and then checkout the name of that trojan in some virii search at a AV site.
February 15th, 2003, 08:30 AM
hatebreed2000, you are better off with a firewall or a firewall/local ids (Oh, program X wants to run this: alow?), like latest versions of tiny and kerio. Well, supposing itīs a trojan like netbus, you might run it and remove the pest later.. not that hard. Try running it monitored by a good firewall if you really need to. If itīs not a matter of life and death, save your patience and donīt run it . well, at least most of them are only a small nuisance to remove, if you are offline, of course. Try using a trojan scanner, like one suggested by shagdevil.
have fun. This reminds me I could do with an AV here.. hehe
Found in a diary:
\".... and yes, since i am a l337 hax0r, i am also using vi to write this. ^[[D^[[B^ exit ^X^C quit :x :wq dang it :w:w:w :x ^C^C^Z^D\"
February 15th, 2003, 07:57 PM
i got that moosoft that you were talkin about shagdevil and it came up with nothin. so the only thing i can think of is that it would have something to do with there servers .........but over 25 diff socks5 servers all running the same trojan seems highly unlikely.i am wondering causing i have gotten alot of network tools lately just to play around with tem to get familar like nmap, i am wondering if for some reason the prog is recongnizing nmap or another admin tool i have as a trojan..is that a possability?
Don\'t be a bitch! Use Slackware.