So, to finish up on the download.com spyware thingie, check out the “freespyware.com” section of the ISC handler’s diary for the other day… That’s me! [linky]

given the results of this search, I should really get around to finishing my “decyphering ip packets” paper.

I installed ClamWin, a windows version of ClamAV, which I’ve been using on my mail servers for a while. This brings my system to four spyware scanners, and two av scanners… However, ClamWin also didn’t detect the malware of the moment, so I submitted it to them…

Just got this from the ISC handler:

Blake,

you are right, the package drops two kinds of malware

%SYSTEMROOT%\msv.exe
Kaspersky calls this “not-a-virus.AdWare.WiAD.af“. Other vendors dont
seem to recognize it as malicious

%SYSTEMROOT%\javaiein.exe
This is recognized by several AV vendors as Trojan.Win32.Zapchast,
apparently a password sniffer, even though AV vendor information is
sparse.

I have contacted download.com to make them aware of the problem.

Thanks for your help!
-daniel

I wrote back to thank him for also noticing msv.exe, ’cause I hadn’t seen it, but it is there. I also wanted to make sure that I should consider av vendor notification handled at this point, so I don’t swamp everyone with duplicates.

Submitted to McAfee’s AVERT folks.

Submitted the download.com issue to the ISC handlers… Hopefully I didn’t just do something that’ll make me feel like an ass later, especially since I used my real name… Oh well, I figure this is a bigger deal than ‘googkle‘.

download.com has been contacted via a friggen feedback form. They suck for getting ahold of.

I am not the only one to encounter this issue, btw… It looks like they’ve had problems since at least january.

Oh, I also submitted the offending file to SARC, since nav didn’t detect it.

DO NOT install anything from download.com. Their mirror looks like it was infected with trojans. I’m looking for a contact for them right now.

If you want to grab anything they link to, be sure to go to the publisher’s site to get it, don’t get it from the download.com mirror.

The Pope isn’t going to be around much longer. Please, don’t let them pick someone from the US to be the new Pope… What have our guys done other than cover up child molestation?

Terri Schiavo died yesterday. Been hearing lots of bad jokes from people who don’t know much about the case, but think they do.

I’ve also heard some comments about Johnny Cochran, who died earlier this week. I don’t care who it is, “burn in hell” just isn’t appropriate. I didn’t like it when people said it about Reagan, and I don’t like it now. I don’t even hold a grudge against Johnny for getting OJ off. Defense lawyers are a vital part of the administration of justice.

That all changed once Danny came out to meet me. After chit chatting for a few minutes, he took me to a small room – no wider than my outstretched arms – at the far end of which stood one of those classic red English phone booths. We stepped inside – a bit cramped – and Danny lifted the receiver and dictated a passphrase of some sort. Presto – the rear wall of the booth opened, and we stepped into – nerdvana.

A Morning With Danny Hillis

I’m not normally one to buy into “such and such will change the way you do so and so”, but I’ve had my tivo for a little while now and ya know, it really has changed the way I watch TV.