BearShare Forums  

Go Back   Gnutella Forums > Current Gnutella Client Forums > BearShare (Windows) > BearShare Open Discussion
Register FAQ The Twelve Commandments Members List Calendar Arcade Find the Best VPN Today's Posts

BearShare Open Discussion Open topic discussion for BearShare users

Preview this popular software (BearShare Beta v5 "Download")


Welcome To Gnutella Forums

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content, fun aspects such as the image caption contest and play in the arcade, and access many other special features after your registration and email confirmation. Registration is fast, simple and absolutely free so please, join our community today! (click here) (Note: we use Yandex mail server so make sure yandex is not on your email filter or blocklist.) Confirmation emails might be found in your Junk folder, especially for Yahoo or GMail.

If you have any problems with the Gnutella Forum registration process or your Gnutella Forum account login, please contact us (this is not for program use questions.) Your email address must be legitimate and verified before becoming a full member of the forums. Please be sure to disable any spam filters you may have for our website, so that email messages can reach you.
Note: Any other issue with registration, etc., send a Personal Message (PM) to one of the active Administrators: Lord of the Rings or Birdy.

Once registered but before posting, members MUST READ the FORUM RULES (click here) and members should include System details - help us to help you (click on blue link) in their posts if their problem relates to using the program. Whilst forum helpers are happy to help where they can, without these system details your post might be ignored. And wise to read How to create a New Thread

Thank you

If you are a Spammer click here.
This is not a business advertising forum, all member profiles with business advertising will be banned, all their posts removed. Spamming is illegal in many countries of the world. Guests and search engines cannot view member profiles.



           Deutsch?              Español?                  Français?                   Nederlands?
   Hilfe in Deutsch,   Ayuda en español,   Aide en français et LimeWire en françaisHulp in het Nederlands

Forum Rules

Support Forums

Before you post to one of the specific Client Help and Support Conferences in Gnutella Client Forums please look through other threads and Stickies that may answer your questions. Most problems are not new. The Search function is most useful. Also the red Stickies have answers to the most commonly asked questions. (over 90 percent).
If your problem is not resolved by a search of the forums, please take the next step and post in the appropriate forum. There are many members who will be glad to help.
If you are new to the world of file sharing please do not be shy! Everyone was ‘new’ when they first started.

When posting, please include details for:
Your Operating System ....... Your version of your Gnutella Client (* this is important for helping solve problems) ....... Your Internet connection (56K, Cable, DSL) ....... The exact error message, if one pops up
Any other relevant information that you think may help ....... Try to make your post descriptive, specific, and clear so members can quickly and efficiently help you. To aid helpers in solving download/upload problems, LimeWire and Frostwire users must specify whether they are downloading a torrent file or a file from the Gnutella network.
Members need to supply these details >>> System details - help us to help you (click on blue link)


Moderators

There are senior members on the forums who serve as Moderators. These volunteers keep the board organized and moving.
Moderators are authorized to: (in order of increasing severity)
Move posts to the correct forums. Many times, members post in the wrong forum. These off-topic posts may impede the normal operation of the forum.
Edit posts. Moderators will edit posts that are offensive or break any of the House Rules.
Delete posts. Posts that cannot be edited to comply with the House Rules will be deleted.
Restrict members. This is one of the last punishments before a member is banned. Restrictions may include placing all new posts in a moderation queue or temporarily banning the offender.
Ban members. The most severe punishment. Three or more moderators or administrators must agree to the ban for this action to occur. Banning is reserved for very severe offenses and members who, after many warnings, fail to comply with the House Rules. Banning is permanent. Bans cannot be removed by the moderators and probably won't be removed by the administration.


The Rules

1. Warez, copyright violation, or any other illegal activity may NOT be linked or expressed in any form. Topics discussing techniques for violating these laws and messages containing locations of web sites or other servers hosting illegal content will be silently removed. Multiple offenses will result in consequences. File names are not required to discuss your issues. If filenames are copyright then do not belong on these forums & will be edited out or post removed. Picture sample attachments in posts must not include copyright infringement.

2. Spamming and excessive advertising will not be tolerated. Commercial advertising is not allowed in any form, including using in signatures.

3. There will be no excessive use of profanity in any forum.

4. There will be no racial, ethnic, or gender based insults, or any other personal attacks.

5. Pictures may be attached to posts and signatures if they are not sexually explicit or offensive. Picture sample attachments in posts must not include copyright infringement.

6. Remember to post in the correct forum. Take your time to look at other threads and see where your post will go. If your post is placed in the wrong forum it will be moved by a moderator. There are specific Gnutella Client sections for LimeWire, Phex, FrostWire, BearShare, Gnucleus, Morpheus, and many more. Please choose the correct section for your problem.

7. If you see a post in the wrong forum or in violation of the House Rules, please contact a moderator via Private Message or the "Report this post to a moderator" link at the bottom of every post. Please do not respond directly to the member - a moderator will do what is required.

8. Any impersonation of a forum member in any mode of communication is strictly prohibited and will result in banning.

9. Multiple copies of the same post will not be tolerated. Post your question, comment, or complaint only once. There is no need to express yourself more than once. Duplicate posts will be deleted with little or no warning. Keep in mind a forum censor may temporarily automatically hold up your post, if you do not see your post, do not post again, it will be dealt with by a moderator within a reasonable time. Authors of multiple copies of same post may be dealt with by moderators within their discrete judgment at the time which may result in warning or infraction points, depending on severity as adjudged by the moderators online.

10. Posts should have descriptive topics. Vague titles such as "Help!", "Why?", and the like may not get enough attention to the contents.

11. Do not divulge anyone's personal information in the forum, not even your own. This includes e-mail addresses, IP addresses, age, house address, and any other distinguishing information. Don´t use eMail addresses in your nick. Reiterating, do not post your email address in posts. This is for your own protection.

12. Signatures may be used as long as they are not offensive or sexually explicit or used for commercial advertising. Commercial weblinks cannot be used under any circumstances and will result in an immediate ban.

13. Dual accounts are not allowed. Cannot explain this more simply. Attempts to set up dual accounts will most likely result in a banning of all forum accounts.

14. Video links may only be posted after you have a tally of two forum posts. Video link posting with less than a 2 post tally are considered as spam. Video link posting with less than a 2 post tally are considered as spam.

15. Failure to show that you have read the forum rules may result in forum rules breach infraction points or warnings awarded against you which may later total up to an automatic temporary or permanent ban. Supplying system details is a prerequisite in most cases, particularly with connection or installation issues.

Violation of any of these rules will bring consequences, determined on a case-by-case basis.


Thank You! Thanks for taking the time to read these forum guidelines. We hope your visit is helpful and mutually beneficial to the entire community.


Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old February 25th, 2001
Novicius
 
Join Date: February 25th, 2001
Location: Pick, One USA
Posts: 3
ChronKyrios is flying high
Exclamation *Trojan Horse!!

I have been using bearShare for a shortperiod of time. I have found that MANY of my searches come up with an EXACT MATCH (with an EXE tacked on the end), though I am using only keywords. This follows even with searches like "dhvsbgjjk sdagbb".
Generally, the file size of the match is 8192 bytes, but has varied.
There is some consistency in the ip addresses that return it.
I downloaded one of them (incidentally), and ran it. It seemed to do nothing. Then my firewall started warning me of outbound connection requests. I denied it, removed it rebooted.
When I came back, I found a similar program with a different name in my startup menu. I removed that as well.

Could not determine the nature of the program except that it wanted to connect to seemingly random ip addresses.
The programs passed a virus check, and no reference was found on the internet.
Oh the only other consistency seemed to be they were all listed on port 99 in the search results column

This is a warning as well as a question. The question is, has anyone seen this, or know anything about it. Any information would be helpful.
Reply With Quote
  #2 (permalink)  
Old February 25th, 2001
TomG
Guest
 
Posts: n/a
Post

I have seen it.

It appears to be a tiny worm designed to simply propagate itself.

It seems to add itself to Gnutella's search results somehow.

It seems to contain and HTTP server in itself.

It seems to upload itself on any request to that HTTP server.

I couldn't tell you if it had any destructive payload.
Reply With Quote
  #3 (permalink)  
Old February 25th, 2001
Novicius
 
Join Date: February 25th, 2001
Location: Pick, One USA
Posts: 3
ChronKyrios is flying high
Post

still unsure of its limitations, but I am positive it is program independent. Just tried it with Gnotella, same reults.
Reply With Quote
  #4 (permalink)  
Old February 25th, 2001
Novicius
 
Join Date: February 25th, 2001
Location: Pick, One USA
Posts: 3
ChronKyrios is flying high
Exclamation

This is an update to this WORM/TROJAN thing:

I have found two alterations from the above description. Occasionally it will leave off the .exe from the file returned. And occasionally, it will return a file size of 4,294,967,295.


So far, I have been unable to block these return results with a firewall. I am using Tiny Personal, and am new at it. I have most of it set up fine, but this escapes me. Any help on that would be appreciated as well, though I know this is not a firewall support base
Reply With Quote
  #5 (permalink)  
Old March 1st, 2001
Craig
Guest
 
Posts: n/a
Lightbulb

Let's hope the impact of this new development does not become a thorn in the flesh. This worm is probably a pilot virus to test for its viability. There is little if any value in an 8K download, so the worm gives itself away, how many of us are searching for a file 8K in size, right? However, future revision could make the file any size, disguising its true colors.

I don't d/l any exe files as it is, I'm sure not going to start now. Embedding the file into a zip package could be a problem unless detection can remove it first. The big boys, i.e. Symantec and McAfee, will hopefully address the issue and resolve at some point. You might think that they have no concern for Gnutella plagues, but exe viruses can impact anyone with an internet connection, so they will have a vested interest in case variants/mutants come about, which I believe is inevitable.
Reply With Quote
  #6 (permalink)  
Old March 2nd, 2001
Shoeb
Guest
 
Posts: n/a
Post

So we can all learn to avoid downloading .exe files as well as files with no file type associated with them. But with respect to files with a false .mp3 extension, I don't see how that poses a threat. Because if you double click on a file like that, you're computer will try to open it with your music playing software and the software won't recognize the file and come back with an error message. So even if it's an executable file with a *.mp3 mask, it really can't be executed unless you explictly tell your computer to do so. Is there still a threat here?
Reply With Quote
  #7 (permalink)  
Old March 3rd, 2001
MANDAGORE WORM
Guest
 
Posts: n/a
Post

hi there, get real ppl dont trust all this mcaffe and symantec antiviruses, go get avp at www.avp.ru.
This is a worm documented at :

http://www.kaspersky.com/news.asp?tn...&id=162&page=0

fornutely it is harmless


cu
Reply With Quote
  #8 (permalink)  
Old March 6th, 2001
Apprentice
 
Join Date: March 6th, 2001
Location: New York City
Posts: 6
hesterloli is flying high
Post

I wouldn't do that. They will hassle you for the rest of your life.
hesterloli


Quote:
<font face="Verdana, Arial" size="2">Originally posted by MANDAGORE WORM:
hi there, get real ppl dont trust all this mcaffe and symantec antiviruses, go get avp at www.avp.ru.
This is a worm documented at :

http://www.kaspersky.com/news.asp?tn...&id=162&page=0

fornutely it is harmless


cu
</font>
Reply With Quote
  #9 (permalink)  
Old March 6th, 2001
Apprentice
 
Join Date: March 6th, 2001
Location: New York City
Posts: 6
hesterloli is flying high
Post

You are correct. So what if a virus as been renamed to an mp3? So what? Since when does your media player know how to execute anything? mp3 files are not executed they are played. Viruses are not played they are executed. There is a big damn difference.
hesterloli

Quote:
<font face="Verdana, Arial" size="2">Originally posted by Shoeb:
So we can all learn to avoid downloading .exe files as well as files with no file type associated with them. But with respect to files with a false .mp3 extension, I don't see how that poses a threat. Because if you double click on a file like that, you're computer will try to open it with your music playing software and the software won't recognize the file and come back with an error message. So even if it's an executable file with a *.mp3 mask, it really can't be executed unless you explictly tell your computer to do so. Is there still a threat here? </font>
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
New Trojan Horse! turquoisesky Download/Upload Problems 0 June 23rd, 2005 06:48 PM
Trojan Horse... landshark99 General Mac OSX Support 5 June 16th, 2004 10:01 AM
*Shareaza a possible trojan horse? Unregistered Shareaza (Windows) 14 July 8th, 2002 07:16 PM
trojan horse 123yebo General Gnutella / Gnutella Network Discussion 7 June 17th, 2002 07:16 PM
Trojan horse Becker BearShare Open Discussion 12 February 11th, 2002 06:58 PM


All times are GMT -7. The time now is 07:33 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
SEO by vBSEO 3.6.0 ©2011, Crawlability, Inc.

Copyright © 2020 Gnutella Forums.
All Rights Reserved.