I couldn't find the e-mail that was trying to be sent (by checking in AVG's outbox), and after a quick search through the source code, I couldn't find any reference to a .ru address. I'm going to assume that the application has been hijacked somehow, but I used the opportunity to wipe the hard drive and make sure my file system was intact.
UPDATE: after doing some searching on spyware in Shareaza, I managed to find these comments suggesting that it does, in fact, contain spyware:
http://www.download.com/Shareaza/3641-2166_4-9062723.html
UPDATE 2: I managed to find this posting on Shareaza's Wiki:
http://wiki.shareaza.com/static/Troubleshoot.Email
Basically, a computer that Shareaza is trying to connect to is using port 25 as it's "listening" port. This is reserved for SMTP, but when you put Shareaza into "Random Port mode", 25 could occasionally come up. Based on this info, Shareaza does NOT (currently) have spyware.
UPDATE 3: In case you didn't know, the Shareaza domain has been hijacked by scammers, and they have released a version of Shareaza that is loaded with spyware. Do not use Shareaza unless you get it from Sourceforge
http://torrentfreak.com/scammers-move-to-seize-shareaza-trademark-080302/
According to Wikipedia, here is the latest info:
Domain takeover / transfer
On 19 December 2007, the project's domain name, shareaza.com, was redirected to an unrelated site, promoting the download of an spyware client known as ShareazaV4.[4] As a result, the original project was forced to move their home page to SourceForge.net.
Since 1 January 2008, the new domain takes advantage of Shareaza's built-in automatic update feature to suggest to users that the ShareazaV4 application is an update to Shareaza. This vulnerability was fixed in Shareaza 2.3.1.0.[5]
The La Societe Des Producteurs De Phonogrammes En France (SPPF), the representative of recording labels in France, has taken legal action against Jonathan Nilson since his name was under the domain shareaza.com at the time.
Attempted trademark takeover
On January 10, 2008, the new owners of Shareaza.com, Discordia Ltd (iMesh Inc.[6]), filed for trademark registration of the Shareaza name, claiming that the first-ever use of this name was on December 17, 2007.[7] The Shareaza Development Team urged users of the program to send Letters of Protest to the patent office and set up a legal defense fund.[8]
2 comments:
Hello Chris Clark. I was doing the same research you did but according to the german anti spyware a-squared Shareazza is packed with medium risk trace cookies. More than sixty... I used Shareazza for some time but I think it is extremely invasive. I had to use the registry level to delete all Shareazza files and took hours because I've found Shareazza nearly everywhere. Besides this problem I think it may probably have a global hook, just like Real Player. The firewall Comodo showed me that it might be the case. Anyway, Shareazza also came to me with to trojans and I wonder whether Shareazza itself is not a disguised
spyware. I wont use nevermore.
Gook luck anyway,
joao esc.
Yes, you are correct. The original post was from a couple of years ago, but the Sharaza name has been hijacked by some cock suckers that only want to spread their shit around the world. They somehow stole the domain name, then took the open source Shareaza and jammed it with their shit and are infecting computers all over the world. Thanks for reminding me about this post, I'll add a new update.
Post a Comment