[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Win32.Trojan.Agent appear when close Torpark



If the problem is being caused by the killprocdll, you can download
and verify it from here:

http://nsis.sourceforge.net/mediawiki/images/1/12/KillProcDLL-bin.zip

I  may  switch  from using KillProcDll for the next version of Torpark
that  I release. The reason that KillProcDLL is called is to make sure
that  no  tor process is staying resident even after a shutdown signal
has been sent to the program.

And fyi, Torpark does not use Firefox Portable at all anymore, my code
is  way more advanced. However, I still give credit to John Haller, as
he  deserves  his  due.  Cord also deserves recognition on writing the
win32  signaler  for  Tor, god bless him. And it might be of some note
that  Tor  is  also  created  from  other  works  such as libcrypt and
openssl,  so talking about how one program is made from others seems a
dubious  distinction.  The  reason I don't modify those sources is for
the  security,  veracity,  and  the  ability for users to easily build
Torpark. There seems to have been a lot of recalcitrance towards Win32
users. You may recall that until quite recently, the method to compile
Tor  for  a  win32 environment was obscure, out-dated, and of very low
importance to the Tor developers. Thankfully, some kind person stepped
in  to  clear up the issue. No doubt that has garnered some resentment
and false appreciation.

Secondly,  I  doubt  you  will  ever  see  Torpark endorsed by the Tor
developers,  but  not  for  a  lack  of  merit, security, open source,
documentation,  or  licensing  compliance; which have all been phantom
claims against it. To my knowledge, the Tor developer making all these
false  complaints  has  never  actually  run Torpark, or looked at the
source  code.  Yet  he  can  still  find time to cast doubt against it
without  concerning  himself with the trouble of investigating his own
claims. He has even gone so far as to insist that he is working on his
own version of Torpark, due to these phantom menaces.

In  the one year it has been around, Torpark seems to have rivaled Tor
for popularity, which has been around for (4+?) years. I can only feel
that this has lead to actions implying insecurity. Feel free to google
"Tor+eff"  vs  "Torpark".  And  I've  tried  to  give  credit  and the
opportunity  to  be  part  of  it,  but  alas.  Since the inception of
Torpark,  Tor awareness has skyrocketed, leading to a quadruple of Tor
servers  and  an order of magnitude of new users. I don't want to take
the  credit on that, as the Germany busts and anti-tor whitepapers may
have  had something to do with it; but to be quite honest, this hasn't
been  a  banner  year  for  Tor. Perhaps this is the price you pay for
ignoring  your  largest user-base (win32) and engaging in intellectual
snobbery. In any case, I think Alexander Hamilton said it best.

And  lastly,  to  clear  up any concerns about cDc etc: You may recall
that cDc released Back Orifice, which embarassed Microsoft back tot he
drawingboard. Hacktivismo is the human-rights wing of the cDc. I am an
attache  of  Hacktivismo.  Hacktivismo  has also released Scatterchat,
which  is  a  PKE  secured,  Tor anonymized, end-to-end encrypted chat
program.  I  developed  Torpark  before  I became an attache, but have
heavily  developed  it  further since then. I will continue to develop
it,  and  a new release is waiting in the wings, with some awesome new
features  like auto-update and a broadband-speed anonymization network
that  solves  the  trust  issue  of  multiple  exit nodes sniffing the
traffic.  I  am also shortly going to release a Tor+Thunderbird client
with    superfast   anonymous+offshore+encrpted+SSL-only+POP/IMAP+LDAP
Address  book+hot  backup-ed  email service, and I hope my users enjoy
the hell out of it because I do it all for them.

Regards,

Steve Topletz
Torpark Developer




Sunday, November 12, 2006, 3:14:08 PM, you wrote:

>> Keep cool men, I don´t think you put trojans in Torpark, Tor or Portable
>> Firefox, however since I last week updated the antivirus and antispyware
>> database in my F-Secure firewall, I always get this warning when closing
>> Torpark 1.5 (build on Tor v0.1.1.12) but never when I start the Torpark.
>> This warning appear even when I first mechanically disconnect the line from
>> internet before closing Torpark, so it must be something already in the
>> computer related to Torpark closing:
>> Virus & Spy Protection has detected Win32.Trojan.Agent
>> malware in your computer.

> 1. Torpark is not made by the good people who made Tor. It is also not endores
> by the Tor-developers. It is made by a third party who packages together
> existing seperate products. Torpark is simply a pack of other tools.

> 2. Please try the actual tools included seperately and see if 
> this "Win32.Trojan.Agent" is reported. By this I mean that you should:

> - Download and install Tor.
> - Download and install Privoxy or Polipo
> - Download and install Firefox Portable.

> ...and see if the same Trojan.Agent is reported.

> You can make a simple bat file start.bat like this:

> start "Tor" /DTor /MIN tor.exe -f torrc.ini
> start "Polipo" /DPolipo /MIN polipo-20060920.exe -c polipo.ini
> "FirefoxPortable\FirefoxPortable.exe"

> ..which basically does the exact same job as Torpark (No, this is not my batch
> file, it's from a project called "TorParkAlternative-1.5.0.7", but where oh
> were did this project go? I don't know, and nobody but nobody seems to be
> talking. But the point is simply that "Torpark" does nothing more than this
> batch file: It installs other peoples seperate products and starts them
> combined - using a binary .exe file. Why? I don't know why. I am not the
> Torpark developer, so I can't tell you. But I can tell you that you can do
> exactly the same thing WITHOUT an .exe file.

> We KNOW FOR A FACT that if you start the Torpark .exe in version 1.5.0.7, as
> in C:\Torpark\torpark.exe , with the switch /DEADBEEF you DO get a black
> cross with Cult of the Dead Cow symbols. No, this is not a "conspiracy
> theory", it's there, Torpark does includes a black cross with cult-symbols,
> you can check it out for yourself and verify this all by yourself.

> It must also be mentioned that the fact Cult of the Dead Cow made  
> http://xiandos.info/Back_Orifice

> So what you should try is to uninstall Torpark and install the products
> included in that bundle one by one, and then see if the "Win32.Trojan.Agent"
> shows up. If does then the problem may be your firewall, or something else
> has installed a trojan, or Torpark left behind a trojan. It it doesn't then
> it's Torpark itself which includes a trojan or is wrongly identified as a
> trojan.

> good luck.

> --xiando(tm)
> 911 inside job. (Democrats + Republicans) == CFR
> http://killtown.911review.org/ http://st911.org/



-- 
Best regards,
 Arrakistor                            mailto:arrakistor@xxxxxxxxx