It is called KMD.EXE. Don't run it! It will kill your drive! Don't touch it with a 60 meter pole! Josh got nailed with it, and it formatted his drive.

Virus scans will not see this file as a virus.

I have notified CNET this file is lurking on one of their links.

Paul

Is this an EXE file that automatically starts running even as you are loading an infected page from CNET? Or is it an executable file that might get saved to your hard disc and just double-clicked by the user at their peril?

I generally will not accept any EXE attached files from anyone via e-mail, and certainly will not run them. Some EXE files might be a self extracting funny Flash movie sent by a friend for a big laugh. But with so many viruses copying e-mail addresses and even resending themselves with the identity of your friends, running any attached EXE file is very foolhardy.

And, yes - the kmd.exe file wanted to start downloading as soon as the link was opened. However, it did let you know an instant pop-up window saying, "You have chosen to download bla bla bla...." and you had two options:

1. Save it to a disk (well, not too bad I guess)
2. Run from location (hmmmm. Now that can get interesting....)Then it would execute, I would presume.

Hell, we never invited the pop-up window!!!!! That's why I think someone hacked into CNET and placed it there.

I know the file is not self-executing. After Josh's drive got munched, I booted up into my "Experimental" drive in this computer and downloaded that file. It was not a self-executing file at download completion, and a virus scan didn't see it as a threat. And, for obvious reasons, I didn't have the balls to click on it.

If a person hacked into CNET and planted that exe file, that person should be emasculated, then dragged and quartered. I think there are many people who would agree with me on that issue.

 |  IP: Logged

 |  IP: Logged

 |  IP: Logged

 |  IP: Logged

 |  IP: Logged

Let's turn that question of yours around. Why would any sane person hack into a nationally famous website and place a file in it that would destroy someone else's personal property?

The drive was formatted because it was simply a human error by a trusting person on a supposedly trustworthy site. Have I not known, I am certain the same thing would have very easily happened to me.

What I am saying is that I consider myself as a sane and somewhat an intelligient person. Even though I do not open any exe files from someone I don't know, I would more than likely would have made the same error with a file on a nationally famous and trusted web site.

The file didn't say what it would do.

We all have run across some sites where there was an update or two that should be installed. Some will install them without you ever knowing it.

After I got snagged on some of that phoney stuff, I check out the validity. McAfee had one posted last week, but it may have not been from McAfee. I am still waiting for McAfee's analyses. It may have been a perfect page duplication to make it look official.

About a year ago, one similar came through on AOL. It was a bogus page. AOL verified it. And, the AOL tech said "These guys are getting smart!"

As you know, most virus scans will stop a file cold in its tracks if it is opened, providing, of course, it is a virus file and the most recent DAT files and scan engine is employed by the anti-virus program.

However, the subject file was not a virus file when scanned. This would cause many people to have a false sense of security, and let their guard down.

As for the incident that happened, well, I learned something also. That being, don't download any EXE file unless it is specifically requested from ANY site, whether it be from Microsoft, or Joe Blow's Funky Screen Savers.

I have been screwing around with computers for about 6 years now, and maybe I am in the dark ages. This is the first file I have seen that is floating around that will format your drive. I have heard of them from time to time in the past, but I never was really concerned about it - until now.

That's how we learn - by the school called "Hard Knocks".

Just like mounting a print - if we were to follow every rule in the book, we would never get our print mounted in a reasonable amount of time.

If we were to follow every rule of caution with our computers while on the internet, we would become so paranoid that we might as well turn our computers off and toss them in the landfill.

Paul

Kazaa Media Desktop Ver1.3

Ratings :

KaZaA offers a portfolio of products and services to enable the digital media revolution of instant access to music and video anytime, anywhere. All of KaZaA's products are based on a leading peer-to-peer media technology, the Kazaalib, which is also available for third-party developers and peer-to-peer service providers.

KaZaA Media Desktop is a full featured peer-to-peer file sharing application. You can search, download, organise and play your media files - audio, video, images and documents with it. It has a powerful search engine where you can search on 'meta data' such as categories, artist etc. Search results are grouped together, so the same file will only be displayed once. The application has intelligent download - files will be downloaded from several sources simultaneously thus speeding up the download, and they will be resumed if broken. In the latest release we have added instant messaging, you can send messages to other KaZaA members and members of other interconnected networks.

Kazaa is developed and owned by FastTrack.

It does not say anything about the file. Jerry, I will send this link to you so you can look at it and make a determination one way or another.

Scott, I probably interperted your post incorrectly. I will admit I do get my feathers ruffled anytime I hear someone gets their drive trashed, whether it by yours, mine, or anyone elses.

Therefore, I will apologize to you in case I may have accidently ruffled your feathers. I will send you the same link I sent Jerry if you would like to analyze it, too.

Tao, it was just "there". It said nothing other that kmd.exe. No description on what it is, or what it does.

Contacting download site...please wait. If your download does not start, click here.
KaZaa Media Desktop (as I expected)

(The page has links to : )
Publisher's Site
All Download Sites
Product Info
Read User Opinions
Submit Your Opinion

The download options are the standard Windows download/run options. As you point out, downloading to the drive won't execute the file. Run from location actually downloads the file to the temp internet files folder and then runs it from there.

In user opinions, there are complaints that the software is buggy and is loaded with "spyware." I didn't see anything about formatting a drive; however, there is a note on the all download sites link:
This title has been updated! The program you've requested, "KaZaa Media Desktop", has recently been updated.

I suppose it is possible that the update has been cracked and has a format command in it. Updates may not get as rigorous testing as original uploads. I'm mildly puzzled how it would get by a virus check since a "format" request is something a virus checker should find. (Although I could easily write a proggie that would sneak the command through any virus check, which is one reason I don't rely on them except as a cursory examination of a file.)

Simtel is about as safe as it gets for download sites. I've never used CNET, although I have used Hotfiles. I guess the new caution is to only download something that has been downloaded a number of times before, and always read the user feedback.

Remember that any privately written program is more likely to have a trojan or virus than a commercial program. If you do download, verify file size as a minimal check for unexpected add-ins. It isn't foolproof by any means, but it is a start.

 |  IP: Logged