LiteSTEP users...a Trojan...

'heppened'...looks like I've gone all Kiwi...

Just one more reason to make me wonder if executables and DLL's should be allowed to be included in skins and themes here. I'd hate to, as a moderator, have to check every skin and theme for virii before allowing it. I'd hate to think of this site as a hub for virii and trojan horses. :/ I guess the same could be said about plugins packaged with WB skins, etc. I wonder what the solution can be.

Weeeell... As much as I hate it, there is no reason for anyone to distribute .DLLs in LS themes anymore, is there? I don't like the theme format very much, but it seems to be used more often than not now. If you guys wanted you could start axing themes that had them in it, i think. It would, however, probably take as long to open each .zip file and look for junk as it would to right click it and select scan. Danged if ya do, danged if ya don't, i guess.

P.S. as an aside, is anyone getting worried about the available scripting for some apps now? On a whim I tried a comple of things on my computer and I was dismayed at what I could make some of the scripting do... I could easily include scripts in some that would be devestating, and in others that would be very, very annoying.

baker...it's still necessary to include some third party modules with the themes......unless you want to be like some slackers and just upload the bmp's and step.rc...then have everyone complain the theme doesn't work right because they have the wrong modules/versions.
It's the sole reason I included 'full' shells in my early uploads...they work 'out of the box'.
They were always scanned for virii before upload, most even included the scan signature for validation.
These modules that were dirty were probably downloaded via Floach or LScom/net maybe 2 years ago [the trojan dates back to 1999].
It's actually in a dll that is not part of the actual module....not 'hotspots.dll', but 'kmhook.dll'...anyway I checked all my history of ups and none included that....[I keep records of ups].

If necessary, I'd much prefer to see the LS themes etc that include executables be scanned prior to public viewing....I can do that, at least....

thanks for the info, you should write a mail with the report to rootrider at shellfront and cypress at loose screws. checked the latest version (0.62) as well? i wonder why no other program has ever alerted you, if the trojan is so old, it should be well known ...

the ability to use the Windows Scripting Host seems to be a huge security issue for both DesktopX and LiteStep (the LiteStep module that can do that is called lsvirus btw.). oh well, at least i know nearly all themers whose themes i download personally.

Jafo: I was under the impression that's what they were shooting for with the theme format, and just let people put the 'requirements' in the description or readme. I always like zipping up the whole litestep folder, too, since the modules changed so often. maybe they will straighten things out soon.

Moshi: aye, and I am dubious about several others as well. Any of us could just do a compiled .dll mod for this or that if we wanted to be evil, but somehow it is scarier to think that theme or skin scripting could be misused. It would be a lot harder to stop, as well. I'm afraid the day will come that we'll have stuff floating around that virus programs won't catch.

They have the lsts program now and all you have to do is unzip the folder into your theme directory dlls and all. Thats what makes litestep so powerful its so customizeable, ive made my own themes and they are stable becasue they are integrated, You take that away from litestep users you get something similair to desktop X, theres nothing wrong with it. But i prefer the sheer custimization of litestep over any other program

Well, fortunatly or unfortunatly (depending on how you look at it) third party mods will always be a part of Litestep due to the fact Litestep and subsequently its' mods are always evolving (which creates compatibility conflicts with older versions).
Bottom line is , just be as careful as you can

moshi....0.62 was OK....in fact I have a heck of a lot of the modules and they were all OK apart from those 2.

baker....OTS as a format IS very good, but in order to still be innovative with themes you 'have' to use more than the core modules, and these others vary in age and compatability, requiring the conscientious themer to 'debug' before upload, so the themes will actually 'work'.
It's quite weird just what can happen with the 'wrong' module versions, or even where/when they are loaded.

When creating 'shells' [not just themes as such] you certainly CAN do serious 'damage' to a system....just script razrez.dll to set your monitor to 1600x1200 at 100hz...and unless you have a high-end monitor, you'll be staring at a new shade of black....and nothing else.
[yeah, OK, so I managed to do that to myself, once]...

Virus or no virus, shells 'can' be problematic....just remember how many times you hear...'LiteSTEP is crap...fragged my comp...had to reinstall Windows'...

That's why LiteStep will always be for power users. Hmm, and I thought people would scan their stuff before distributing it.

/me goes look for a virus scanner

Fun with LiteSTEP part two....

Good ol' Tauscan.....looking for trojans cleverly seems to want to intercept rainmation.dll when it's set to run an evar, eg. $File Manager$.
Animation works, but click-through doesn't....just sits there looking stupid [like me].
Right-click config locks up as well, needing recycle to free it.

I guess the trick is to run the proggy to be sure you are clean, then uninstall it till next time you want it. Either that or set it to allow some scripting or something...

if this Tauscan proggie is that smart i wont be so sure about the trojans either ...

Aye, listen to the moshman.