RE: Update on grokster trojan domain name

From: Ken Pfeil (Kenat_private)
Date: Fri Dec 28 2001 - 09:01:31 PST

Next message: jontat_private: "Re: Grokster and possible trojan"

Previous message: Ugen: "Re: BitchX Segmentation Fault"
In reply to: Markus Kern: "Re: Update on grokster trojan domain name"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At lease two different AntiVirus companies now detect this. TROJ_DLDER.A or
Trojan/W32.Dlder is installed with the full installation of Grokster.
InCntrl5 install logs available to womever needs it..
Here's the response from Panda's lab.

Best Regards,
Ken



-----Original Message-----
From: Virus Research Lab. [mailto:virusat_private]
Sent: Friday, December 28, 2001 11:47 AM
To: Kenat_private
Subject: RE: (EG)FW: New Trojan


Dear customer,

After checking in our laboratory the files you enclose, we can confirm they
belong to the trojan known as Trojan/W32.Dlder. Due to the nature of the
files, they can only be deleted.

 <<Pav.zip>>
Find enclosed the latest signatures file, you can detect and eliminate this
trojan with. Follow this procedure:

1.- Decompress the Pav.zip file in the directory where the antivirus is
installed.
2.- Copy the PAV.SIG file generated to the \Windows\System (if you run
W95/W98) or \WinNT\System32 directory (if you run NT).
3.- Restart your system and use the antivirus normally.

If you find any problems with the process, you may contact our technical
support department (supportat_private) where you can be given the
right directions.

You will soon find information about this trojan in the following URL:

http://service.pandasoftware.es/library/virusCard.jsp?Virus=Trojan/W32.Dlder

Best regards,

Virus Research Lab
mailto:virusat_private

Panda Software
Buenos Aires 12
48001 BILBAO - SPAIN
Phone: +34 94 425 11 00      Fax: +34 94 424 46 97
http://www.pandasoftware.com
"The first antivirus company in the world to offer technical support
services 24 hours a day, 365 days a year and daily updates. "
Ridding the Planet of Viruses! Try our products, FREE! at
http://www.pandasoftware.com/form.htm


> -----Mensaje original-----
> De:	Ken Pfeil [SMTP:Kenat_private]
> Enviado el:	viernes 28 de diciembre de 2001 16:04
> Para:	virusat_private
> Asunto:	(EG)FW: New Trojan
>
>
>
>
> -----Original Message-----
> From: Ken Pfeil [mailto:Kenat_private]
> Sent: Friday, December 28, 2001 9:25 AM
> To: supportat_private; labsat_private
> Cc: pbustamanteat_private; pbustamanteat_private
> Subject: New Trojan
>
>
> The online scanner did not pick this up, however Trend's did. TROJ_DLDER.A
> is what it came up with.
>
> Password is "test"
>
> Thanks,
> Ken
>  <<Archivo: test.zip>>

Next message: jontat_private: "Re: Grokster and possible trojan"
Previous message: Ugen: "Re: BitchX Segmentation Fault"
In reply to: Markus Kern: "Re: Update on grokster trojan domain name"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Dec 28 2001 - 09:32:29 PST