At lease two different AntiVirus companies now detect this. TROJ_DLDER.A or Trojan/W32.Dlder is installed with the full installation of Grokster. InCntrl5 install logs available to womever needs it.. Here's the response from Panda's lab. Best Regards, Ken -----Original Message----- From: Virus Research Lab. [mailto:virusat_private] Sent: Friday, December 28, 2001 11:47 AM To: Kenat_private Subject: RE: (EG)FW: New Trojan Dear customer, After checking in our laboratory the files you enclose, we can confirm they belong to the trojan known as Trojan/W32.Dlder. Due to the nature of the files, they can only be deleted. <<Pav.zip>> Find enclosed the latest signatures file, you can detect and eliminate this trojan with. Follow this procedure: 1.- Decompress the Pav.zip file in the directory where the antivirus is installed. 2.- Copy the PAV.SIG file generated to the \Windows\System (if you run W95/W98) or \WinNT\System32 directory (if you run NT). 3.- Restart your system and use the antivirus normally. If you find any problems with the process, you may contact our technical support department (supportat_private) where you can be given the right directions. You will soon find information about this trojan in the following URL: http://service.pandasoftware.es/library/virusCard.jsp?Virus=Trojan/W32.Dlder Best regards, Virus Research Lab mailto:virusat_private Panda Software Buenos Aires 12 48001 BILBAO - SPAIN Phone: +34 94 425 11 00 Fax: +34 94 424 46 97 http://www.pandasoftware.com "The first antivirus company in the world to offer technical support services 24 hours a day, 365 days a year and daily updates. " Ridding the Planet of Viruses! Try our products, FREE! at http://www.pandasoftware.com/form.htm > -----Mensaje original----- > De: Ken Pfeil [SMTP:Kenat_private] > Enviado el: viernes 28 de diciembre de 2001 16:04 > Para: virusat_private > Asunto: (EG)FW: New Trojan > > > > > -----Original Message----- > From: Ken Pfeil [mailto:Kenat_private] > Sent: Friday, December 28, 2001 9:25 AM > To: supportat_private; labsat_private > Cc: pbustamanteat_private; pbustamanteat_private > Subject: New Trojan > > > The online scanner did not pick this up, however Trend's did. TROJ_DLDER.A > is what it came up with. > > Password is "test" > > Thanks, > Ken > <<Archivo: test.zip>>
This archive was generated by hypermail 2b30 : Fri Dec 28 2001 - 09:32:29 PST