Vulnerability Development mailing list archives
RE: Update on grokster trojan domain name
From: "Ken Pfeil" <Ken () infosec101 org>
Date: Fri, 28 Dec 2001 12:01:31 -0500
At lease two different AntiVirus companies now detect this. TROJ_DLDER.A or Trojan/W32.Dlder is installed with the full installation of Grokster. InCntrl5 install logs available to womever needs it.. Here's the response from Panda's lab. Best Regards, Ken -----Original Message----- From: Virus Research Lab. [mailto:virus () pandasoftware com] Sent: Friday, December 28, 2001 11:47 AM To: Ken () infosec101 org Subject: RE: (EG)FW: New Trojan Dear customer, After checking in our laboratory the files you enclose, we can confirm they belong to the trojan known as Trojan/W32.Dlder. Due to the nature of the files, they can only be deleted. <<Pav.zip>> Find enclosed the latest signatures file, you can detect and eliminate this trojan with. Follow this procedure: 1.- Decompress the Pav.zip file in the directory where the antivirus is installed. 2.- Copy the PAV.SIG file generated to the \Windows\System (if you run W95/W98) or \WinNT\System32 directory (if you run NT). 3.- Restart your system and use the antivirus normally. If you find any problems with the process, you may contact our technical support department (support () pandasoftware com) where you can be given the right directions. You will soon find information about this trojan in the following URL: http://service.pandasoftware.es/library/virusCard.jsp?Virus=Trojan/W32.Dlder Best regards, Virus Research Lab mailto:virus () pandasoftware com Panda Software Buenos Aires 12 48001 BILBAO - SPAIN Phone: +34 94 425 11 00 Fax: +34 94 424 46 97 http://www.pandasoftware.com "The first antivirus company in the world to offer technical support services 24 hours a day, 365 days a year and daily updates. " Ridding the Planet of Viruses! Try our products, FREE! at http://www.pandasoftware.com/form.htm
-----Mensaje original----- De: Ken Pfeil [SMTP:Ken () infosec101 org] Enviado el: viernes 28 de diciembre de 2001 16:04 Para: virus () virus pandasoftware com Asunto: (EG)FW: New Trojan -----Original Message----- From: Ken Pfeil [mailto:Ken () infosec101 org] Sent: Friday, December 28, 2001 9:25 AM To: support () pandasoftware com; labs () pandasoftware com Cc: pbustamante () pandasoftware com; pbustamante () pandasoftware es Subject: New Trojan The online scanner did not pick this up, however Trend's did. TROJ_DLDER.A is what it came up with. Password is "test" Thanks, Ken <<Archivo: test.zip>>
Current thread:
- Update on grokster trojan domain name scott (Dec 27)
- Re: Update on grokster trojan domain name Markus Kern (Dec 28)
- RE: Update on grokster trojan domain name Ken Pfeil (Dec 28)
- Re: Update on grokster trojan domain name Markus Kern (Dec 28)