OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Ken Pfeil (Keninfosec101.org)
Date: Fri Dec 28 2001 - 11:01:31 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    At lease two different AntiVirus companies now detect this. TROJ_DLDER.A or
    Trojan/W32.Dlder is installed with the full installation of Grokster.
    InCntrl5 install logs available to womever needs it..
    Here's the response from Panda's lab.

    Best Regards,
    Ken

    -----Original Message-----
    From: Virus Research Lab. [mailto:viruspandasoftware.com]
    Sent: Friday, December 28, 2001 11:47 AM
    To: Keninfosec101.org
    Subject: RE: (EG)FW: New Trojan

    Dear customer,

    After checking in our laboratory the files you enclose, we can confirm they
    belong to the trojan known as Trojan/W32.Dlder. Due to the nature of the
    files, they can only be deleted.

     <<Pav.zip>>
    Find enclosed the latest signatures file, you can detect and eliminate this
    trojan with. Follow this procedure:

    1.- Decompress the Pav.zip file in the directory where the antivirus is
    installed.
    2.- Copy the PAV.SIG file generated to the \Windows\System (if you run
    W95/W98) or \WinNT\System32 directory (if you run NT).
    3.- Restart your system and use the antivirus normally.

    If you find any problems with the process, you may contact our technical
    support department (supportpandasoftware.com) where you can be given the
    right directions.

    You will soon find information about this trojan in the following URL:

    http://service.pandasoftware.es/library/virusCard.jsp?Virus=Trojan/W32.Dlder

    Best regards,

    Virus Research Lab
    mailto:viruspandasoftware.com

    Panda Software
    Buenos Aires 12
    48001 BILBAO - SPAIN
    Phone: +34 94 425 11 00 Fax: +34 94 424 46 97
    http://www.pandasoftware.com
    "The first antivirus company in the world to offer technical support
    services 24 hours a day, 365 days a year and daily updates. "
    Ridding the Planet of Viruses! Try our products, FREE! at
    http://www.pandasoftware.com/form.htm

    > -----Mensaje original-----
    > De: Ken Pfeil [SMTP:Keninfosec101.org]
    > Enviado el: viernes 28 de diciembre de 2001 16:04
    > Para: virusvirus.pandasoftware.com
    > Asunto: (EG)FW: New Trojan
    >
    >
    >
    >
    > -----Original Message-----
    > From: Ken Pfeil [mailto:Keninfosec101.org]
    > Sent: Friday, December 28, 2001 9:25 AM
    > To: supportpandasoftware.com; labspandasoftware.com
    > Cc: pbustamantepandasoftware.com; pbustamantepandasoftware.es
    > Subject: New Trojan
    >
    >
    > The online scanner did not pick this up, however Trend's did. TROJ_DLDER.A
    > is what it came up with.
    >
    > Password is "test"
    >
    > Thanks,
    > Ken
    > <<Archivo: test.zip>>