RE: Download.trojan appdl[1].exe

["Discini, Sonny" <Sonny.Discini () montgomerycountymd gov>]

I too have seen the exact same thing. I have contacted Symantec with the
information we gathered yet I have not received a response yet. If you
hear something, please post and I will do likewise.

Sonny Discini
Network Security Engineer
Department of Technology Services
Enterprise Infrastructure Division
Montgomery County Government


-----Original Message-----
From: Alan Kloster [mailto:akloster () spp org] 
Sent: Thursday, November 20, 2003 11:53 AM
To: Full-disclosure () lists netsys com
Subject: [Full-disclosure] Download.trojan appdl[1].exe



We have seen several infections caught by Symantec this morning as
download.trojan which appears to be a generic catch-all Symantec is
using for a wide variety of trojans that attempt to download files.  The
virus alert triggered the first time they opened IE this morning.  The
files that it identified as trojans were appdl.exe, appdl[1].exe and
sleep.exe.  The sleep.exe could have been a legit windows file, but it
shouldn't have been on the one of three PC's were a full scan was run. I
have searched Google and other sites for appdl.exe and appdl[1].exe but
the searches return nothing.  Does anyone have any info on this? Thanks.

Alan Kloster

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html