|
|
|
|
03-22-2005, 04:54 PM
|
#1 |
gltdwif.exe
I've googled web/newsgroups & searched this group but haven't seen anything
on this file except 1 unanswered question by another user. Today my firewall advised that it was trying to access the internet. It is located on my win2k Pro sp4 machined in c:\winnt and the properties give no info at all, just that it's 20k. This is suspect in itself. I e-mailed the file to scan@virustotal per the thread on gedwipes.dll. In the meantime I've renamed the file gltdwif.old until further clarification. Anyone have any info on this? Thanks. Bill Piety |
|
|
|
03-22-2005, 05:04 PM
|
#2 |
|
Posts: n/a
|
Re: gltdwif.exe
Results of the scan:
Server response ---------------------------------------------------------------------------- ---- Results of a file scan This is a report processed by VirusTotal on 03/22/2005 at 17:50:57 (CET) after scanning the file "gltdwif.old" file. Antivirus Version Update Result AntiVir 6.30.0.7 03.22.2005 no virus found AVG 718 03.21.2005 no virus found BitDefender 7.0 03.22.2005 no virus found ClamAV devel-20050307 03.22.2005 Trojan.Downloader.Istbar-89 DrWeb 4.32b 03.22.2005 Trojan.Isbar.74 eTrust-Iris 7.1.194.0 03.22.2005 no virus found eTrust-Vet 11.7.0.0 03.22.2005 no virus found Fortinet 2.51 03.20.2005 no virus found F-Prot 3.16a 03.22.2005 could be infected with an unknown virus Ikarus 2.32 03.21.2005 no virus found Kaspersky 4.0.2.24 03.22.2005 no virus found McAfee 4451 03.21.2005 no virus found NOD32v2 1.1031 03.21.2005 Win32/TrojanDownloader.IstBar.ER Norman 5.70.10 03.21.2005 W32/Istbar.HL Panda 8.02.00 03.22.2005 no virus found Sybari 7.5.1314 03.22.2005 W32/Istbar.H Symantec 8.0 03.21.2005 no virus found "Bill Piety" <> wrote in message news:... > I've googled web/newsgroups & searched this group but haven't seen anything > on this file except 1 unanswered question by another user. Today my firewall > advised that it was trying to access the internet. It is located on my win2k > Pro sp4 machined in c:\winnt and the properties give no info at all, just > that it's 20k. This is suspect in itself. I e-mailed the file to > scan@virustotal per the thread on gedwipes.dll. In the meantime I've renamed > the file gltdwif.old until further clarification. Anyone have any info on > this? Thanks. > > |
|
|
|
03-22-2005, 05:45 PM
|
#3 |
|
Posts: n/a
|
Re: gltdwif.exe
On Tue, 22 Mar 2005 11:04:13 -0600, "Bill Piety" <>
wrote: >Results of the scan: > >Server response > >---------------------------------------------------------------------------- >---- > >Results of a file scan >This is a report processed by VirusTotal on 03/22/2005 at 17:50:57 (CET) >after scanning the file "gltdwif.old" file. > Antivirus Version Update Result > AntiVir 6.30.0.7 03.22.2005 no virus found > AVG 718 03.21.2005 no virus found > BitDefender 7.0 03.22.2005 no virus found > ClamAV devel-20050307 03.22.2005 Trojan.Downloader.Istbar-89 > DrWeb 4.32b 03.22.2005 Trojan.Isbar.74 > eTrust-Iris 7.1.194.0 03.22.2005 no virus found > eTrust-Vet 11.7.0.0 03.22.2005 no virus found > Fortinet 2.51 03.20.2005 no virus found > F-Prot 3.16a 03.22.2005 could be infected with an unknown virus > Ikarus 2.32 03.21.2005 no virus found > Kaspersky 4.0.2.24 03.22.2005 no virus found > McAfee 4451 03.21.2005 no virus found > NOD32v2 1.1031 03.21.2005 Win32/TrojanDownloader.IstBar.ER > Norman 5.70.10 03.21.2005 W32/Istbar.HL > Panda 8.02.00 03.22.2005 no virus found > Sybari 7.5.1314 03.22.2005 W32/Istbar.H > Symantec 8.0 03.21.2005 no virus found > A trojan downloader does exactly as it name describes. It downloads harmfull programs from the internet. IstBar downloads spyware to your computer. This is detected and removed by MS Antispyware and Spybot S&D to my knowledge. I think Adware also detects the same. This seems to be a new version though. I know Kaspersky detects quite a few other versions of IstBar. -- Regards, Ian Kenefick Got a virus? Go to www.ik-cs.com > 'Got a virus?' |
|
|
|
03-23-2005, 02:39 PM
|
#4 |
|
Posts: n/a
|
Re: gltdwif.exe
I run Ad-Aware & AntiVir - it got by both, as well as SpywareBlaster. I
noticed that Computer Associates is offering their anti-virus software free for 1 year, but I see relatively little mention of their prog. I wonder why. "Ian JP Kenefick" <> wrote in message news:... > On Tue, 22 Mar 2005 11:04:13 -0600, "Bill Piety" <> > wrote: > > >Results of the scan: > > > >Server response > > > >--------------------------------------------------------------------------- - > >---- > > > >Results of a file scan > >This is a report processed by VirusTotal on 03/22/2005 at 17:50:57 (CET) > >after scanning the file "gltdwif.old" file. > > Antivirus Version Update Result > > AntiVir 6.30.0.7 03.22.2005 no virus found > > AVG 718 03.21.2005 no virus found > > BitDefender 7.0 03.22.2005 no virus found > > ClamAV devel-20050307 03.22.2005 Trojan.Downloader.Istbar-89 > > DrWeb 4.32b 03.22.2005 Trojan.Isbar.74 > > eTrust-Iris 7.1.194.0 03.22.2005 no virus found > > eTrust-Vet 11.7.0.0 03.22.2005 no virus found > > Fortinet 2.51 03.20.2005 no virus found > > F-Prot 3.16a 03.22.2005 could be infected with an unknown virus > > Ikarus 2.32 03.21.2005 no virus found > > Kaspersky 4.0.2.24 03.22.2005 no virus found > > McAfee 4451 03.21.2005 no virus found > > NOD32v2 1.1031 03.21.2005 Win32/TrojanDownloader.IstBar.ER > > Norman 5.70.10 03.21.2005 W32/Istbar.HL > > Panda 8.02.00 03.22.2005 no virus found > > Sybari 7.5.1314 03.22.2005 W32/Istbar.H > > Symantec 8.0 03.21.2005 no virus found > > > > A trojan downloader does exactly as it name describes. It downloads > harmfull programs from the internet. IstBar downloads spyware to your > computer. This is detected and removed by MS Antispyware and Spybot > S&D to my knowledge. I think Adware also detects the same. This seems > to be a new version though. I know Kaspersky detects quite a few other > versions of IstBar. > > -- > > Regards, > Ian Kenefick > Got a virus? > Go to www.ik-cs.com > 'Got a virus?' |
|
|
|
03-23-2005, 04:54 PM
|
#5 |
|
Posts: n/a
|
Re: gltdwif.exe
From: "Bill Piety" <>
| I run Ad-Aware & AntiVir - it got by both, as well as SpywareBlaster. I | noticed that Computer Associates is offering their anti-virus software free | for 1 year, but I see relatively little mention of their prog. I wonder why. | "Ian JP Kenefick" <> wrote in message | news:... You'll get a nod of approval in; a.c.v and a.c.a-v for CA eTrust. CA eTrust - http://www.my-etrust.com/microsoft/index.cfm - FREE for one year. { Free offer ends 8/1/05 } Did you follow my instructions for TrendMicro Sysclean posted in the thread in a.c.a-v ? -- Dave http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm |
|
|
|
03-23-2005, 07:54 PM
|
#6 |
|
Posts: n/a
|
Re: gltdwif.exe
On Tue, 22 Mar 2005 10:54:55 -0600, "Bill Piety" <>
wrote: >I've googled web/newsgroups & searched this group but haven't seen anything >on this file except 1 unanswered question by another user. Today my firewall >advised that it was trying to access the internet. It is located on my win2k >Pro sp4 machined in c:\winnt and the properties give no info at all, just >that it's 20k. This is suspect in itself. I e-mailed the file to >scan@virustotal per the thread on gedwipes.dll. In the meantime I've renamed >the file gltdwif.old until further clarification. Anyone have any info on >this? Thanks. > ######################## Search the registry for it. donnie. |
|
|
