Three very similar dowloaders are detected by this name. They were mass-distributed in e-mails with exciting text, but the attachment did not contain the promised photos, but in a Foto_Dance1.zip, DanceFoto34.zip or Foto3(DANCE).zip file the following downloaders:

Foto_Dance1.JPG......................exe
DanceFoto34.JPG..........exe
Foto3(DANCE).JPG........exe

Once started, all three programs try to download the same set of two files:
http://lifeskill.co.za/.gif (as c:\boot.old) and
http://www.gobernaciondecaqueta.gov.co/images/.gif (as c:\autoexec.exe)

There is nothing at the first url at the time of publishing this description, but in any case the downloader would delete the file without further regards. However, the downloaded content of the second link is executed. Virusbuster products detect that file as Trojan.DR.Goldun.BY.

The removal of the trojan can be accomplished by deleting the infected file.