Update (daily: 128)

ClamAV database updated (2004.02.13 00:37 GMT): daily.cvd, viruses.db2
Version: 128

Submission: 806-web
Sender: David Hall
Virus: Backdoor.Winet
Alias: PornDialer.BM (RAV), Pornware.Dialer.RTSMini (KAV)
Added: Dialer.PornWare.RTSMini

Submission: 1014-web
Sender: James
Virus: W32.Nuffy.A
Alias: Win32/HLLW.Nuf.A (RAV), Win32.HLLW.Nuf.37123 (DrWeb), Worm.Win32.Nuf
Added: Worm.Nuf

Submission: 1031-web
Sender: simon holcombe
Virus: W97M/Hope.a
Added: Not yet, quarantined

Submission: 1033-web
Sender: James
Virus: I-Worm.Sober.c
Added: No
Note: The attachment is not a real binary, it contains a lot email-addresses in 
plain text and some bytes of binary data. It´s not possible to execute this 
file and wont hurt the recipient in any way. I also tested it with some other 
scanner and didn´t get a detection.

Submission: 1034-web
Sender: Axel Schwarzer
Virus: Friend.4752
Added: No
Note: I tested it with several scanners, let it run in a safe enviroment. I 
can´t see anything suspicious. This could be a false positive, i recommend to 
send the sample to panda .

Submission: 1036-web
Sender: Eugene Turovsky
Virus: W97M.Ethan
Added: Not yet, quarantined

Submission: 1037-web
Sender: Eugene Turovsky
Virus: W97M.Marker
Added: Not yet, quarantined

Submission: 1041-web
Sender: Florent AIDE
Virus: VirTool.Linux.Elfwrsec.a
Alias: Linux/Elfwrsec.A (AntiVir), linux/tool-elfwrsec (McAfee)
Added: VirTool.Linux.Elfwrsec.A

Submission: 1042-web
Sender: Florent AIDE
Virus: VirTool.Win32.TLSDemo
Alias: VirTool.Win32.TLSDemo (KAV), W32/TLSdemo.1 virus (AntiVir)
Added: VirTool.TLSDemo

Submission: 1044-web
Sender: Felix Riemann
Virus: TrojanProxy.Win32.Small.j
Alias: TrojanDownloader:Win32/Small (RAV)
Added: TrojanProxy.W32.Small.J

Submission: 1047
Sender: Gert-Jan de Jonge
Virus: Troj/Sdbot-Fam
Added: No
Note: 0-byte file, sender contacted

Submission: 1049
Sender: Gert-Jan de Jonge
Virus: Troj/Sdbot-Fam
Added: Trojan.SdBot.gen-3

Submission: 1065-web
Sender: Bertrand
Virus: Unknown
Alias: w32/vesser.worm.a (McAfee)
Added: Worm.Vesser.A-1
Note: I appended the -1 because this sample isn´t the original Vesser but a 
slightly modified variant.

Submission: n/a
Sender: Christoph
Virus: various
Added: Trojan.PSW.AIM.Chalex.30
Added: VirTool.Ainder.F
Added: Trojan.CyberSpy.85-edit
Added: Trojan.Cyberspy.85-srv
Added: Trojan.Beast.191-Server

-- 
Best regards,
 Christoph                          mailto:ib@xxxxxxxxxxxxxx



-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click