Update (daily: 136)

ClamAV database updated (2004.02.21 01:23 GMT): daily.cvd, viruses.db2
Version: 136

Submission: 1250
Sender: Jesper Juhl
Virus: Backdoor.Linux.UDP
Alias: Backdoor.Linux.UDP (kaspersky)
Added: Trojan.Linux.UDP

Submission: 1252
Sender: Michael St. Laurent
Virus: Unknown Virus
Notes: MS Echange mail format. No attachment. 
Notes: Sender contacted.
Added: No 

Submission: 1253
Sender: Sean Rogowsky
Virus: Netsky.b (Norton)
Notes: Attachment seems deleted by other AV. 
Notes: Sender contacted.
Added: No 

Submission: 1255
Sender: Milen Pankov
Virus: W32.Netsky.B@mm
Notes: Not processed: Zip file has zero size. 
Notes: Sender _NOT_ contacted, i think we have enough 
Notes: samples of this virus.
Added: No 

Submission: 1271
Sender: Jesper Juhl
Virus: Quest.495
Alias: Quest.388 (kaspersky)
Added: Quest.388

Submission: 1272
Sender: Tomek
Virus: W32/Sillydownloader.F
Alias: W32/Sillydownloader.F (F-Prot)
Added: W32.Sillydownloader.F

Submission: 1273
Sender: Jesper Juhl
Virus: Trojan.BAT.Ratty.A
Alias: Trojan.BAT.Ratty.AntiAVP.a (kaspersky), BAT/Rat.Filler.B (F-Prot)
Notes: Signature by Jesper
Added: Trojan.Bat.Ratty.AntiAVP.A

Submission: 1275
Sender: Jesper Juhl
Virus: Trojan.BAT.Deltree.RatAs
Alias: Trojan.BAT.DeltreeY.as (kaspersky), BAT/Deltree.trojan (F-Prot)
Added: Trojan.Bat.DeltreeY.AS

Submission: 1276
Sender: Jesper Juhl
Virus: Trojan.BAT.Deltree.RatAm
Alias: Trojan.BAT.DeltreeY.am (kaspersky)
Notes: Thanks Jesper. Your signature was not used since 
Notes: we had a little problem with the submission 
Notes: interface :(
Added: Trojan.Bat.DeltreeY.AM

Submission: 1277
Sender: Nagy Ferenc László
Virus: Worm.Win32.Francette.h
Alias: Worm.Win32.Francette.f (kaspersky)
Notes: Once runned, if process is dumped in a file and 
Notes: scanned, Exploit.DCOM.Gen is found :)
Added: Worm.Francette.F-packed

Submission: 1278
Sender: Nagy Ferenc László
Virus: Backdoor.Spyboter.gen
Alias: Backdoor.Spyboter.gen (kaspersky), Worm/SpyBot.#3 (HBEDV)
Added: Worm.SpyBot.3

Submission: 1286
Sender: Section
Virus: Unknown Virus
Notes: This zip file is seriously broken and cannot be 
Notes: extracted. Probably some size reduced bounced mail. 
Notes: Thanks anyway.
Added: No 

Submission: 1288
Sender: Andrzej
Virus: W32.Netsky.B@mm
Notes: Broken zip file. Not extractable.
Added: No 

Submission: 1290
Sender: James Love
Virus: BAT.Limi.c
Alias: BAT.Limi.c (kaspersky)
Notes: One line DOS batch virus that replaces all files 
Notes: matching *.b* by himself.
Added: Bat.Limi.C

Submission: 1254
Sender: Hans Allis
Virus: W32/Netsky.b@MM
Notes: textfile.rtf.pif: Worm.SomeFool FOUND
Added: No 

Submission: 1292
Sender: Ron Snyder
Virus: SCO.A-dam
Notes: After decoding Base64, clamscan gives: 
Notes: Worm.SCO.A-dam FOUND 
Notes: Don't forget that the virus submission interface should 
Notes: only receive new virii. As you said, this one is 
Notes: already detected. For the Base64 decoding part, i 
Notes: think headers are not present. I forwarded the sample 
Notes: to Nigel
Added: No 

Submission: 1293
Sender: Ron Snyder
Virus: SCO.A-dam
Notes: Same thing than submission 1292.
Notes: Worm.SCO.A-dam FOUND
Added: No 


Best regards,
Denis De Messemacker

-- 
Denis De Messemacker
GnuPG Key-ID: 0x02787880
ddm@xxxxxxxxxx   http://www.e-labs.org
ddm@xxxxxxxxxx   http://www.ClamAV.net - A GPL virus scanner

pgpQEWqaMV2mP.pgp
Description: PGP signature