Technorati
Digg
Delicious
Reddit
StumbleUpon
Facebook
Yahoo
Twitter
Faves
Newsvine
- Discovered:
- November 1, 2002
- Updated:
- February 13, 2007 11:55:27 AM
- Type:
- Trojan Horse
- Systems Affected:
- Windows 2000, Windows 3.x, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
This Trojan is written as a batch script. When it runs, it attempts to replace the C:\Autoexec.bat file and delete all executable files and some data files in specified folders. The Trojan pretends to be an updater for Symantec virus definitions.
This Trojan may appear to be sent by symantec_ltd@<address removed>. The email message may appear as follows:
Dear Value Customer:
Her is latest anti-virus update program for you.
this program will be update your anti-virus
definition files instead of old version automatically,
after finished this step, your anti-virus program will
keep up-to-date to avoid from the new virus attacks.
Thanks a lot!
Customer Services Department
Symantec (Hong Kong) Limited
NOTE: Symantec never sends unsolicited email. This email message is not sent by Symantec.
Antivirus Protection Dates
- Initial Rapid Release version November 4, 2002
- Latest Rapid Release version September 28, 2010 revision 054
- Initial Daily Certified version November 4, 2002
- Latest Daily Certified version September 28, 2010 revision 036
- Initial Weekly Certified release date November 4, 2002
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
- Wild Level: Low
- Number of Infections: 0 - 49
- Number of Sites: 0 - 2
- Geographical Distribution: Low
- Threat Containment: Easy
- Removal: Easy
Damage
- Damage Level: High
Distribution
- Distribution Level: Low
Writeup By: Robert X Wang
