********************************************************************** ** ** ** What's New in the NAV Virus Definitions Files WHATSNEW.TXT ** ** ** ** Symantec Security Response September 09, 2004 ** ** ** ********************************************************************** This document contains the following topics: * Virus Alerts * Changes Incorporated Into This Update * Additional Information ********************************************************************** ** Virus Alerts ** ********************************************************************** The ten most commonly reported viruses for July 2004, worldwide: 1 W32.Netsky.P@mm 2 W32.Netsky.P@mm!enc 3 Trojan Horse 4 W32.Beagle.X@mm 5 W32.HLLW.Gaobot.gen 6 W32.Erkez.B@mm 7 W32.Netsky.Z@mm 8 W32.Netsky.C@mm 9 W32.Netsky.D@mm 10 W32.Mydoom.A@mm.enc ********************************************************************** ** Changes Incorporated Into This Virus Definitions Update ** ********************************************************************** DATE ---- New virus definitions (sorted by Virus Name): Virus Name Infection Type Date added ---------- -------------- --------- Adware.DailyToolbar File infector 08/27/04 Adware.Forbes File infector 08/28/04 Adware.FreeScratchWin File infector 09/02/04 Adware.Horoscope File infector 09/05/04 Adware.MidADdle File infector 09/02/04 Adware.MoreResults File infector 09/02/04 Adware.MyPoints File infector 09/02/04 Adware.NeededWare File infector 08/30/04 Adware.StartPage.B File infector 09/01/04 Adware.WebRebates File infector 09/02/04 Adware.ZioCom File infector 09/08/04 Backdoor.Akak File infector 09/03/04 Backdoor.Alets File infector 08/31/04 Backdoor.Balkart File infector 09/02/04 Backdoor.Berbew.J File infector 08/24/04 Backdoor.IRC.Zcrew.D File infector 08/28/04 Backdoor.Nemog.B File infector 09/09/04 Download.Ject.B File infector 08/21/04 Download.Ject.C File infector 08/28/04 Download.Ject.C.tr File infector 08/28/04 Download.Ject.D File infector 08/31/04 Download.Ject.D!zip File infector 08/31/04 Downloader.CDT File infector 08/31/04 Downloader.CDT.B File infector 09/07/04 Hacktool.IGMPnuker File infector 09/03/04 Hacktool.Runservice File infector 09/03/04 Hacktool.ShadowAdmin File infector 08/20/04 JS.Pretex File infector 09/09/04 JS.Prompt File infector 09/07/04 JS.Trojan.Recycled File infector 09/03/04 Linux.Derfun File infector 09/02/04 PWSteal.Bancos.L File infector 09/08/04 PWSteal.Eyoni File infector 09/04/04 PWSteal.Tarno.I File infector 09/02/04 SecurityRisk.BrosExt File infector 09/03/04 Spyware.007Spy File infector 09/03/04 Spyware.2020search File infector 09/03/04 Spyware.ActualNames File infector 09/04/04 Spyware.ActualSpy File infector 08/31/04 Spyware.Arau File infector 08/21/04 Spyware.Goidr File infector 08/20/04 Spyware.Iwantsearch File infector 09/09/04 Spyware.PCMonitor File infector 08/31/04 Spyware.PCSpy File infector 09/07/04 Spyware.Sa_PCSpy File infector 09/09/04 Spyware.Sa_PCSpy.b File infector 09/09/04 Spyware.Seekseek File infector 08/20/04 Spyware.Shopnav.dl File infector 09/03/04 Spyware.SideStep File infector 09/03/04 Spyware.SpyMyPC File infector 09/03/04 Trojan.Baglet File infector 08/31/04 Trojan.CrashIE File infector 09/07/04 Trojan.Delsha File infector 08/20/04 Trojan.Hiva File infector 08/31/04 Trojan.Mitglieder.N File infector 08/21/04 Trojan.Mitglieder.O File infector 08/21/04 Trojan.Nullpos.B File infector 08/20/04 Trojan.Riler File infector 09/08/04 Trojan.Sconato File infector 08/20/04 Trojan.StartPage.H File infector 08/21/04 Trojan.Yipid File infector 09/01/04 VBS.Pretex File infector 09/09/04 VBS.Voodoo.C File infector 08/25/04 W32.Beagle.AQ@mm File infector 08/31/04 W32.Beagle.AQ@mm!zip File infector 09/01/04 W32.Blackmal.C@mm File infector 09/06/04 W32.Bugbear.M@mm File infector 09/04/04 W32.Cayman File infector 09/03/04 W32.Cocoazul@mm File infector 09/04/04 W32.Dugert File infector 09/03/04 W32.Gaobot.BIA File infector 09/04/04 W32.Gaobot.BIE File infector 09/07/04 W32.Gaobot.BIQ File infector 09/09/04 W32.Helex File infector 09/07/04 W32.IRCBot.D File infector 09/01/04 W32.IRCBot.E File infector 09/01/04 W32.IRCBot.F File infector 09/02/04 W32.IRCBot.G File infector 09/07/04 W32.IRCBot.H File infector 09/08/04 W32.Lovgate.AO@mm File infector 08/25/04 W32.Lovgate.AO@mm!inf File infector 08/26/04 W32.Mydoom.R@mm File infector 09/04/04 W32.Mydoom.S@mm File infector 09/09/04 W32.Mydoom.T@mm File infector 09/09/04 W32.Mydoom.gen@mm File infector 08/25/04 W32.Nafet File infector 09/03/04 W32.Nakrom@mm File infector 09/01/04 W32.Pikis@mm File infector 09/04/04 W32.Remadmin File infector 09/03/04 W32.Sandalu File infector 09/05/04 W32.Sasser.G File infector 08/24/04 W32.Scane File infector 08/27/04 W32.Spybot.DAZ File infector 08/27/04 W32.Spybot.DHV File infector 09/07/04 W32.Tiniresu File infector 08/25/04 W32.Wilab File infector 09/07/04 W64.Shruggle.1318 File infector 08/21/04 W97M.Plug File infector 09/08/04 W97M.Sun.B File infector 09/06/04 X97M.Ainesey.C File infector 08/20/04 New virus definitions (sorted by Date added): Virus Name Infection Type Date added ---------- -------------- ---------- Backdoor.Nemog.B File infector 09/09/04 JS.Pretex File infector 09/09/04 Spyware.Iwantsearch File infector 09/09/04 Spyware.Sa_PCSpy File infector 09/09/04 Spyware.Sa_PCSpy.b File infector 09/09/04 VBS.Pretex File infector 09/09/04 W32.Gaobot.BIQ File infector 09/09/04 W32.Mydoom.S@mm File infector 09/09/04 W32.Mydoom.T@mm File infector 09/09/04 Adware.ZioCom File infector 09/08/04 PWSteal.Bancos.L File infector 09/08/04 Trojan.Riler File infector 09/08/04 W32.IRCBot.H File infector 09/08/04 W97M.Plug File infector 09/08/04 Downloader.CDT.B File infector 09/07/04 JS.Prompt File infector 09/07/04 Spyware.PCSpy File infector 09/07/04 Trojan.CrashIE File infector 09/07/04 W32.Gaobot.BIE File infector 09/07/04 W32.Helex File infector 09/07/04 W32.IRCBot.G File infector 09/07/04 W32.Spybot.DHV File infector 09/07/04 W32.Wilab File infector 09/07/04 W32.Blackmal.C@mm File infector 09/06/04 W97M.Sun.B File infector 09/06/04 Adware.Horoscope File infector 09/05/04 W32.Sandalu File infector 09/05/04 PWSteal.Eyoni File infector 09/04/04 Spyware.ActualNames File infector 09/04/04 W32.Bugbear.M@mm File infector 09/04/04 W32.Cocoazul@mm File infector 09/04/04 W32.Gaobot.BIA File infector 09/04/04 W32.Mydoom.R@mm File infector 09/04/04 W32.Pikis@mm File infector 09/04/04 Backdoor.Akak File infector 09/03/04 Hacktool.IGMPnuker File infector 09/03/04 Hacktool.Runservice File infector 09/03/04 JS.Trojan.Recycled File infector 09/03/04 SecurityRisk.BrosExt File infector 09/03/04 Spyware.007Spy File infector 09/03/04 Spyware.2020search File infector 09/03/04 Spyware.Shopnav.dl File infector 09/03/04 Spyware.SideStep File infector 09/03/04 Spyware.SpyMyPC File infector 09/03/04 W32.Cayman File infector 09/03/04 W32.Dugert File infector 09/03/04 W32.Nafet File infector 09/03/04 W32.Remadmin File infector 09/03/04 Adware.FreeScratchWin File infector 09/02/04 Adware.MidADdle File infector 09/02/04 Adware.MoreResults File infector 09/02/04 Adware.MyPoints File infector 09/02/04 Adware.WebRebates File infector 09/02/04 Backdoor.Balkart File infector 09/02/04 Linux.Derfun File infector 09/02/04 PWSteal.Tarno.I File infector 09/02/04 W32.IRCBot.F File infector 09/02/04 Adware.StartPage.B File infector 09/01/04 Trojan.Yipid File infector 09/01/04 W32.Beagle.AQ@mm!zip File infector 09/01/04 W32.IRCBot.D File infector 09/01/04 W32.IRCBot.E File infector 09/01/04 W32.Nakrom@mm File infector 09/01/04 Backdoor.Alets File infector 08/31/04 Download.Ject.D File infector 08/31/04 Download.Ject.D!zip File infector 08/31/04 Downloader.CDT File infector 08/31/04 Spyware.ActualSpy File infector 08/31/04 Spyware.PCMonitor File infector 08/31/04 Trojan.Baglet File infector 08/31/04 Trojan.Hiva File infector 08/31/04 W32.Beagle.AQ@mm File infector 08/31/04 Adware.NeededWare File infector 08/30/04 Adware.Forbes File infector 08/28/04 Backdoor.IRC.Zcrew.D File infector 08/28/04 Download.Ject.C File infector 08/28/04 Download.Ject.C.tr File infector 08/28/04 Adware.DailyToolbar File infector 08/27/04 W32.Scane File infector 08/27/04 W32.Spybot.DAZ File infector 08/27/04 W32.Lovgate.AO@mm!inf File infector 08/26/04 VBS.Voodoo.C File infector 08/25/04 W32.Lovgate.AO@mm File infector 08/25/04 W32.Mydoom.gen@mm File infector 08/25/04 W32.Tiniresu File infector 08/25/04 Backdoor.Berbew.J File infector 08/24/04 W32.Sasser.G File infector 08/24/04 Download.Ject.B File infector 08/21/04 Spyware.Arau File infector 08/21/04 Trojan.Mitglieder.N File infector 08/21/04 Trojan.Mitglieder.O File infector 08/21/04 Trojan.StartPage.H File infector 08/21/04 W64.Shruggle.1318 File infector 08/21/04 Hacktool.ShadowAdmin File infector 08/20/04 Spyware.Goidr File infector 08/20/04 Spyware.Seekseek File infector 08/20/04 Trojan.Delsha File infector 08/20/04 Trojan.Nullpos.B File infector 08/20/04 Trojan.Sconato File infector 08/20/04 X97M.Ainesey.C File infector 08/20/04 Name Changes (sorted by Old Virus Name): Old Virus Name New Virus Name Date changed -------------- -------------- ------------ PWSteal.Tarno.E to PWSteal.Tarno.E 07/06/04 Adware Dropper to Adware.ClickDLoader 08/04/04 Adware.NetOptimize.B to Adware.NetOptimizer.B 08/19/04 Backdoor.Padodor to Backdoor.Berbew.D 04/21/04 Backdoor.Sdbot.U to Backdoor.Sdbot.Y 04/23/04 Backdoor.Skobie.A to Spyware.FamilyKeylog 05/02/04 Bin.Auto.CEV to Hypervisor.3141 09/06/04 EPOC.Cabir to SymbOS.Cabir 06/21/04 JS.Offiz to Trojan.Offiz 06/21/04 O97M.Tristate.Variant to O97M.Tristate.B 06/04/04 PWSteal.Skobie to Spyware.SpyAgent 05/12/04 PWSteal.Skobie.B to Backdoor.Haxdoor.B 05/20/04 PWSteal.Skobie.C to W32.Gaobot.ALV 05/25/04 Trojan.Ascetic.A to W32.Erkez.B@mm (2) 06/14/04 Trojan.Mits to W32.Mits.A@mm 07/25/04 Trojan.Simcss.B to Adware.Slagent 04/26/04 Trojan.Wingle to Trojan.Mitglieder.M 07/23/04 W32.Ainesey.A@mm (vbs) to W32.Ainesey.A@mm!vbs 06/30/04 W32.Beagle.AF@mm to W32.Mydoom.L@m 07/19/04 W32.Bobax.A to W32.Bobax.B 05/19/04 W32.Dumaru.AJ@mm to Backdoor.Nibu.F 05/18/04 W32.HLLW.Antinny.L to Trojan.Upbit 05/23/04 W32.HLLW.Gearbug@mm to W32.Bugbros.B@mm 04/26/04 W32.Korgo.H to W32.Korgo.I 06/29/04 W32.Korgo.I to W32.Korgo.N 06/29/04 W32.Korgo.M to W32.Korgo.S 06/28/04 W32.Korgo.N to W32.Korgo.T 06/28/04 W32.Korgo.O to W32.Korgo.U 06/28/04 W32.Korgo.Q to W32.Korgo.V 06/28/04 W32.LovGate.Z@mm to W32.Lovgate.Z@mm 07/06/04 W32.Mintop@mm to W32.Bigfairy.C@mm 04/19/04 W32.Mota.A to W32.Mota.A@mm 07/06/04 W32.Mydoom.L@m to W32.Mydoom.L@mm 07/19/04 W32.Netsup@mm to W32.Netsup.A@mm 05/31/04 W32.Poco to W32.Korgo.Y 07/13/04 W32.Randex.XU to Trojan.Niska 04/18/04 W32.Sober.H@mm to Trojan.Ascetic.A 06/12/04 W97.Saver.H to W97M.Saver.H 05/07/04 W97M.Anumps.A (dr) to IRC.Anumps.A 07/06/04 WM.Not_a_virus to WM.Schupfl 06/21/04 Worm.Automat.AHP to W32.Gorm@mm 07/07/04 X97M.Ainesey.C to O97M.Ainesey.C 08/24/04 Name Changes (sorted by Date changed): Old Virus Name New Virus Name Date changed -------------- -------------- ------------ Bin.Auto.CEV to Hypervisor.3141 09/06/04 X97M.Ainesey.C to O97M.Ainesey.C 08/24/04 Adware.NetOptimize.B to Adware.NetOptimizer.B 08/19/04 Adware Dropper to Adware.ClickDLoader 08/04/04 Trojan.Mits to W32.Mits.A@mm 07/25/04 Trojan.Wingle to Trojan.Mitglieder.M 07/23/04 W32.Beagle.AF@mm to W32.Mydoom.L@m 07/19/04 W32.Mydoom.L@m to W32.Mydoom.L@mm 07/19/04 W32.Poco to W32.Korgo.Y 07/13/04 Worm.Automat.AHP to W32.Gorm@mm 07/07/04 PWSteal.Tarno.E to PWSteal.Tarno.E 07/06/04 W32.LovGate.Z@mm to W32.Lovgate.Z@mm 07/06/04 W32.Mota.A to W32.Mota.A@mm 07/06/04 W97M.Anumps.A (dr) to IRC.Anumps.A 07/06/04 W32.Ainesey.A@mm (vbs) to W32.Ainesey.A@mm!vbs 06/30/04 W32.Korgo.H to W32.Korgo.I 06/29/04 W32.Korgo.I to W32.Korgo.N 06/29/04 W32.Korgo.M to W32.Korgo.S 06/28/04 W32.Korgo.N to W32.Korgo.T 06/28/04 W32.Korgo.O to W32.Korgo.U 06/28/04 W32.Korgo.Q to W32.Korgo.V 06/28/04 EPOC.Cabir to SymbOS.Cabir 06/21/04 JS.Offiz to Trojan.Offiz 06/21/04 WM.Not_a_virus to WM.Schupfl 06/21/04 Trojan.Ascetic.A to W32.Erkez.B@mm (2) 06/14/04 W32.Sober.H@mm to Trojan.Ascetic.A 06/12/04 O97M.Tristate.Variant to O97M.Tristate.B 06/04/04 W32.Netsup@mm to W32.Netsup.A@mm 05/31/04 PWSteal.Skobie.C to W32.Gaobot.ALV 05/25/04 W32.HLLW.Antinny.L to Trojan.Upbit 05/23/04 PWSteal.Skobie.B to Backdoor.Haxdoor.B 05/20/04 W32.Bobax.A to W32.Bobax.B 05/19/04 W32.Dumaru.AJ@mm to Backdoor.Nibu.F 05/18/04 PWSteal.Skobie to Spyware.SpyAgent 05/12/04 W97.Saver.H to W97M.Saver.H 05/07/04 Backdoor.Skobie.A to Spyware.FamilyKeylog 05/02/04 Trojan.Simcss.B to Adware.Slagent 04/26/04 W32.HLLW.Gearbug@mm to W32.Bugbros.B@mm 04/26/04 Backdoor.Sdbot.U to Backdoor.Sdbot.Y 04/23/04 Backdoor.Padodor to Backdoor.Berbew.D 04/21/04 W32.Mintop@mm to W32.Bigfairy.C@mm 04/19/04 W32.Randex.XU to Trojan.Niska 04/18/04 Deletions (sorted by Virus Name): Virus Name Infection Type Date removed ---------- -------------- ------------ Adware.ClickDLoader File infector 08/05/04 Adware.Clickbank File infector 08/05/04 Adware.FavBarCash File infector 08/05/04 Adware.Forbes File infector 08/31/04 Backdoor.Pcclient File infector 08/05/04 Backdoor.Zincite.A File infector 08/05/04 Hacktool.Servu.Exploit File infector 08/05/04 PWSteal.Lemir.Kit File infector 08/05/04 Trojan.Corem File infector 08/05/04 Trojan.Fewest File infector 08/05/04 Trojan.Minit File infector 08/05/04 W32.Evaman.C@mm File infector 08/05/04 W32.Forder File infector 08/05/04 W32.Fugo File infector 08/05/04 W32.Gugom File infector 08/05/04 W32.Jerem File infector 08/05/04 W32.Kadar File infector 08/05/04 W32.Korgo.AD File infector 08/18/04 W32.Lovgate.AK@mm File infector 08/05/04 W32.Mota.B@mm File infector 08/05/04 Deletions (sorted by Date removed): Virus Name Infection Type Date removed ---------- -------------- ------------ Adware.Forbes File infector 08/31/04 W32.Korgo.AD File infector 08/18/04 Adware.ClickDLoader File infector 08/05/04 Adware.Clickbank File infector 08/05/04 Adware.FavBarCash File infector 08/05/04 Backdoor.Pcclient File infector 08/05/04 Backdoor.Zincite.A File infector 08/05/04 Hacktool.Servu.Exploit File infector 08/05/04 PWSteal.Lemir.Kit File infector 08/05/04 Trojan.Corem File infector 08/05/04 Trojan.Fewest File infector 08/05/04 Trojan.Minit File infector 08/05/04 W32.Evaman.C@mm File infector 08/05/04 W32.Forder File infector 08/05/04 W32.Fugo File infector 08/05/04 W32.Gugom File infector 08/05/04 W32.Jerem File infector 08/05/04 W32.Kadar File infector 08/05/04 W32.Lovgate.AK@mm File infector 08/05/04 W32.Mota.B@mm File infector 08/05/04 ********************************************************************** ** Additional Information ** ********************************************************************** Additional information regarding this virus definitions update can be found in UPDATE.TXT and TECHNOTE.TXT.