********************************************************************** ** ** ** What's New in the NAV Virus Definitions Files WHATSNEW.TXT ** ** ** ** Symantec Security Response November 11, 2004 ** ** ** ********************************************************************** This document contains the following topics: * Virus Alerts * Changes Incorporated Into This Update * Additional Information ********************************************************************** ** Virus Alerts ** ********************************************************************** The ten most commonly reported viruses for September 2004, worldwide: 1 Trojan Horse 2 Download.Trojan 3 W32.Netsky.P@mm 4 W32.HLLW.Gaobot.gen 5 W32.Spybot.Worm 6 W32.Mydoom.M@mm 7 W32.Beagle.X@mm 8 W32.Sasser.B.Worm 9 W32.Netsky.C@mm 10 W32.Netsky.D@mm ********************************************************************** ** Changes Incorporated Into This Virus Definitions Update ** ********************************************************************** New virus definitions (sorted by Virus Name): Virus Name Infection Type Date added ---------- -------------- --------- Adware.Binet.DL File infector 11/01/04 Adware.BrowserPal File infector 11/09/04 Adware.CKWMin File infector 11/05/04 Adware.EZSearch.B File infector 11/06/04 Adware.Fastfind.B File infector 11/02/04 Adware.IntDel File infector 10/29/04 Adware.MXTarget File infector 11/04/04 Adware.MXTarget.B File infector 11/04/04 Adware.Minibug File infector 11/08/04 Adware.Safesearch.B File infector 11/03/04 Adware.Safesearch.C File infector 11/04/04 Adware.Surebar File infector 11/05/04 Adware.Twaintec File infector 11/04/04 Adware.Twaintec.B File infector 11/04/04 Adware.Umaxsearch File infector 11/04/04 Adware.Weatherbug File infector 11/09/04 Backdoor.Alnica File infector 11/02/04 Backdoor.Futro File infector 10/27/04 Backdoor.Hacarmy.F File infector 11/04/04 Backdoor.IRC.Bifrut File infector 11/08/04 Backdoor.Maxload File infector 11/04/04 Backdoor.Ranky.J File infector 10/28/04 Backdoor.Ranky.K File infector 10/28/04 Backdoor.Ranky.L File infector 11/04/04 Backdoor.Singu.B File infector 10/28/04 Bloodhound.Exploit.18 File infector 11/08/04 Bloodhound.Packed File infector 11/04/04 Dialer.Antispy File infector 11/05/04 Dialer.PassePartout File infector 10/28/04 Dialer.Yeaknet File infector 11/01/04 Hacktool.Ariskkey File infector 11/10/04 Hacktool.Clearlogs File infector 10/28/04 Hacktool.Nibor File infector 10/27/04 Hacktool.PRecovery File infector 11/10/04 Heur3.SanPedro.AVQA File infector 11/04/04 JS.Trojan.WindowBomb.B File infector 11/04/04 JS.WindowBomb.B File infector 11/08/04 Linux.Nel.A File infector 10/28/04 Linux.Neox.A File infector 10/28/04 Linux.Zone.A File infector 10/28/04 Packed.Adware File infector 11/04/04 Packed.Dialer File infector 11/04/04 Packed.Hacktool File infector 11/04/04 Packed.Joke File infector 11/04/04 Packed.RemoteAccess File infector 11/04/04 Packed.SecurityRiskOff File infector 11/04/04 Packed.SecurityRiskOn File infector 11/04/04 Packed.Spyware File infector 11/04/04 Packed.Trackware File infector 11/04/04 Spyware.InvisibleKey.B File infector 11/07/04 Spyware.RemoteKey File infector 11/09/04 Spyware.Starr File infector 11/10/04 Spyware.Supaseek File infector 10/28/04 Spyware.TwoSeven File infector 11/08/04 Spyware.WindowsKey File infector 11/05/04 Trojan.Beagooz File infector 11/05/04 Trojan.Beagooz.B File infector 11/08/04 Trojan.Beagooz.C File infector 11/08/04 Trojan.Beagooz.D File infector 11/10/04 Trojan.Disabler File infector 10/28/04 Trojan.Ducky.C File infector 10/30/04 Trojan.Minuka File infector 11/11/04 Trojan.Moo.B File infector 11/10/04 VBS.Midfin@mm File infector 11/08/04 VBS.Yeno.B@mm File infector 11/01/04 VBS.Yeno.C@mm File infector 11/01/04 W32.Anuir File infector 11/04/04 W32.Bagz.F@mm File infector 10/27/04 W32.Bagz.H@mm File infector 11/02/04 W32.Baklan File infector 11/04/04 W32.Bakna File infector 11/04/04 W32.Beagle.AU@mm File infector 10/29/04 W32.Beagle.AV@mm File infector 10/29/04 W32.Beagle.AW@mm File infector 10/29/04 W32.Beagle@mm!cpl File infector 10/29/04 W32.Berlity@mm File infector 11/07/04 W32.Bluback File infector 11/04/04 W32.Bushlo@mm File infector 11/05/04 W32.Caran File infector 11/07/04 W32.Cerberus.A File infector 11/09/04 W32.Chilly@mm File infector 11/05/04 W32.Compan File infector 11/04/04 W32.Croking File infector 11/04/04 W32.Darif File infector 11/04/04 W32.Gads File infector 11/04/04 W32.Gaobot.BQJ File infector 11/08/04 W32.Gluter@mm File infector 11/05/04 W32.Josam.Worm File infector 11/03/04 W32.Linkbot.A File infector 11/05/04 W32.Mydoom.AH@mm File infector 11/08/04 W32.Mydoom.AI@mm File infector 11/09/04 W32.Mydoom.AJ@mm File infector 11/10/04 W32.Mydoom.AK@mm File infector 11/11/04 W32.Ogga File infector 11/07/04 W32.Preder File infector 11/04/04 W32.Randex.BTB File infector 11/07/04 W32.Scard File infector 11/10/04 W32.Shodi.D File infector 11/03/04 W32.Tehni File infector 11/04/04 X97M.Avone.A File infector 11/05/04 New virus definitions (sorted by Date added): Virus Name Infection Type Date added ---------- -------------- ---------- Trojan.Minuka File infector 11/11/04 W32.Mydoom.AK@mm File infector 11/11/04 Hacktool.Ariskkey File infector 11/10/04 Hacktool.PRecovery File infector 11/10/04 Spyware.Starr File infector 11/10/04 Trojan.Beagooz.D File infector 11/10/04 Trojan.Moo.B File infector 11/10/04 W32.Mydoom.AJ@mm File infector 11/10/04 W32.Scard File infector 11/10/04 Adware.BrowserPal File infector 11/09/04 Adware.Weatherbug File infector 11/09/04 Spyware.RemoteKey File infector 11/09/04 W32.Cerberus.A File infector 11/09/04 W32.Mydoom.AI@mm File infector 11/09/04 Adware.Minibug File infector 11/08/04 Backdoor.IRC.Bifrut File infector 11/08/04 Bloodhound.Exploit.18 File infector 11/08/04 JS.WindowBomb.B File infector 11/08/04 Spyware.TwoSeven File infector 11/08/04 Trojan.Beagooz.B File infector 11/08/04 Trojan.Beagooz.C File infector 11/08/04 VBS.Midfin@mm File infector 11/08/04 W32.Gaobot.BQJ File infector 11/08/04 W32.Mydoom.AH@mm File infector 11/08/04 Spyware.InvisibleKey.B File infector 11/07/04 W32.Berlity@mm File infector 11/07/04 W32.Caran File infector 11/07/04 W32.Ogga File infector 11/07/04 W32.Randex.BTB File infector 11/07/04 Adware.EZSearch.B File infector 11/06/04 Adware.CKWMin File infector 11/05/04 Adware.Surebar File infector 11/05/04 Dialer.Antispy File infector 11/05/04 Spyware.WindowsKey File infector 11/05/04 Trojan.Beagooz File infector 11/05/04 W32.Bushlo@mm File infector 11/05/04 W32.Chilly@mm File infector 11/05/04 W32.Gluter@mm File infector 11/05/04 W32.Linkbot.A File infector 11/05/04 X97M.Avone.A File infector 11/05/04 Adware.MXTarget File infector 11/04/04 Adware.MXTarget.B File infector 11/04/04 Adware.Safesearch.C File infector 11/04/04 Adware.Twaintec File infector 11/04/04 Adware.Twaintec.B File infector 11/04/04 Adware.Umaxsearch File infector 11/04/04 Backdoor.Hacarmy.F File infector 11/04/04 Backdoor.Maxload File infector 11/04/04 Backdoor.Ranky.L File infector 11/04/04 Bloodhound.Packed File infector 11/04/04 Heur3.SanPedro.AVQA File infector 11/04/04 JS.Trojan.WindowBomb.B File infector 11/04/04 Packed.Adware File infector 11/04/04 Packed.Dialer File infector 11/04/04 Packed.Hacktool File infector 11/04/04 Packed.Joke File infector 11/04/04 Packed.RemoteAccess File infector 11/04/04 Packed.SecurityRiskOff File infector 11/04/04 Packed.SecurityRiskOn File infector 11/04/04 Packed.Spyware File infector 11/04/04 Packed.Trackware File infector 11/04/04 W32.Anuir File infector 11/04/04 W32.Baklan File infector 11/04/04 W32.Bakna File infector 11/04/04 W32.Bluback File infector 11/04/04 W32.Compan File infector 11/04/04 W32.Croking File infector 11/04/04 W32.Darif File infector 11/04/04 W32.Gads File infector 11/04/04 W32.Preder File infector 11/04/04 W32.Tehni File infector 11/04/04 Adware.Safesearch.B File infector 11/03/04 W32.Josam.Worm File infector 11/03/04 W32.Shodi.D File infector 11/03/04 Adware.Fastfind.B File infector 11/02/04 Backdoor.Alnica File infector 11/02/04 W32.Bagz.H@mm File infector 11/02/04 Adware.Binet.DL File infector 11/01/04 Dialer.Yeaknet File infector 11/01/04 VBS.Yeno.B@mm File infector 11/01/04 VBS.Yeno.C@mm File infector 11/01/04 Trojan.Ducky.C File infector 10/30/04 Adware.IntDel File infector 10/29/04 W32.Beagle.AU@mm File infector 10/29/04 W32.Beagle.AV@mm File infector 10/29/04 W32.Beagle.AW@mm File infector 10/29/04 W32.Beagle@mm!cpl File infector 10/29/04 Backdoor.Ranky.J File infector 10/28/04 Backdoor.Ranky.K File infector 10/28/04 Backdoor.Singu.B File infector 10/28/04 Dialer.PassePartout File infector 10/28/04 Hacktool.Clearlogs File infector 10/28/04 Linux.Nel.A File infector 10/28/04 Linux.Neox.A File infector 10/28/04 Linux.Zone.A File infector 10/28/04 Spyware.Supaseek File infector 10/28/04 Trojan.Disabler File infector 10/28/04 Backdoor.Futro File infector 10/27/04 Hacktool.Nibor File infector 10/27/04 W32.Bagz.F@mm File infector 10/27/04 Name Changes (sorted by Old Virus Name): Old Virus Name New Virus Name Date changed -------------- -------------- ------------ Backdoor.Badcon to W32.Netsky.AE@mm!enc 10/26/04 Hacktool.Openerscript to MacOS.Renepo.B 10/22/04 JS.Trojan.WindowBomb.B to JS.WindowBomb.B 11/04/04 Js.Trojan.WindowBomb to JS.WindowBomb 11/04/04 MacOS.Renepo.A to SH.Renepo.A 10/25/04 MacOS.Renepo.B to SH.Renepo.B 10/25/04 PWSteal.IBank to PWSteal.Revcuss.B 09/23/04 PWSteal.Safewin to PWSteal.Focosenha 09/30/04 Spyware.NDotNet to Spyware.QuickSearch 10/21/04 Trojan.Download.Moo to Trojan.Moo 09/28/04 Trojan.Xilon to W32.Xilon.Trojan 10/26/04 W32.Badcon.A to Backdoor.Sdbot.AA 09/13/04 W32.Badcon.B to Backdoor.Sdbot.AB 09/15/04 W32.Cerberus.A to W32.Orpheus.A 11/09/04 W32.Fili@mm to W32.Fili.A@mm 10/11/04 W32.HLLW.Zusha to W32.Zusha 09/14/04 W32.Hamet to W32.Auril 10/07/04 W32.Laorenshen.Trojan to Trojan.Laorenshen 10/19/04 W32.Netsky.AE@mm to W32.Buchon.A@mm 10/22/04 W32.Sophily to W32.Philis.C 10/18/04 W32.Subit.3331 to W32.Subit 09/24/04 W32.Sykel to W32.Multex.B 09/14/04 W32.Syphilo to W32.Sophily 10/15/04 W32.Watsoon.A to Trojan.Watsoon.A 10/27/04 W32.Whiter.Trojan to Trojan.Whiter 11/09/04 W32.Xilon.Trojan to Trojan.Xilon 10/26/04 W32.Zusha to W32.Aizu 09/14/04 Name Changes (sorted by Date changed): Old Virus Name New Virus Name Date changed -------------- -------------- ------------ W32.Cerberus.A to W32.Orpheus.A 11/09/04 W32.Whiter.Trojan to Trojan.Whiter 11/09/04 JS.Trojan.WindowBomb.B to JS.WindowBomb.B 11/04/04 Js.Trojan.WindowBomb to JS.WindowBomb 11/04/04 W32.Watsoon.A to Trojan.Watsoon.A 10/27/04 Backdoor.Badcon to W32.Netsky.AE@mm!enc 10/26/04 Trojan.Xilon to W32.Xilon.Trojan 10/26/04 W32.Xilon.Trojan to Trojan.Xilon 10/26/04 MacOS.Renepo.A to SH.Renepo.A 10/25/04 MacOS.Renepo.B to SH.Renepo.B 10/25/04 Hacktool.Openerscript to MacOS.Renepo.B 10/22/04 W32.Netsky.AE@mm to W32.Buchon.A@mm 10/22/04 Spyware.NDotNet to Spyware.QuickSearch 10/21/04 W32.Laorenshen.Trojan to Trojan.Laorenshen 10/19/04 W32.Sophily to W32.Philis.C 10/18/04 W32.Syphilo to W32.Sophily 10/15/04 W32.Fili@mm to W32.Fili.A@mm 10/11/04 W32.Hamet to W32.Auril 10/07/04 PWSteal.Safewin to PWSteal.Focosenha 09/30/04 Trojan.Download.Moo to Trojan.Moo 09/28/04 W32.Subit.3331 to W32.Subit 09/24/04 PWSteal.IBank to PWSteal.Revcuss.B 09/23/04 W32.Badcon.B to Backdoor.Sdbot.AB 09/15/04 W32.HLLW.Zusha to W32.Zusha 09/14/04 W32.Sykel to W32.Multex.B 09/14/04 W32.Zusha to W32.Aizu 09/14/04 W32.Badcon.A to Backdoor.Sdbot.AA 09/13/04 Deletions (sorted by Virus Name): Virus Name Infection Type Date removed ---------- -------------- ------------ Adware.CKWMin File infector 11/08/04 Adware.EZSearch.B File infector 11/08/04 Adware.Surebar File infector 11/08/04 Backdoor.IRC.Bifrut File infector 11/08/04 Bloodhound.Packed File infector 11/08/04 Bloodhound.Packed.1 File infector 11/08/04 Bloodhound.Packed.2 File infector 11/08/04 Bloodhound.Packed.3 File infector 11/08/04 Dialer.Antispy File infector 11/08/04 Heur1.SanPedro.AVQA File infector 11/08/04 Heur2.SanPedro.AVQA File infector 11/08/04 Heur3.SanPedro.AVQA File infector 11/08/04 JS.WindowBomb.B File infector 11/08/04 Packed.Adware File infector 11/08/04 Packed.Dialer File infector 11/08/04 Packed.Hacktool File infector 11/08/04 Packed.Joke File infector 11/08/04 Packed.RemoteAccess File infector 11/08/04 Packed.SecurityRiskOff File infector 11/08/04 Packed.SecurityRiskOn File infector 11/08/04 Deletions (sorted by Date removed): Virus Name Infection Type Date removed ---------- -------------- ------------ Adware.CKWMin File infector 11/08/04 Adware.EZSearch.B File infector 11/08/04 Adware.Surebar File infector 11/08/04 Backdoor.IRC.Bifrut File infector 11/08/04 Bloodhound.Packed File infector 11/08/04 Bloodhound.Packed.1 File infector 11/08/04 Bloodhound.Packed.2 File infector 11/08/04 Bloodhound.Packed.3 File infector 11/08/04 Dialer.Antispy File infector 11/08/04 Heur1.SanPedro.AVQA File infector 11/08/04 Heur2.SanPedro.AVQA File infector 11/08/04 Heur3.SanPedro.AVQA File infector 11/08/04 JS.WindowBomb.B File infector 11/08/04 Packed.Adware File infector 11/08/04 Packed.Dialer File infector 11/08/04 Packed.Hacktool File infector 11/08/04 Packed.Joke File infector 11/08/04 Packed.RemoteAccess File infector 11/08/04 Packed.SecurityRiskOff File infector 11/08/04 Packed.SecurityRiskOn File infector 11/08/04 ********************************************************************** ** Additional Information ** ********************************************************************** Additional information regarding this virus definitions update can be found in UPDATE.TXT and TECHNOTE.TXT.