********************************************************************** ** ** ** What's New in the NAV Virus Definitions Files WHATSNEW.TXT ** ** ** ** Symantec Security Response September 12, 2005 ** ** ** ********************************************************************** This document contains the following topics: * Virus Alerts * Changes Incorporated Into This Update * Additional Information ********************************************************************** ** Virus Alerts ** ********************************************************************** The ten most commonly reported viruses for May 2005, worldwide: 1 W32.Sober.O@mm 2 Trojan.Tooso.F 3 W32.Netsky.P@mm 4 Trojan.Vundo.B 5 Trojan.ByteVerify 6 W32.Spybot.Worm 7 W32.HLLW.Gaobot 8 PWSteal.Lemir.Gen 9 VBS.Redlof.A 10 PWSteal.Lineage ********************************************************************** ** Changes Incorporated Into This Virus Definitions Update ** ********************************************************************** New virus definitions (sorted by Virus Name): Virus Name Infection Type Date added ---------- -------------- --------- ASP.Silky File infector 08/16/05 Adware.180Solutions File infector 09/06/05 Adware.BlockChecker File infector 08/25/05 Adware.Bullseye File infector 09/09/05 Adware.CashBackBuddy File infector 09/09/05 Adware.DateManager File infector 08/16/05 Adware.Eziin File infector 09/07/05 Adware.GatorEWallet File infector 08/17/05 Adware.Idocha File infector 08/18/05 Adware.NaviSearch File infector 09/09/05 Adware.PrecisionTime File infector 08/16/05 Adware.SideFind File infector 09/05/05 Adware.SystemProcess File infector 08/25/05 Adware.YourSiteBar File infector 09/05/05 Adware.ZQuest File infector 08/17/05 BAT.Cobat!p2p File infector 08/29/05 BAT.Hobat.A@mm File infector 08/29/05 Backdoor.Darkmoon File infector 08/19/05 Backdoor.Graybird.O File infector 08/31/05 Backdoor.Graybird.P File infector 09/05/05 Backdoor.Graybird.Q File infector 09/11/05 Backdoor.IRC.Litebot File infector 08/23/05 Backdoor.Mepcod File infector 08/24/05 Backdoor.Tixanbot File infector 08/22/05 Joke.Restart File infector 09/02/05 Joke.ScreenFlasher File infector 09/02/05 PWSteal.Drorar File infector 09/12/05 PWSteal.Flecsip.B File infector 08/23/05 PWSteal.Reoxtan File infector 09/05/05 Perl.Santy.D File infector 08/29/05 Spyware.ComSpySysSvr File infector 08/23/05 Spyware.ElpowKeylogger File infector 09/07/05 SymbOS.Doomboot.D File infector 09/07/05 Trojan.Axidon File infector 08/23/05 Trojan.Cdtray File infector 08/30/05 Trojan.Elitebar File infector 08/30/05 Trojan.Exphook File infector 08/30/05 Trojan.Flush.E File infector 09/02/05 Trojan.Gargafx File infector 09/01/05 Trojan.Hugesot File infector 09/11/05 Trojan.ISTsvc File infector 09/05/05 Trojan.Rohoteng File infector 09/12/05 Trojan.Schoeberl File infector 09/12/05 Trojan.SuperSpider File infector 09/06/05 Trojan.Tooso.M File infector 09/09/05 Trojan.Tooso.N File infector 09/12/05 Trojan.Webus.I File infector 08/27/05 VBS.Geven File infector 08/29/05 VBS.Mevol.A File infector 08/29/05 VBS.Nirl.A@mm File infector 08/29/05 VBS.Nugi.B File infector 08/29/05 VBS.Puber@mm File infector 08/29/05 VBS.Pwac.A!p2p File infector 08/29/05 VBS.Triny.A@mm File infector 08/29/05 VBS.Waap File infector 08/17/05 W32.Agker!p2p File infector 08/29/05 W32.Barin@mm File infector 09/01/05 W32.Bobax!dr File infector 08/30/05 W32.Bobax!gen File infector 09/07/05 W32.Bobax.AH@mm File infector 08/29/05 W32.Bobax.AJ@mm File infector 09/07/05 W32.Esbot.B File infector 08/17/05 W32.Esbot.C File infector 08/22/05 W32.Gaobot.DXO File infector 08/22/05 W32.Guapim File infector 08/23/05 W32.Gupung!p2p File infector 08/29/05 W32.Gypet File infector 09/01/05 W32.Julikz File infector 09/01/05 W32.Karza File infector 09/01/05 W32.Kassbot.C File infector 08/17/05 W32.Lerpa@mm File infector 09/02/05 W32.Mailbancos@mm File infector 09/01/05 W32.Mytob.JF@mm File infector 08/25/05 W32.Mytob.JH@mm File infector 08/29/05 W32.Mytob.JI@mm File infector 09/09/05 W32.Reatle.I@mm File infector 08/25/05 W32.Ruland.A@mm File infector 08/23/05 W32.Sinco File infector 09/01/05 W32.Spybot.UOL File infector 08/22/05 W32.Spybot.WOE File infector 09/06/05 W32.Spybot.WON File infector 09/07/05 W32.Starimp File infector 09/12/05 W32.Theals.A@mm File infector 09/01/05 W32.Zotob.F File infector 08/17/05 W32.Zotob.G File infector 08/17/05 W32.Zotob.H File infector 08/17/05 W32.Zotob.I File infector 08/21/05 W32.Zotob.J@mm File infector 08/23/05 W32.Zotob.K File infector 08/24/05 W32.Zotob.L File infector 08/25/05 W97M.Anisc.B File infector 08/31/05 W97M.DebilByte.C File infector 08/18/05 W97M.Dranus File infector 09/05/05 W97M.Lunedo File infector 09/05/05 W97M.Netsnak File infector 08/18/05 W97M.Nometz.A File infector 09/01/05 W97M.Skdb.A File infector 08/18/05 W97M.Tutka File infector 08/18/05 W97M.Wafi.A File infector 08/18/05 X97M.Jasmine.B File infector 08/18/05 New virus definitions (sorted by Date added): Virus Name Infection Type Date added ---------- -------------- ---------- PWSteal.Drorar File infector 09/12/05 Trojan.Rohoteng File infector 09/12/05 Trojan.Schoeberl File infector 09/12/05 Trojan.Tooso.N File infector 09/12/05 W32.Starimp File infector 09/12/05 Backdoor.Graybird.Q File infector 09/11/05 Trojan.Hugesot File infector 09/11/05 Adware.Bullseye File infector 09/09/05 Adware.CashBackBuddy File infector 09/09/05 Adware.NaviSearch File infector 09/09/05 Trojan.Tooso.M File infector 09/09/05 W32.Mytob.JI@mm File infector 09/09/05 Adware.Eziin File infector 09/07/05 Spyware.ElpowKeylogger File infector 09/07/05 SymbOS.Doomboot.D File infector 09/07/05 W32.Bobax!gen File infector 09/07/05 W32.Bobax.AJ@mm File infector 09/07/05 W32.Spybot.WON File infector 09/07/05 Adware.180Solutions File infector 09/06/05 Trojan.SuperSpider File infector 09/06/05 W32.Spybot.WOE File infector 09/06/05 Adware.SideFind File infector 09/05/05 Adware.YourSiteBar File infector 09/05/05 Backdoor.Graybird.P File infector 09/05/05 PWSteal.Reoxtan File infector 09/05/05 Trojan.ISTsvc File infector 09/05/05 W97M.Dranus File infector 09/05/05 W97M.Lunedo File infector 09/05/05 Joke.Restart File infector 09/02/05 Joke.ScreenFlasher File infector 09/02/05 Trojan.Flush.E File infector 09/02/05 W32.Lerpa@mm File infector 09/02/05 Trojan.Gargafx File infector 09/01/05 W32.Barin@mm File infector 09/01/05 W32.Gypet File infector 09/01/05 W32.Julikz File infector 09/01/05 W32.Karza File infector 09/01/05 W32.Mailbancos@mm File infector 09/01/05 W32.Sinco File infector 09/01/05 W32.Theals.A@mm File infector 09/01/05 W97M.Nometz.A File infector 09/01/05 Backdoor.Graybird.O File infector 08/31/05 W97M.Anisc.B File infector 08/31/05 Trojan.Cdtray File infector 08/30/05 Trojan.Elitebar File infector 08/30/05 Trojan.Exphook File infector 08/30/05 W32.Bobax!dr File infector 08/30/05 BAT.Cobat!p2p File infector 08/29/05 BAT.Hobat.A@mm File infector 08/29/05 Perl.Santy.D File infector 08/29/05 VBS.Geven File infector 08/29/05 VBS.Mevol.A File infector 08/29/05 VBS.Nirl.A@mm File infector 08/29/05 VBS.Nugi.B File infector 08/29/05 VBS.Puber@mm File infector 08/29/05 VBS.Pwac.A!p2p File infector 08/29/05 VBS.Triny.A@mm File infector 08/29/05 W32.Agker!p2p File infector 08/29/05 W32.Bobax.AH@mm File infector 08/29/05 W32.Gupung!p2p File infector 08/29/05 W32.Mytob.JH@mm File infector 08/29/05 Trojan.Webus.I File infector 08/27/05 Adware.BlockChecker File infector 08/25/05 Adware.SystemProcess File infector 08/25/05 W32.Mytob.JF@mm File infector 08/25/05 W32.Reatle.I@mm File infector 08/25/05 W32.Zotob.L File infector 08/25/05 Backdoor.Mepcod File infector 08/24/05 W32.Zotob.K File infector 08/24/05 Backdoor.IRC.Litebot File infector 08/23/05 PWSteal.Flecsip.B File infector 08/23/05 Spyware.ComSpySysSvr File infector 08/23/05 Trojan.Axidon File infector 08/23/05 W32.Guapim File infector 08/23/05 W32.Ruland.A@mm File infector 08/23/05 W32.Zotob.J@mm File infector 08/23/05 Backdoor.Tixanbot File infector 08/22/05 W32.Esbot.C File infector 08/22/05 W32.Gaobot.DXO File infector 08/22/05 W32.Spybot.UOL File infector 08/22/05 W32.Zotob.I File infector 08/21/05 Backdoor.Darkmoon File infector 08/19/05 Adware.Idocha File infector 08/18/05 W97M.DebilByte.C File infector 08/18/05 W97M.Netsnak File infector 08/18/05 W97M.Skdb.A File infector 08/18/05 W97M.Tutka File infector 08/18/05 W97M.Wafi.A File infector 08/18/05 X97M.Jasmine.B File infector 08/18/05 Adware.GatorEWallet File infector 08/17/05 Adware.ZQuest File infector 08/17/05 VBS.Waap File infector 08/17/05 W32.Esbot.B File infector 08/17/05 W32.Kassbot.C File infector 08/17/05 W32.Zotob.F File infector 08/17/05 W32.Zotob.G File infector 08/17/05 W32.Zotob.H File infector 08/17/05 ASP.Silky File infector 08/16/05 Adware.DateManager File infector 08/16/05 Adware.PrecisionTime File infector 08/16/05 Name Changes (sorted by Old Virus Name): Old Virus Name New Virus Name Date changed -------------- -------------- ------------ Adware.BroadcastPC.B to Adware.Broadcastpc.b 08/25/05 Adware.Clickbank to Adware.FakeMessage 08/22/05 Adware.NavHelper to SecurityRisk.NavHelper 05/23/05 Alaper.c.ow to Alaper.C.ow 06/07/05 Backdoor.Jupillites to Trojan.Jupillites 08/01/05 Backdoor.Omed to Backdoor.SmokeDown 06/03/05 Backdoor.Omed.B to Backdoor.SmokeDown.B 06/03/05 Backdoor.Sdbot.AR to Backdoor.Sdbot.AR!dr 06/08/05 Backdoor.Tdiserv to W32.Tdiserv.A 06/22/05 Bin.Auto.CJK to Warfair.2553 06/22/05 HLLP.13804 to HLLP.Pepe 06/09/05 HLLP.Nolon to HLLP.Nolon.gen 07/08/05 Intended.Zorm.458 to Zorm.458 07/06/05 Intended.Zorm.464 to Zorm.464 07/06/05 Intended.Zorm.495 to Zorm.495 07/06/05 Java.NastyBrew.A to Java.Nastybrew.A 05/26/05 Ksenia.5000.a to Ksenia.5000.A 06/07/05 PWSteal.JGinko to PWSteal.Jginko 07/09/05 SME.Heurist.941 to SME.Heurist 06/06/05 Spyware.Alexa to Trackware.Alexa 07/19/05 Spyware.FKWPKeylog to Hacktool.FKWPKeylog 08/18/05 Spyware.RXToolbar to Adware.RXToolbar 05/12/05 Spyware.SearchNugget to Adware.SearchNugget 06/01/05 Trivial.42.p to Trivial.42.P 06/07/05 Trivial.ow.21.a to Trivial.ow.21.A 06/07/05 Trojan.Axidon to W32.Kelvir.HI 08/24/05 Trojan.Cmapp to Trojan.cmapp 08/12/05 Trojan.Feutel to Backdoor.Graybird.K 05/27/05 Trojan.Feutel.B to Backdoor.Graybird.L 05/27/05 Trojan.Mochi to Trojan.Chimo.B 05/04/05 Trojan.Pgpcoder to Trojan.Gpcoder 05/27/05 Trojan.Redop to Trojan.Gpcoder.B 05/31/05 Trojan.Rona to Trojan.Hotword.B 05/31/05 Trojan.Zhopa to Trojan.Zlob 05/26/05 Trojan.cmapp to Trojan.Cmapp 08/11/05 VBS.Minceme to W97M.Minceme!src 06/07/05 Vienna.353.a to Vienna.353.A 06/07/05 W32.Bizten to Trojan.Bizten 05/06/05 W32.Bobax.AA to W32.Bobax.AA@mm 08/01/05 W32.Bobax.AA@mm to W32.Bobax.AA 08/01/05 W32.Bobax.Z to W32.Bobax.Z@mm 06/03/05 W32.Falus.A to W32.Falsu.A 08/01/05 W32.Gavgent.A@mm to W32.Gavgent.A 07/21/05 W32.Incef to W32.Falus.A 08/01/05 W32.Kelvir.FN to Trojan.Kirvo 07/18/05 W32.Mytob.CD@mm to W32.Mydoom.BT@mm 05/14/05 W32.Mytob.EK@mm to W32.Mytob.EK@mm 06/22/05 W32.Sober.P@mm to Trojan.Ascetic.C 05/16/05 W32.Stubbot.A to W32.Stubbot.A@mm 05/19/05 W32.Zotob.C to W32.Zotob.C@mm 08/16/05 Name Changes (sorted by Date changed): Old Virus Name New Virus Name Date changed -------------- -------------- ------------ Adware.BroadcastPC.B to Adware.Broadcastpc.b 08/25/05 Trojan.Axidon to W32.Kelvir.HI 08/24/05 Adware.Clickbank to Adware.FakeMessage 08/22/05 Spyware.FKWPKeylog to Hacktool.FKWPKeylog 08/18/05 W32.Zotob.C to W32.Zotob.C@mm 08/16/05 Trojan.Cmapp to Trojan.cmapp 08/12/05 Trojan.cmapp to Trojan.Cmapp 08/11/05 Backdoor.Jupillites to Trojan.Jupillites 08/01/05 W32.Bobax.AA to W32.Bobax.AA@mm 08/01/05 W32.Bobax.AA@mm to W32.Bobax.AA 08/01/05 W32.Falus.A to W32.Falsu.A 08/01/05 W32.Incef to W32.Falus.A 08/01/05 W32.Gavgent.A@mm to W32.Gavgent.A 07/21/05 Spyware.Alexa to Trackware.Alexa 07/19/05 W32.Kelvir.FN to Trojan.Kirvo 07/18/05 PWSteal.JGinko to PWSteal.Jginko 07/09/05 HLLP.Nolon to HLLP.Nolon.gen 07/08/05 Intended.Zorm.458 to Zorm.458 07/06/05 Intended.Zorm.464 to Zorm.464 07/06/05 Intended.Zorm.495 to Zorm.495 07/06/05 Backdoor.Tdiserv to W32.Tdiserv.A 06/22/05 Bin.Auto.CJK to Warfair.2553 06/22/05 W32.Mytob.EK@mm to W32.Mytob.EK@mm 06/22/05 HLLP.13804 to HLLP.Pepe 06/09/05 Backdoor.Sdbot.AR to Backdoor.Sdbot.AR!dr 06/08/05 Alaper.c.ow to Alaper.C.ow 06/07/05 Ksenia.5000.a to Ksenia.5000.A 06/07/05 Trivial.42.p to Trivial.42.P 06/07/05 Trivial.ow.21.a to Trivial.ow.21.A 06/07/05 VBS.Minceme to W97M.Minceme!src 06/07/05 Vienna.353.a to Vienna.353.A 06/07/05 SME.Heurist.941 to SME.Heurist 06/06/05 Backdoor.Omed to Backdoor.SmokeDown 06/03/05 Backdoor.Omed.B to Backdoor.SmokeDown.B 06/03/05 W32.Bobax.Z to W32.Bobax.Z@mm 06/03/05 Spyware.SearchNugget to Adware.SearchNugget 06/01/05 Trojan.Redop to Trojan.Gpcoder.B 05/31/05 Trojan.Rona to Trojan.Hotword.B 05/31/05 Trojan.Feutel to Backdoor.Graybird.K 05/27/05 Trojan.Feutel.B to Backdoor.Graybird.L 05/27/05 Trojan.Pgpcoder to Trojan.Gpcoder 05/27/05 Java.NastyBrew.A to Java.Nastybrew.A 05/26/05 Trojan.Zhopa to Trojan.Zlob 05/26/05 Adware.NavHelper to SecurityRisk.NavHelper 05/23/05 W32.Stubbot.A to W32.Stubbot.A@mm 05/19/05 W32.Sober.P@mm to Trojan.Ascetic.C 05/16/05 W32.Mytob.CD@mm to W32.Mydoom.BT@mm 05/14/05 Spyware.RXToolbar to Adware.RXToolbar 05/12/05 W32.Bizten to Trojan.Bizten 05/06/05 Trojan.Mochi to Trojan.Chimo.B 05/04/05 Deletions (sorted by Virus Name): Virus Name Infection Type Date removed ---------- -------------- ------------ Adware.BrowserVillage File infector 08/12/05 Adware.EliteBar File infector 08/30/05 Adware.SuperSpider File infector 09/06/05 Backdoor.Haxdoor.E File infector 08/01/05 Backdoor.Microkos File infector 08/12/05 Bloodhound.Morphine File infector 08/01/05 Linux.Tarog File infector 08/12/05 MSIL.Infatch File infector 08/12/05 PWSteal.Wowcraft File infector 08/01/05 Persecute.3375 File infector 08/01/05 Tricks.256 File infector 08/01/05 Trojan.Commancy File infector 08/12/05 Trojan.ISTsvc File infector 09/11/05 Trojan.Idocha File infector 08/18/05 Trojan.Pistmi File infector 08/12/05 Trojan.Tooso.L File infector 08/12/05 W32.Beagle.CE@mm File infector 08/12/05 W32.Bruning File infector 08/12/05 W32.Kassbot.C File infector 08/17/05 W32.Torka@mm File infector 08/12/05 Deletions (sorted by Date removed): Virus Name Infection Type Date removed ---------- -------------- ------------ Trojan.ISTsvc File infector 09/11/05 Adware.SuperSpider File infector 09/06/05 Adware.EliteBar File infector 08/30/05 Trojan.Idocha File infector 08/18/05 W32.Kassbot.C File infector 08/17/05 Adware.BrowserVillage File infector 08/12/05 Backdoor.Microkos File infector 08/12/05 Linux.Tarog File infector 08/12/05 MSIL.Infatch File infector 08/12/05 Trojan.Commancy File infector 08/12/05 Trojan.Pistmi File infector 08/12/05 Trojan.Tooso.L File infector 08/12/05 W32.Beagle.CE@mm File infector 08/12/05 W32.Bruning File infector 08/12/05 W32.Torka@mm File infector 08/12/05 Backdoor.Haxdoor.E File infector 08/01/05 Bloodhound.Morphine File infector 08/01/05 PWSteal.Wowcraft File infector 08/01/05 Persecute.3375 File infector 08/01/05 Tricks.256 File infector 08/01/05 ********************************************************************** ** Additional Information ** ********************************************************************** Additional information regarding this virus definitions update can be found in UPDATE.TXT and TECHNOTE.TXT.