[New Info]
I obtained a sample of this malware. I went to Download.com and downloaded free trial versions of Norton Anti-Virus and Kaspersky Anti-virus.

Norton's 6/22/2005 virus definition library misses this malware.

Kaspersky catches and quarantines it.

Here's where I got the 30-day trial version of Kaspersky AV:
http://www.download.com/3120-20_4-0.html?qt=kaspersky

It's called Worm.Win32.VB.an, also known as the "AN Worm" or the "Zodiak Worm".

Let everyone know if you find other ant-virus scanners that detect this worm.

[End of New Info]

I sent an email to Kaspersky Labs antivirus yesterday (June 20, 2005) about this virus and got an email back from one of their virus analysts. However, I haven't been infected and so I wasn't able to provide them with a sample of the virus.

If you'd be so kind as to help prevent others form getting this virus, please make a password-protected zip (or rar) file containing any viral files you are about to delete. The password should be "infected" and it should be mailed to NewVirus@kaspersky.com, with a subject of KLAB-571146.

It's my understanding that the major anti-virus labs have informal agreements about sharing new viruses with eachother.

If you're extra motivated to help stop this virus, there's also a web submission form at http://subwiz.trendmicro.com/SubWiz/...sp?opgWizard=7 . Presumably TrendMicro wants the winupdates file instead of the password protected zip file.

Unfortunately, it looks like Symantec/Norton Anti-Virus requires you to use Norton Anti-Virus to send in samples instead of using plain old email. If you have Norton Anti-virus, please by all means use Norton Anti-virus to send Symantec/Norton a copy of winupdates.

McAfee Anti-virus's website gives me the impression that there's no way for the average person to send them samples of suspected viruses.