********************************************************************** ** ** ** What's New in the NAV Virus Definitions Files WHATSNEW.TXT ** ** ** ** Symantec Security Response August 14, 2003 ** ** ** ********************************************************************** This document contains the following topics: * Virus Alerts * New Technologies * Changes Incorporated Into This Update * Additional Information ********************************************************************** ** Virus Alerts ** ********************************************************************** The ten most commonly reported viruses for July 2003, worldwide: 1 W32.Bugbear.B@mm 2 W32.Klez.H@mm 3 W32.Sobig.E@mm 4 HTML.Redlof.A 5 IRC Trojan 6 Trojan Horse 7 JS.Fortnight.C 8 W95.Hybris.Worm 9 JS.Exception.Exploit 10 Backdoor.Trojan ********************************************************************** ** New Technologies ** ********************************************************************** DATE Technologies Added ---- ------------------ 08/02/01 * Engine Update 08/02/01 * All products that use the NAVEX 1.5 architecture (in other words, most major Symantec products released over the last 3 - 4 years) will receive the new functionality. * This enhanced technology provides improved script scanning as well as more proactive detection of unknown script-based threats. ********************************************************************** ** Changes Incorporated Into This Virus Definitions Update ** ********************************************************************** DATE ---- New virus definitions (sorted by Virus Name): Virus Name Infection Type Date added ---------- -------------- --------- A97M.Nitro.A File infector 08/14/03 Axypt.1930.cmp File infector 08/13/03 Axypt.516.cmp File infector 08/13/03 BAT.Rous.worm File infector 08/11/03 Backdoor.Beasty.H File infector 08/13/03 Backdoor.IRC.Muiriled File infector 08/13/03 Backdoor.WinShell.50.b File infector 08/11/03 EasyRider.2108 File infector 08/13/03 Feeddst.809 File infector 08/13/03 Goma.1334 File infector 08/12/03 Goma.1334(1) File infector 08/12/03 Goma.1334(2) File infector 08/12/03 Hello.401 File infector 08/12/03 Hello.452 File infector 08/12/03 IVP.1140 File infector 08/12/03 IVP.1556 File infector 08/12/03 IVP.353 File infector 08/12/03 IVP.355 File infector 08/12/03 IVP.364 File infector 08/12/03 IVP.396 File infector 08/12/03 IVP.399 File infector 08/12/03 IVP.425 File infector 08/12/03 IVP.435 File infector 08/12/03 Jain.1437 File infector 08/14/03 Jain.1437(1) File infector 08/14/03 Jain.1437(2) File infector 08/14/03 Jain.1536.A File infector 08/14/03 Jain.1536.A(1) File infector 08/14/03 Jain.1536.A(2) File infector 08/14/03 Jain.1726 File infector 08/14/03 Jain.1726(1) File infector 08/14/03 Jain.1726(2) File infector 08/14/03 Lupus.532 File infector 08/12/03 Lupus.663 File infector 08/12/03 Lupus.665 File infector 08/12/03 MIREA.549 File infector 08/13/03 MIREA.549(1) File infector 08/13/03 MIREA.549(2) File infector 08/13/03 MIREA.767 File infector 08/13/03 MIREA.767(1) File infector 08/13/03 MIREA.767(2) File infector 08/13/03 MIREA.815 File infector 08/13/03 MIREA.815(1) File infector 08/13/03 MIREA.815(2) File infector 08/13/03 MIREA.888 File infector 08/13/03 MIREA.888(1) File infector 08/13/03 MIREA.888(2) File infector 08/13/03 Microb.202 File infector 08/13/03 Microb.206 File infector 08/13/03 Mpoc.360 File infector 08/13/03 Mpoc.364 File infector 08/13/03 PS-MPC.205 File infector 08/13/03 PWSteal.Lemir.B File infector 08/11/03 PWSteal.PPort File infector 08/11/03 Polimer.512.D File infector 08/13/03 Polimer.512.D(1) File infector 08/13/03 Polimer.512.D(2) File infector 08/13/03 Polimer.512.E File infector 08/12/03 Polimer.512.E(1) File infector 08/12/03 Polimer.512.E(2) File infector 08/12/03 Replay.670 File infector 08/14/03 Replay.670(1) File infector 08/14/03 Replay.683 File infector 08/14/03 Replay.683(1) File infector 08/14/03 Riot.Immortal.571 File infector 08/14/03 Second.566 File infector 08/14/03 Second.566(1) File infector 08/14/03 Second.697 File infector 08/14/03 Second.697(1) File infector 08/14/03 Sracka.1579 File infector 08/13/03 Sracka.1579 (x) File infector 08/13/03 Sracka.1653 File infector 08/13/03 Sracka.1653 (x) File infector 08/13/03 Studderin.952 File infector 08/13/03 Studderin.954 File infector 08/13/03 Suicidal.847 File infector 08/14/03 Trojan.Kevor File infector 08/11/03 VBS.DDV.B File infector 08/11/03 VBS.Kevor.Worm File infector 08/11/03 VBS.Lembra@mm File infector 08/13/03 VBS.Starman@mm File infector 08/14/03 W32.Bacterra.Worm File infector 08/11/03 W32.Blaster.B.Worm File infector 08/13/03 W32.Blaster.C.Worm File infector 08/13/03 W32.Blaster.Worm File infector 08/11/03 W32.HLLC.Lestat File infector 08/14/03 W32.HLLW.Aplich File infector 08/14/03 W32.HLLW.Backzat.AA File infector 08/14/03 W32.HLLW.Carpet.B File infector 08/14/03 W32.HLLW.Habrack File infector 08/13/03 W32.HLLW.Stotem File infector 08/11/03 W32.Imonex File infector 08/11/03 W32.Kuskus.Worm File infector 08/14/03 W32.Labirint File infector 08/11/03 W32.Logex File infector 08/11/03 W32.Mant.Worm File infector 08/11/03 W32.Randex.E File infector 08/12/03 Win.HLLP.Hiro File infector 08/14/03 Youth.279 File infector 08/13/03 Youth.563 File infector 08/13/03 New virus definitions (sorted by Date added): Virus Name Infection Type Date added ---------- -------------- ---------- A97M.Nitro.A File infector 08/14/03 Jain.1437 File infector 08/14/03 Jain.1437(1) File infector 08/14/03 Jain.1437(2) File infector 08/14/03 Jain.1536.A File infector 08/14/03 Jain.1536.A(1) File infector 08/14/03 Jain.1536.A(2) File infector 08/14/03 Jain.1726 File infector 08/14/03 Jain.1726(1) File infector 08/14/03 Jain.1726(2) File infector 08/14/03 Replay.670 File infector 08/14/03 Replay.670(1) File infector 08/14/03 Replay.683 File infector 08/14/03 Replay.683(1) File infector 08/14/03 Riot.Immortal.571 File infector 08/14/03 Second.566 File infector 08/14/03 Second.566(1) File infector 08/14/03 Second.697 File infector 08/14/03 Second.697(1) File infector 08/14/03 Suicidal.847 File infector 08/14/03 VBS.Starman@mm File infector 08/14/03 W32.HLLC.Lestat File infector 08/14/03 W32.HLLW.Aplich File infector 08/14/03 W32.HLLW.Backzat.AA File infector 08/14/03 W32.HLLW.Carpet.B File infector 08/14/03 W32.Kuskus.Worm File infector 08/14/03 Win.HLLP.Hiro File infector 08/14/03 Axypt.1930.cmp File infector 08/13/03 Axypt.516.cmp File infector 08/13/03 Backdoor.Beasty.H File infector 08/13/03 Backdoor.IRC.Muiriled File infector 08/13/03 EasyRider.2108 File infector 08/13/03 Feeddst.809 File infector 08/13/03 MIREA.549 File infector 08/13/03 MIREA.549(1) File infector 08/13/03 MIREA.549(2) File infector 08/13/03 MIREA.767 File infector 08/13/03 MIREA.767(1) File infector 08/13/03 MIREA.767(2) File infector 08/13/03 MIREA.815 File infector 08/13/03 MIREA.815(1) File infector 08/13/03 MIREA.815(2) File infector 08/13/03 MIREA.888 File infector 08/13/03 MIREA.888(1) File infector 08/13/03 MIREA.888(2) File infector 08/13/03 Microb.202 File infector 08/13/03 Microb.206 File infector 08/13/03 Mpoc.360 File infector 08/13/03 Mpoc.364 File infector 08/13/03 PS-MPC.205 File infector 08/13/03 Polimer.512.D File infector 08/13/03 Polimer.512.D(1) File infector 08/13/03 Polimer.512.D(2) File infector 08/13/03 Sracka.1579 File infector 08/13/03 Sracka.1579 (x) File infector 08/13/03 Sracka.1653 File infector 08/13/03 Sracka.1653 (x) File infector 08/13/03 Studderin.952 File infector 08/13/03 Studderin.954 File infector 08/13/03 VBS.Lembra@mm File infector 08/13/03 W32.Blaster.B.Worm File infector 08/13/03 W32.Blaster.C.Worm File infector 08/13/03 W32.HLLW.Habrack File infector 08/13/03 Youth.279 File infector 08/13/03 Youth.563 File infector 08/13/03 Goma.1334 File infector 08/12/03 Goma.1334(1) File infector 08/12/03 Goma.1334(2) File infector 08/12/03 Hello.401 File infector 08/12/03 Hello.452 File infector 08/12/03 IVP.1140 File infector 08/12/03 IVP.1556 File infector 08/12/03 IVP.353 File infector 08/12/03 IVP.355 File infector 08/12/03 IVP.364 File infector 08/12/03 IVP.396 File infector 08/12/03 IVP.399 File infector 08/12/03 IVP.425 File infector 08/12/03 IVP.435 File infector 08/12/03 Lupus.532 File infector 08/12/03 Lupus.663 File infector 08/12/03 Lupus.665 File infector 08/12/03 Polimer.512.E File infector 08/12/03 Polimer.512.E(1) File infector 08/12/03 Polimer.512.E(2) File infector 08/12/03 W32.Randex.E File infector 08/12/03 BAT.Rous.worm File infector 08/11/03 Backdoor.WinShell.50.b File infector 08/11/03 PWSteal.Lemir.B File infector 08/11/03 PWSteal.PPort File infector 08/11/03 Trojan.Kevor File infector 08/11/03 VBS.DDV.B File infector 08/11/03 VBS.Kevor.Worm File infector 08/11/03 W32.Bacterra.Worm File infector 08/11/03 W32.Blaster.Worm File infector 08/11/03 W32.HLLW.Stotem File infector 08/11/03 W32.Imonex File infector 08/11/03 W32.Labirint File infector 08/11/03 W32.Logex File infector 08/11/03 W32.Mant.Worm File infector 08/11/03 Name Changes (sorted by Old Virus Name): Old Virus Name New Virus Name Date changed -------------- -------------- ------------ Backdoor.SubSeven.2.15 to Backdoor.SubSeven215 07/29/03 Bin.Auto.BBF to PS-MPC.729 08/04/03 Boot.Face to Face (b) 07/31/03 Face (b) to Boot.Face 08/04/03 Hacktool.WDAV.Exploit to Hacktool.WDSat.Exploit 07/08/03 NOSTARDAMUS.1087 to Nostardamus.1087 07/23/03 NOSTARDAMUS.2188 to Nostardamus.2188 07/23/03 NOSTARDAMUS.2220 to Nostardamus.2220 07/23/03 NOSTARDAMUS.2255 to Nostardamus.2255 07/23/03 Nostardamus.1087 to NOSTARDAMUS.1087 07/24/03 Nostardamus.2188 to NOSTARDAMUS.2188 07/24/03 Nostardamus.2255 to NOSTARDAMUS.2255 07/24/03 PS-MPC.729 to Bin.Auto.BBF 08/04/03 VBS.Quocus@mm to W32.HLLW.Egar 07/23/03 VBS.Quocus@mm.int to VBS.Quocus.int 08/07/03 VBS.Wimpey to VBS.Wimpey@mm 07/21/03 W32.Akosw@mm to W32.Israz@mm 07/11/03 W32.Anar.Worm to Win32.Anar.Worm 07/10/03 W32.Babybear@mm.int to W32.Babybear.int 07/28/03 W32.HLLW.Aldem@mm to W32.Ronoper.B@mm 07/03/03 W32.HLLW.Egar to W32.Egar.int 07/30/03 W32.HLLW.Etaug@mm to VBS.Quocus@mm 07/18/03 W32.HLLW.Kabak.Int to W32.HLLW.Kabak 08/08/03 W32.HLLW.Symten to W32.Symten@mm 07/18/03 W32.Israz@mm to W32.Akosw@mm 07/24/03 W32.Jantic.C@mm to W32.Jantic.F@mm 07/17/03 W32.MutantQSix to W32.Sadon.867 07/10/03 W32.Mutantq6 to W32.MutantQSix 07/09/03 W32.Nuf.A to W32.Nuffy.A 08/08/03 W32.Symten@mm to W32.HLLW.Symten@mm 07/21/03 W32.Yaha.V@mm to W32.Yaha.Z@mm 07/10/03 W32.Yaha.Z@mm to W32.Yaha.V@mm 07/10/03 Win32.Anar.Worm to W32.Anar.Worm 07/10/03 Name Changes (sorted by Date changed): Old Virus Name New Virus Name Date changed -------------- -------------- ------------ W32.HLLW.Kabak.Int to W32.HLLW.Kabak 08/08/03 W32.Nuf.A to W32.Nuffy.A 08/08/03 VBS.Quocus@mm.int to VBS.Quocus.int 08/07/03 Bin.Auto.BBF to PS-MPC.729 08/04/03 Face (b) to Boot.Face 08/04/03 PS-MPC.729 to Bin.Auto.BBF 08/04/03 Boot.Face to Face (b) 07/31/03 W32.HLLW.Egar to W32.Egar.int 07/30/03 Backdoor.SubSeven.2.15 to Backdoor.SubSeven215 07/29/03 W32.Babybear@mm.int to W32.Babybear.int 07/28/03 Nostardamus.1087 to NOSTARDAMUS.1087 07/24/03 Nostardamus.2188 to NOSTARDAMUS.2188 07/24/03 Nostardamus.2255 to NOSTARDAMUS.2255 07/24/03 W32.Israz@mm to W32.Akosw@mm 07/24/03 NOSTARDAMUS.1087 to Nostardamus.1087 07/23/03 NOSTARDAMUS.2188 to Nostardamus.2188 07/23/03 NOSTARDAMUS.2220 to Nostardamus.2220 07/23/03 NOSTARDAMUS.2255 to Nostardamus.2255 07/23/03 VBS.Quocus@mm to W32.HLLW.Egar 07/23/03 VBS.Wimpey to VBS.Wimpey@mm 07/21/03 W32.Symten@mm to W32.HLLW.Symten@mm 07/21/03 W32.HLLW.Etaug@mm to VBS.Quocus@mm 07/18/03 W32.HLLW.Symten to W32.Symten@mm 07/18/03 W32.Jantic.C@mm to W32.Jantic.F@mm 07/17/03 W32.Akosw@mm to W32.Israz@mm 07/11/03 W32.Anar.Worm to Win32.Anar.Worm 07/10/03 W32.MutantQSix to W32.Sadon.867 07/10/03 W32.Yaha.V@mm to W32.Yaha.Z@mm 07/10/03 W32.Yaha.Z@mm to W32.Yaha.V@mm 07/10/03 Win32.Anar.Worm to W32.Anar.Worm 07/10/03 W32.Mutantq6 to W32.MutantQSix 07/09/03 Hacktool.WDAV.Exploit to Hacktool.WDSat.Exploit 07/08/03 W32.HLLW.Aldem@mm to W32.Ronoper.B@mm 07/03/03 Deletions (sorted by Virus Name): Virus Name Infection Type Date removed ---------- -------------- ------------ Backdoor.Beasty.G File infector 08/04/03 Backdoor.FTPserver File infector 08/04/03 Backdoor.Fxsvc File infector 08/04/03 Backdoor.IRC.Cirebot File infector 08/04/03 Backdoor.Nibu File infector 08/04/03 Backdoor.Roxy File infector 08/04/03 Backdoor.Sumtax File infector 08/04/03 Baloo.Family File infector 08/04/03 Bloodhound.IU.01 File infector 08/05/03 Bloodhound.IU.02 File infector 08/05/03 Bloodhound.IU.03 File infector 08/05/03 Delta.1167 File infector 08/04/03 Delta.1167 (1) File infector 08/04/03 EICAR Test String(new) File infector 08/05/03 Eharm.225 File infector 08/04/03 Eumel.391 File infector 08/04/03 Eumel.391(1) File infector 08/04/03 SMM.gen File infector 08/07/03 SSR.19071 File infector 08/07/03 Test.Pam32Req File infector 08/05/03 Deletions (sorted by Date removed): Virus Name Infection Type Date removed ---------- -------------- ------------ SMM.gen File infector 08/07/03 SSR.19071 File infector 08/07/03 Bloodhound.IU.01 File infector 08/05/03 Bloodhound.IU.02 File infector 08/05/03 Bloodhound.IU.03 File infector 08/05/03 EICAR Test String(new) File infector 08/05/03 Test.Pam32Req File infector 08/05/03 Backdoor.Beasty.G File infector 08/04/03 Backdoor.FTPserver File infector 08/04/03 Backdoor.Fxsvc File infector 08/04/03 Backdoor.IRC.Cirebot File infector 08/04/03 Backdoor.Nibu File infector 08/04/03 Backdoor.Roxy File infector 08/04/03 Backdoor.Sumtax File infector 08/04/03 Baloo.Family File infector 08/04/03 Delta.1167 File infector 08/04/03 Delta.1167 (1) File infector 08/04/03 Eharm.225 File infector 08/04/03 Eumel.391 File infector 08/04/03 Eumel.391(1) File infector 08/04/03 ********************************************************************** ** Additional Information ** ********************************************************************** Additional information regarding this virus definitions update can be found in UPDATE.TXT and TECHNOTE.TXT.