********************************************************************** ** ** ** What's New in the NAV Virus Definitions Files WHATSNEW.TXT ** ** ** ** Symantec Security Response January 24, 2003 ** ** ** ********************************************************************** This document contains the following topics: * Virus Alerts * New Technologies * Changes Incorporated Into This Update * Additional Information ********************************************************************** ** Virus Alerts ** ********************************************************************** The ten most commonly reported viruses, worldwide: 1 W32.Bugbear@mm 2 W32.Klez.H@mm 3 W32.Opaserv.Worm 4 Trojan Horse 5 W95.Hybris.worm 6 W32.Datom.Worm 7 W95.Spaces.1445 8 W32.Klez.E@mm 9 W32.Yaha.F@mm 10 W95.CIH ********************************************************************** ** New Technologies ** ********************************************************************** DATE Technologies Added ---- ------------------ 08/02/01 * Engine Update 08/02/01 * All products that use the NAVEX 1.5 architecture (in other words, most major Symantec products released over the last 3 - 4 years) will receive the new functionality. * This enhanced technology provides improved script scanning as well as more proactive detection of unknown script-based threats. ********************************************************************** ** Changes Incorporated Into This Virus Definitions Update ** ********************************************************************** DATE ---- New virus definitions (sorted by Virus Name): Virus Name Infection Type Date added ---------- -------------- --------- Backdoor.Beasty File infector 01/17/03 Backdoor.Blizzard File infector 01/20/03 Backdoor.IRC.Aladinz File infector 01/17/03 Backdoor.Qforager File infector 01/22/03 Backdoor.Sdbot.C File infector 01/22/03 Backdoor.Talex File infector 01/21/03 Backdoor.Zdemon.10 File infector 01/21/03 Backdoor.Zix File infector 01/21/03 Bin.Auto.CDR File infector 01/17/03 Bin.Auto.CDS File infector 01/17/03 Bin.Auto.CDT File infector 01/17/03 Bin.Auto.CDU File infector 01/17/03 Bin.Auto.CDV File infector 01/17/03 Bin.Auto.CDW File infector 01/17/03 Bin.Auto.CDX File infector 01/17/03 Bin.Auto.CDY File infector 01/17/03 Bin.Auto.CDZ File infector 01/17/03 Bin.Auto.CEA File infector 01/17/03 Bin.Auto.CEB File infector 01/17/03 Bin.Auto.CEC File infector 01/17/03 Bin.Auto.CED File infector 01/17/03 Bin.Auto.CEE File infector 01/17/03 Bin.Auto.CEF File infector 01/17/03 Bin.Auto.CEG File infector 01/17/03 Bin.Auto.CEH File infector 01/17/03 Bin.Auto.CEI File infector 01/17/03 Bin.Auto.CEJ File infector 01/17/03 Bin.Auto.CEK File infector 01/17/03 Bin.Auto.CEL File infector 01/17/03 Bin.Auto.CEM File infector 01/17/03 Bin.Auto.CEN File infector 01/17/03 Bin.Auto.CEO File infector 01/17/03 Bin.Auto.CEP File infector 01/17/03 Bin.Auto.CEQ File infector 01/17/03 Bin.Auto.CER File infector 01/20/03 Bin.Auto.CES File infector 01/20/03 Bin.Auto.CET File infector 01/20/03 Bin.Auto.CEU File infector 01/20/03 Bin.Auto.CEV File infector 01/20/03 Bin.Auto.CEW File infector 01/20/03 Bin.Auto.CEX File infector 01/20/03 Bin.Auto.CEY File infector 01/20/03 Bin.Auto.CEZ File infector 01/20/03 Bin.Auto.CFA File infector 01/20/03 HLLC.Invader.7503 File infector 01/17/03 HLLO.8200 File infector 01/20/03 HLLO.Nic.2600 File infector 01/23/03 HLLO.Nic.2600(2) File infector 01/23/03 HLLO.Nic.2600(3) File infector 01/23/03 HLLO.Oxbo.3744 File infector 01/17/03 HLLP.10014 File infector 01/23/03 HLLP.5233 File infector 01/22/03 HLLP.7572 File infector 01/22/03 HLLP.Commando.18496 File infector 01/23/03 HLLP.DNVG.4997 File infector 01/17/03 HLLP.EROT.5991 File infector 01/17/03 HLLP.Fall.8768 File infector 01/20/03 HLLP.Gartin.9680 File infector 01/24/03 HLLP.Teterin.7897 File infector 01/17/03 HLLW.26808 File infector 01/24/03 HLLW.DPVG.5360 File infector 01/23/03 Irok.6405 File infector 01/23/03 JS.Astrology@mm File infector 01/17/03 Jdog.2946 File infector 01/20/03 Lemming.2144.a File infector 01/24/03 Mordor.B File infector 01/23/03 PWSteal.Senhas File infector 01/24/03 Parity.C File infector 01/23/03 Supra.99 File infector 01/23/03 Trojan.Downloader.Inor File infector 01/24/03 Trojan.Poldo.B File infector 01/21/03 Trojan.Qforager.Dr File infector 01/22/03 Trojan.Qwe File infector 01/24/03 Trojan.Snag File infector 01/17/03 VBS.Jasam@mm File infector 01/24/03 VBS.Lorena@mm File infector 01/17/03 VBS.Sdan@mm File infector 01/24/03 VBS.Tuna File infector 01/21/03 Vim.inoj File infector 01/23/03 W32.Achar.Worm File infector 01/17/03 W32.Bibrog@mm File infector 01/24/03 W32.Buffy.D File infector 01/20/03 W32.Eroc.Irc File infector 01/22/03 W32.HLLP.Runnelot File infector 01/22/03 W32.HLLP.Seido File infector 01/22/03 W32.HLLW.Backzat.F File infector 01/22/03 W32.HLLW.Eissa File infector 01/21/03 W32.HLLW.GOP.G@mm File infector 01/17/03 W32.HLLW.Grexon File infector 01/22/03 W32.HLLW.Indor.B@mm File infector 01/24/03 W32.HLLW.Onewol File infector 01/20/03 W32.HLLW.Oror.C@mm File infector 01/22/03 W32.Lirva@mm (ini) File infector 01/17/03 W32.Netspree.Worm File infector 01/23/03 W32.Sistdi File infector 01/21/03 W97M.DeByte File infector 01/24/03 W97M.Lakko File infector 01/23/03 X97M.Bandi File infector 01/21/03 X97M.Loz File infector 01/21/03 X97M.Mauela File infector 01/21/03 New virus definitions (sorted by Date added): Virus Name Infection Type Date added ---------- -------------- ---------- HLLP.Gartin.9680 File infector 01/24/03 HLLW.26808 File infector 01/24/03 Lemming.2144.a File infector 01/24/03 PWSteal.Senhas File infector 01/24/03 Trojan.Downloader.Inor File infector 01/24/03 Trojan.Qwe File infector 01/24/03 VBS.Jasam@mm File infector 01/24/03 VBS.Sdan@mm File infector 01/24/03 W32.Bibrog@mm File infector 01/24/03 W32.HLLW.Indor.B@mm File infector 01/24/03 W97M.DeByte File infector 01/24/03 HLLO.Nic.2600 File infector 01/23/03 HLLO.Nic.2600(2) File infector 01/23/03 HLLO.Nic.2600(3) File infector 01/23/03 HLLP.10014 File infector 01/23/03 HLLP.Commando.18496 File infector 01/23/03 HLLW.DPVG.5360 File infector 01/23/03 Irok.6405 File infector 01/23/03 Mordor.B File infector 01/23/03 Parity.C File infector 01/23/03 Supra.99 File infector 01/23/03 Vim.inoj File infector 01/23/03 W32.Netspree.Worm File infector 01/23/03 W97M.Lakko File infector 01/23/03 Backdoor.Qforager File infector 01/22/03 Backdoor.Sdbot.C File infector 01/22/03 HLLP.5233 File infector 01/22/03 HLLP.7572 File infector 01/22/03 Trojan.Qforager.Dr File infector 01/22/03 W32.Eroc.Irc File infector 01/22/03 W32.HLLP.Runnelot File infector 01/22/03 W32.HLLP.Seido File infector 01/22/03 W32.HLLW.Backzat.F File infector 01/22/03 W32.HLLW.Grexon File infector 01/22/03 W32.HLLW.Oror.C@mm File infector 01/22/03 Backdoor.Talex File infector 01/21/03 Backdoor.Zdemon.10 File infector 01/21/03 Backdoor.Zix File infector 01/21/03 Trojan.Poldo.B File infector 01/21/03 VBS.Tuna File infector 01/21/03 W32.HLLW.Eissa File infector 01/21/03 W32.Sistdi File infector 01/21/03 X97M.Bandi File infector 01/21/03 X97M.Loz File infector 01/21/03 X97M.Mauela File infector 01/21/03 Backdoor.Blizzard File infector 01/20/03 Bin.Auto.CER File infector 01/20/03 Bin.Auto.CES File infector 01/20/03 Bin.Auto.CET File infector 01/20/03 Bin.Auto.CEU File infector 01/20/03 Bin.Auto.CEV File infector 01/20/03 Bin.Auto.CEW File infector 01/20/03 Bin.Auto.CEX File infector 01/20/03 Bin.Auto.CEY File infector 01/20/03 Bin.Auto.CEZ File infector 01/20/03 Bin.Auto.CFA File infector 01/20/03 HLLO.8200 File infector 01/20/03 HLLP.Fall.8768 File infector 01/20/03 Jdog.2946 File infector 01/20/03 W32.Buffy.D File infector 01/20/03 W32.HLLW.Onewol File infector 01/20/03 Backdoor.Beasty File infector 01/17/03 Backdoor.IRC.Aladinz File infector 01/17/03 Bin.Auto.CDR File infector 01/17/03 Bin.Auto.CDS File infector 01/17/03 Bin.Auto.CDT File infector 01/17/03 Bin.Auto.CDU File infector 01/17/03 Bin.Auto.CDV File infector 01/17/03 Bin.Auto.CDW File infector 01/17/03 Bin.Auto.CDX File infector 01/17/03 Bin.Auto.CDY File infector 01/17/03 Bin.Auto.CDZ File infector 01/17/03 Bin.Auto.CEA File infector 01/17/03 Bin.Auto.CEB File infector 01/17/03 Bin.Auto.CEC File infector 01/17/03 Bin.Auto.CED File infector 01/17/03 Bin.Auto.CEE File infector 01/17/03 Bin.Auto.CEF File infector 01/17/03 Bin.Auto.CEG File infector 01/17/03 Bin.Auto.CEH File infector 01/17/03 Bin.Auto.CEI File infector 01/17/03 Bin.Auto.CEJ File infector 01/17/03 Bin.Auto.CEK File infector 01/17/03 Bin.Auto.CEL File infector 01/17/03 Bin.Auto.CEM File infector 01/17/03 Bin.Auto.CEN File infector 01/17/03 Bin.Auto.CEO File infector 01/17/03 Bin.Auto.CEP File infector 01/17/03 Bin.Auto.CEQ File infector 01/17/03 HLLC.Invader.7503 File infector 01/17/03 HLLO.Oxbo.3744 File infector 01/17/03 HLLP.DNVG.4997 File infector 01/17/03 HLLP.EROT.5991 File infector 01/17/03 HLLP.Teterin.7897 File infector 01/17/03 JS.Astrology@mm File infector 01/17/03 Trojan.Snag File infector 01/17/03 VBS.Lorena@mm File infector 01/17/03 W32.Achar.Worm File infector 01/17/03 W32.HLLW.GOP.G@mm File infector 01/17/03 W32.Lirva@mm (ini) File infector 01/17/03 Name Changes (sorted by Old Virus Name): Old Virus Name New Virus Name Date changed -------------- -------------- ------------ BAT.Junkboat@mm to W32.Enerlam.2774 12/05/02 Backdoor.Dumba to Trojan.Dumba 09/23/02 Backdoor.Floodnet to Backdoor.Endool 11/13/02 Backdoor.Qforager to Trojan.Qforager 01/22/03 Bin.Auto.AZL to PS-MPC.535.B 09/13/02 Cruiser.1120 to Cruiser.1120.Int 11/26/02 Dik.1393 to Dik.1393.Int 11/26/02 IRC.Pelic.Worm to VBS.Pelic.Worm 10/02/02 Lonig.INT to Lonig.Kit 11/26/02 Syst.1665 to AOD.385.B 10/28/02 TAVC.Jazva to Jazva.686 11/26/02 TPE.cw.1915 to TPE.cw 01/08/03 Trojan.Imiserv to Backdoor.Imiserv 09/19/02 Trojan.PWS.QQPass.gKb6 to Trojan.PWS.QQPass.C 10/18/02 VBS.Betta.A to BAT.Betta.A 01/16/03 VBS.Likun@mm to VBS.Likun 11/05/02 VBS.Pica@m to VBS.Pica@mm 12/11/02 W32.Alcatap.Worm to W32.Hobble.F@mm 11/08/02 W32.Alpoor.6144 to W32.HLLP.Alpoor 09/20/02 W32.Appix.H.Worm to Backdoor.OptixPro.10.b 12/18/02 W32.Asterz@mm to W32.HLLW.Asterz.intd 01/20/03 W32.Efno.Worm to W32.HLLW.Efno 09/16/02 W32.Fanta.B.Worm to Fanta.Trojan.Dr 11/06/02 W32.Fanta.worm to Fanta.Trojan 11/06/02 W32.Gezak to W32.Prodvin 11/06/02 W32.HLLO.Mario to W32.HLLO.Marion 11/08/02 W32.HLLO.Samand to W32.HLLC.Samand 10/10/02 W32.HLLP.Alpoor to W32.HLLP.Flate.C 09/25/02 W32.HLLW.Backzat.F to W32.HLLW.Backzat.G 01/23/03 W32.HLLW.GOP.F@mm to W32.HLLW.Wangy@mm 01/07/03 W32.HLLW.Gotit to W32.Titog.B.Worm 01/09/03 W32.HLLW.Smilex to W32.Stupid.D 11/08/02 W32.HLLW.Stiq to W32.HLLW.Stiq@mm 01/07/03 W32.HLLW.Veednav.B to W32.HLLW.Veedna.B 01/15/03 W32.Holar.C@mm to W32.Galil@mm 12/05/02 W32.Jonbarr.B@mm to W32.Jonbarr.C@mm 11/12/02 W32.Manex.Worm to W32.HLLW.Manex 11/12/02 W32.Momma to IRC.Momma.Worm 01/21/03 W32.Protex.Worm to W32.Duksten.B@mm 10/24/02 W32.Seesix.Worm to W32.HLLP.VB.14336.C 11/04/02 W32.Topsec.Worm to W32.Topsec 10/14/02 W32.Tossed@mm to HLLW.Tossed@mm 11/06/02 W32.Wun.Irc to W32.Wuno.Irc 11/08/02 W32.campurf@mm to W32.Campurf@mm 01/04/03 W95.CIH.1094 to W95.CIH.1106 11/20/02 W95.Sleepyhead to W95.Sleepyhead.5632 10/22/02 W97M.QWERTY to W97M.WERTY 12/17/02 W97M.Swatch to W97M.Spwatch 12/04/02 W97M.Thus.bi to W97M.Thus.BI 11/19/02 Zorm.695 to Zorm.family 01/21/03 Name Changes (sorted by Date changed): Old Virus Name New Virus Name Date changed -------------- -------------- ------------ W32.HLLW.Backzat.F to W32.HLLW.Backzat.G 01/23/03 Backdoor.Qforager to Trojan.Qforager 01/22/03 W32.Momma to IRC.Momma.Worm 01/21/03 Zorm.695 to Zorm.family 01/21/03 W32.Asterz@mm to W32.HLLW.Asterz.intd 01/20/03 VBS.Betta.A to BAT.Betta.A 01/16/03 W32.HLLW.Veednav.B to W32.HLLW.Veedna.B 01/15/03 W32.HLLW.Gotit to W32.Titog.B.Worm 01/09/03 TPE.cw.1915 to TPE.cw 01/08/03 W32.HLLW.GOP.F@mm to W32.HLLW.Wangy@mm 01/07/03 W32.HLLW.Stiq to W32.HLLW.Stiq@mm 01/07/03 W32.campurf@mm to W32.Campurf@mm 01/04/03 W32.Appix.H.Worm to Backdoor.OptixPro.10.b 12/18/02 W97M.QWERTY to W97M.WERTY 12/17/02 VBS.Pica@m to VBS.Pica@mm 12/11/02 BAT.Junkboat@mm to W32.Enerlam.2774 12/05/02 W32.Holar.C@mm to W32.Galil@mm 12/05/02 W97M.Swatch to W97M.Spwatch 12/04/02 Cruiser.1120 to Cruiser.1120.Int 11/26/02 Dik.1393 to Dik.1393.Int 11/26/02 Lonig.INT to Lonig.Kit 11/26/02 TAVC.Jazva to Jazva.686 11/26/02 W95.CIH.1094 to W95.CIH.1106 11/20/02 W97M.Thus.bi to W97M.Thus.BI 11/19/02 Backdoor.Floodnet to Backdoor.Endool 11/13/02 W32.Jonbarr.B@mm to W32.Jonbarr.C@mm 11/12/02 W32.Manex.Worm to W32.HLLW.Manex 11/12/02 W32.Alcatap.Worm to W32.Hobble.F@mm 11/08/02 W32.HLLO.Mario to W32.HLLO.Marion 11/08/02 W32.HLLW.Smilex to W32.Stupid.D 11/08/02 W32.Wun.Irc to W32.Wuno.Irc 11/08/02 W32.Fanta.B.Worm to Fanta.Trojan.Dr 11/06/02 W32.Fanta.worm to Fanta.Trojan 11/06/02 W32.Gezak to W32.Prodvin 11/06/02 W32.Tossed@mm to HLLW.Tossed@mm 11/06/02 VBS.Likun@mm to VBS.Likun 11/05/02 W32.Seesix.Worm to W32.HLLP.VB.14336.C 11/04/02 Syst.1665 to AOD.385.B 10/28/02 W32.Protex.Worm to W32.Duksten.B@mm 10/24/02 W95.Sleepyhead to W95.Sleepyhead.5632 10/22/02 Trojan.PWS.QQPass.gKb6 to Trojan.PWS.QQPass.C 10/18/02 W32.Topsec.Worm to W32.Topsec 10/14/02 W32.HLLO.Samand to W32.HLLC.Samand 10/10/02 IRC.Pelic.Worm to VBS.Pelic.Worm 10/02/02 W32.HLLP.Alpoor to W32.HLLP.Flate.C 09/25/02 Backdoor.Dumba to Trojan.Dumba 09/23/02 W32.Alpoor.6144 to W32.HLLP.Alpoor 09/20/02 Trojan.Imiserv to Backdoor.Imiserv 09/19/02 W32.Efno.Worm to W32.HLLW.Efno 09/16/02 Bin.Auto.AZL to PS-MPC.535.B 09/13/02 Deletions (sorted by Virus Name): Virus Name Infection Type Date removed ---------- -------------- ------------ BAT911.Worm File infector 11/05/02 Bin.Auto.CAQ File infector 12/04/02 HLLO.Gotov.5488 File infector 12/11/02 JS.WindowBomb File infector 09/26/02 VBS.Breberka@mm File infector 10/29/02 VBS.Draft@mm File infector 10/29/02 VBS.Futonik@mm File infector 10/29/02 W32.Compo File infector 10/21/02 W32.HLLC.Happylow File infector 09/13/02 W32.Hotlix.Worm File infector 11/12/02 W32.Wahwah@mm File infector 12/09/02 W97M.Pane File infector 10/11/02 Deletions (sorted by Date removed): Virus Name Infection Type Date removed ---------- -------------- ------------ HLLO.Gotov.5488 File infector 12/11/02 W32.Wahwah@mm File infector 12/09/02 Bin.Auto.CAQ File infector 12/04/02 W32.Hotlix.Worm File infector 11/12/02 BAT911.Worm File infector 11/05/02 VBS.Breberka@mm File infector 10/29/02 VBS.Draft@mm File infector 10/29/02 VBS.Futonik@mm File infector 10/29/02 W32.Compo File infector 10/21/02 W97M.Pane File infector 10/11/02 JS.WindowBomb File infector 09/26/02 W32.HLLC.Happylow File infector 09/13/02 ********************************************************************** ** Additional Information ** ********************************************************************** Additional information regarding this virus definitions update can be found in UPDATE.TXT and TECHNOTE.TXT.