********************************************************************** ** ** ** What's New in the NAV Virus Definitions Files WHATSNEW.TXT ** ** ** ** Symantec Security Response February 04, 2004 ** ** ** ********************************************************************** This document contains the following topics: * Virus Alerts * New Technologies * Changes Incorporated Into This Update * Additional Information ********************************************************************** ** Virus Alerts ** ********************************************************************** The ten most commonly reported viruses for October 2003, worldwide: 1 Download.Adware.Lop 2 Trojan.ByteVerify 3 Trojan Horse 4 W32.Bugbear.B@mm 5 W32.Swen.A@mm 6 IRC Trojan 7 HTML.Redlof.A 8 Download.Trojan 9 Trojan.Bootconf 10 W32.Klez.H@mm ********************************************************************** ** New Technologies ** ********************************************************************** DATE Technologies Added ---- ------------------ 08/02/01 * Engine Update 08/02/01 * All products that use the NAVEX 1.5 architecture (in other words, most major Symantec products released over the last 3 - 4 years) will receive the new functionality. * This enhanced technology provides improved script scanning as well as more proactive detection of unknown script-based threats. ********************************************************************** ** Changes Incorporated Into This Virus Definitions Update ** ********************************************************************** DATE ---- New virus definitions (sorted by Virus Name): Virus Name Infection Type Date added ---------- -------------- --------- Adware.Cax File infector 01/23/04 Adware.EZSearch File infector 01/26/04 Adware.Envolo File infector 01/30/04 Adware.FastSeek File infector 01/26/04 Adware.IEDriver File infector 01/24/04 Adware.Jraun File infector 01/18/04 Adware.MarketScore File infector 01/14/04 Adware.Purityscan.b File infector 02/03/04 Adware.Searchsquire File infector 01/14/04 Adware.WinFavorites File infector 01/20/04 BAT.Wonger@mm File infector 01/29/04 Backdoor.Aphexdoor File infector 01/28/04 Backdoor.IRC.Aladinz.G File infector 01/15/04 Backdoor.IRC.Aladinz.H File infector 01/18/04 Backdoor.IRC.Aladinz.I File infector 01/18/04 Backdoor.OptixPro.13b File infector 01/22/04 Backdoor.Pazus File infector 01/16/04 Backdoor.Tuxder File infector 01/20/04 Boot.Malmo Boot infector 01/19/04 Boot.Ramones Boot infector 01/19/04 Born.1037 File infector 02/02/04 Born.1038 File infector 02/02/04 Burn.743 File infector 02/02/04 Burn.759 File infector 02/02/04 Burn.773 File infector 02/02/04 Cybertech.225.b File infector 02/02/04 Cybertech.507 File infector 02/02/04 Dialer.MP3Cell File infector 01/15/04 Dialer.SexFiles File infector 01/27/04 Downloader.Mimail.B File infector 01/15/04 Hacktool.ClearEL File infector 01/23/04 Hacktool.Exploit.Msgr File infector 01/14/04 Hacktool.Spoofer File infector 01/16/04 Hacktool.X-Scan File infector 01/18/04 Hare.gen File and Boot infector 01/15/04 JS.Sinop File infector 01/29/04 Joke.Nonsense File infector 01/18/04 Keylogger.Stawin File infector 01/29/04 Mandra.559 File infector 01/26/04 PHP.Rabow File infector 01/29/04 PWSteal.Olbaid File infector 01/29/04 Small.88 File infector 01/26/04 Spyware.Keyspy File infector 01/26/04 Spyware.Perfect.dr File infector 01/19/04 Trojan.Bookmarker.C File infector 01/16/04 Trojan.Bookmarker.D File infector 01/23/04 Trojan.Bookmarker.E File infector 01/28/04 Trojan.Download.Inor.B File infector 01/23/04 Trojan.Httpdos File infector 01/20/04 Trojan.Mitglieder File infector 01/20/04 Trojan.Mitglieder.B File infector 01/20/04 Trojan.Mitglieder.C File infector 01/20/04 VBS.Clex File infector 02/04/04 VBS.Shania File infector 02/02/04 VBS.StartPage.B File infector 01/27/04 VBS.Zsyang.B@mm File infector 01/19/04 W32.Beagle.A@mm File infector 01/18/04 W32.Blaster.K.Worm File infector 02/04/04 W32.Dumaru.AD@mm File infector 02/03/04 W32.Dumaru.Gen@mm File infector 01/26/04 W32.Dumaru.Y@mm File infector 01/24/04 W32.Dumaru.Z@mm File infector 01/26/04 W32.Evolmi.Worm File infector 02/04/04 W32.Fesber.Worm File infector 02/04/04 W32.Flyp File infector 01/28/04 W32.Galil.F@mm File infector 02/03/04 W32.HLLC.Elpmis File infector 01/15/04 W32.HLLW.Anig File infector 01/29/04 W32.HLLW.Aozo File infector 02/04/04 W32.HLLW.Chemsvy File infector 02/03/04 W32.HLLW.Gaobot.HY File infector 01/28/04 W32.HLLW.Hofox@mm File infector 02/04/04 W32.HLLW.Pokibat File infector 01/27/04 W32.HLLW.Raleka.B File infector 01/18/04 W32.HLLW.Reven File infector 02/04/04 W32.HLLW.Sanker File infector 01/22/04 W32.Hostidel.Trojan.C File infector 02/04/04 W32.IRCBot.C File infector 01/28/04 W32.Mimail.Q@mm File infector 01/26/04 W32.Mimail.R@mm File infector 01/28/04 W32.Mydoom.A@mm.enc File infector 02/03/04 W32.Mydoom.B@mm File infector 01/28/04 W32.Novarg.A@mm File infector 01/26/04 W32.Protoride.Worm File infector 01/16/04 W32.Randex.FC File infector 01/29/04 W32.Stuplo File infector 01/15/04 W97M.Ansec File infector 01/28/04 W97M.Coloop File infector 01/28/04 W97M.DebilByte.B File infector 01/20/04 W97M.Manuiela.Int File infector 01/26/04 W97M.Neurodo.A File infector 01/26/04 W97M.Nid.B File infector 01/20/04 W97M.Quala File infector 01/28/04 W97M.Vitna File infector 01/28/04 Wimp.1430 File infector 01/28/04 Worf.303 File infector 02/02/04 Worm.Automat.AHH File infector 01/22/04 X97M.Doccopy.F File infector 01/30/04 X97M.Salan File infector 01/28/04 X97M.Seitty File infector 01/30/04 New virus definitions (sorted by Date added): Virus Name Infection Type Date added ---------- -------------- ---------- VBS.Clex File infector 02/04/04 W32.Blaster.K.Worm File infector 02/04/04 W32.Evolmi.Worm File infector 02/04/04 W32.Fesber.Worm File infector 02/04/04 W32.HLLW.Aozo File infector 02/04/04 W32.HLLW.Hofox@mm File infector 02/04/04 W32.HLLW.Reven File infector 02/04/04 W32.Hostidel.Trojan.C File infector 02/04/04 Adware.Purityscan.b File infector 02/03/04 W32.Dumaru.AD@mm File infector 02/03/04 W32.Galil.F@mm File infector 02/03/04 W32.HLLW.Chemsvy File infector 02/03/04 W32.Mydoom.A@mm.enc File infector 02/03/04 Born.1037 File infector 02/02/04 Born.1038 File infector 02/02/04 Burn.743 File infector 02/02/04 Burn.759 File infector 02/02/04 Burn.773 File infector 02/02/04 Cybertech.225.b File infector 02/02/04 Cybertech.507 File infector 02/02/04 VBS.Shania File infector 02/02/04 Worf.303 File infector 02/02/04 Adware.Envolo File infector 01/30/04 X97M.Doccopy.F File infector 01/30/04 X97M.Seitty File infector 01/30/04 BAT.Wonger@mm File infector 01/29/04 JS.Sinop File infector 01/29/04 Keylogger.Stawin File infector 01/29/04 PHP.Rabow File infector 01/29/04 PWSteal.Olbaid File infector 01/29/04 W32.HLLW.Anig File infector 01/29/04 W32.Randex.FC File infector 01/29/04 Backdoor.Aphexdoor File infector 01/28/04 Trojan.Bookmarker.E File infector 01/28/04 W32.Flyp File infector 01/28/04 W32.HLLW.Gaobot.HY File infector 01/28/04 W32.IRCBot.C File infector 01/28/04 W32.Mimail.R@mm File infector 01/28/04 W32.Mydoom.B@mm File infector 01/28/04 W97M.Ansec File infector 01/28/04 W97M.Coloop File infector 01/28/04 W97M.Quala File infector 01/28/04 W97M.Vitna File infector 01/28/04 Wimp.1430 File infector 01/28/04 X97M.Salan File infector 01/28/04 Dialer.SexFiles File infector 01/27/04 VBS.StartPage.B File infector 01/27/04 W32.HLLW.Pokibat File infector 01/27/04 Adware.EZSearch File infector 01/26/04 Adware.FastSeek File infector 01/26/04 Mandra.559 File infector 01/26/04 Small.88 File infector 01/26/04 Spyware.Keyspy File infector 01/26/04 W32.Dumaru.Gen@mm File infector 01/26/04 W32.Dumaru.Z@mm File infector 01/26/04 W32.Mimail.Q@mm File infector 01/26/04 W32.Novarg.A@mm File infector 01/26/04 W97M.Manuiela.Int File infector 01/26/04 W97M.Neurodo.A File infector 01/26/04 Adware.IEDriver File infector 01/24/04 W32.Dumaru.Y@mm File infector 01/24/04 Adware.Cax File infector 01/23/04 Hacktool.ClearEL File infector 01/23/04 Trojan.Bookmarker.D File infector 01/23/04 Trojan.Download.Inor.B File infector 01/23/04 Backdoor.OptixPro.13b File infector 01/22/04 W32.HLLW.Sanker File infector 01/22/04 Worm.Automat.AHH File infector 01/22/04 Adware.WinFavorites File infector 01/20/04 Backdoor.Tuxder File infector 01/20/04 Trojan.Httpdos File infector 01/20/04 Trojan.Mitglieder File infector 01/20/04 Trojan.Mitglieder.B File infector 01/20/04 Trojan.Mitglieder.C File infector 01/20/04 W97M.DebilByte.B File infector 01/20/04 W97M.Nid.B File infector 01/20/04 Boot.Malmo Boot infector 01/19/04 Boot.Ramones Boot infector 01/19/04 Spyware.Perfect.dr File infector 01/19/04 VBS.Zsyang.B@mm File infector 01/19/04 Adware.Jraun File infector 01/18/04 Backdoor.IRC.Aladinz.H File infector 01/18/04 Backdoor.IRC.Aladinz.I File infector 01/18/04 Hacktool.X-Scan File infector 01/18/04 Joke.Nonsense File infector 01/18/04 W32.Beagle.A@mm File infector 01/18/04 W32.HLLW.Raleka.B File infector 01/18/04 Backdoor.Pazus File infector 01/16/04 Hacktool.Spoofer File infector 01/16/04 Trojan.Bookmarker.C File infector 01/16/04 W32.Protoride.Worm File infector 01/16/04 Backdoor.IRC.Aladinz.G File infector 01/15/04 Dialer.MP3Cell File infector 01/15/04 Downloader.Mimail.B File infector 01/15/04 Hare.gen File and Boot infector 01/15/04 W32.HLLC.Elpmis File infector 01/15/04 W32.Stuplo File infector 01/15/04 Adware.MarketScore File infector 01/14/04 Adware.Searchsquire File infector 01/14/04 Hacktool.Exploit.Msgr File infector 01/14/04 Name Changes (sorted by Old Virus Name): Old Virus Name New Virus Name Date changed -------------- -------------- ------------ Backdoor.IRC.Microb to Backdoor.IRC.Microb 12/05/03 Adware.CNS3721 to Adware.Wengs 10/16/03 Adware.Madfind to Backdoor.Madfind 10/31/03 Adware.Quad to Dialer.Heysan 10/27/03 Backdoor.DragonQQ to Backdoor.Dragonqq 12/01/03 Backdoor.Fxdoor to Tcl.Sendrak 01/18/04 Backdoor.Hazzer to Trojan.Hazzer 12/18/03 Backdoor.Lolok.B to W97M.Tebit 01/22/04 Backdoor.NetTrash to W32.HLLW.Nettrash 01/14/04 Backdoor.Ranck to Backdoor.Ranky 11/01/03 Backdoor.Ranck.B to Backdoor.Ranky.B 11/01/03 Backdoor.Ranck.C to Backdoor.Ranky.C 11/01/03 Backdoor.Semes to Trojan.QQMess 10/22/03 Backdoor.Togfer to Backdoor.Tofger 12/09/03 Dialer.Starsfake to W32.Adclicker.G.Trojan 10/24/03 Hacktool.DRM to Hacktool.Keygen.151552 12/01/03 Hacktool.X-Scan to Hacktool.XScan 01/19/04 IRC.Trojan.Fgt to W32.Petch 10/31/03 MHTML.Redir.Exploit to MHTMLRedir.Exploit 12/12/03 PWSteal.Leox to W32.HLLW.Leox 01/19/04 PWSteal.RTCW to Backdoor.NetTrash 01/13/04 Trojan.Confi to VBS.Confi 10/29/03 Trojan.Dalfer to Joke.Apeldorn 01/12/04 Trojan.Dalfer.B to Adware.Smartsearch 01/12/04 Trojan.Dalfer.C to W32.Spybot.WI 01/18/04 Trojan.Dalfer.C to W97M.Twopey.E 01/15/04 Trojan.Narat to Adware.Mpgcom 01/05/04 W32.ExitWin.A.Trojan to W32.Winex.A.Trojan 10/19/03 W32.Gase to W32.Gase.intd 12/30/03 W32.Gnomef.Worm to W32.Nomeg.Worm 11/05/03 W32.HLLW.Blinkon.intd to W32.Blinkon.intd 12/02/03 W32.HLLW.Gaobot.BD to W32.HLLW.Gaobot.BE 10/27/03 W32.HLLW.Gaobot.EZ to W32.HLLW.Gaobot.FB 01/05/04 W32.HLLW.Sakao to W32.Sakao 10/20/03 W32.HLLW.Torvil@mm to W32.HLLW.Torvel.B@mm 10/23/03 W32.HLLW.Wanado to W32.HLLW.Reur 10/28/03 W32.Jeremy.A to W32.Jermy.A 10/24/03 W32.Klap to W32.Taplak 11/20/03 W32.Marque@mm to W32.Marque.Worm 10/27/03 W32.Mertian@mm to W32.Mertian.Worm 12/15/03 W32.Mimail.H@mm to W32.Mimail.I@mm 11/17/03 W32.Mimail.R@mm to W32.Mimail.S@mm 01/29/04 W32.NGVCK.4920 to W32.Doggie.BX 12/01/03 W32.Novarg.A@mm to W32.Mydoom.A@mm 02/04/04 W32.Paylap@mm to W32.Mimail.H@mm 11/14/03 W32.Sahara.9728 to W32.Sahara 11/07/03 W32.Taplak to W32.HLLW.Taplak 11/26/03 W97M.Gedza to O97M.Gedza 01/22/04 W97M.Laroux.NW to X97M.Laroux.NW 11/20/03 X97M.Gedza to VBS.Vaper@mm 01/22/04 Name Changes (sorted by Date changed): Old Virus Name New Virus Name Date changed -------------- -------------- ------------ W32.Novarg.A@mm to W32.Mydoom.A@mm 02/04/04 W32.Mimail.R@mm to W32.Mimail.S@mm 01/29/04 Backdoor.Lolok.B to W97M.Tebit 01/22/04 W97M.Gedza to O97M.Gedza 01/22/04 X97M.Gedza to VBS.Vaper@mm 01/22/04 Hacktool.X-Scan to Hacktool.XScan 01/19/04 PWSteal.Leox to W32.HLLW.Leox 01/19/04 Backdoor.Fxdoor to Tcl.Sendrak 01/18/04 Trojan.Dalfer.C to W32.Spybot.WI 01/18/04 Trojan.Dalfer.C to W97M.Twopey.E 01/15/04 Backdoor.NetTrash to W32.HLLW.Nettrash 01/14/04 PWSteal.RTCW to Backdoor.NetTrash 01/13/04 Trojan.Dalfer to Joke.Apeldorn 01/12/04 Trojan.Dalfer.B to Adware.Smartsearch 01/12/04 Trojan.Narat to Adware.Mpgcom 01/05/04 W32.HLLW.Gaobot.EZ to W32.HLLW.Gaobot.FB 01/05/04 W32.Gase to W32.Gase.intd 12/30/03 Backdoor.Hazzer to Trojan.Hazzer 12/18/03 W32.Mertian@mm to W32.Mertian.Worm 12/15/03 MHTML.Redir.Exploit to MHTMLRedir.Exploit 12/12/03 Backdoor.Togfer to Backdoor.Tofger 12/09/03 Backdoor.IRC.Microb to Backdoor.IRC.Microb 12/05/03 W32.HLLW.Blinkon.intd to W32.Blinkon.intd 12/02/03 Backdoor.DragonQQ to Backdoor.Dragonqq 12/01/03 Hacktool.DRM to Hacktool.Keygen.151552 12/01/03 W32.NGVCK.4920 to W32.Doggie.BX 12/01/03 W32.Taplak to W32.HLLW.Taplak 11/26/03 W32.Klap to W32.Taplak 11/20/03 W97M.Laroux.NW to X97M.Laroux.NW 11/20/03 W32.Mimail.H@mm to W32.Mimail.I@mm 11/17/03 W32.Paylap@mm to W32.Mimail.H@mm 11/14/03 W32.Sahara.9728 to W32.Sahara 11/07/03 W32.Gnomef.Worm to W32.Nomeg.Worm 11/05/03 Backdoor.Ranck to Backdoor.Ranky 11/01/03 Backdoor.Ranck.B to Backdoor.Ranky.B 11/01/03 Backdoor.Ranck.C to Backdoor.Ranky.C 11/01/03 Adware.Madfind to Backdoor.Madfind 10/31/03 IRC.Trojan.Fgt to W32.Petch 10/31/03 Trojan.Confi to VBS.Confi 10/29/03 W32.HLLW.Wanado to W32.HLLW.Reur 10/28/03 Adware.Quad to Dialer.Heysan 10/27/03 W32.HLLW.Gaobot.BD to W32.HLLW.Gaobot.BE 10/27/03 W32.Marque@mm to W32.Marque.Worm 10/27/03 Dialer.Starsfake to W32.Adclicker.G.Trojan 10/24/03 W32.Jeremy.A to W32.Jermy.A 10/24/03 W32.HLLW.Torvil@mm to W32.HLLW.Torvel.B@mm 10/23/03 Backdoor.Semes to Trojan.QQMess 10/22/03 W32.HLLW.Sakao to W32.Sakao 10/20/03 W32.ExitWin.A.Trojan to W32.Winex.A.Trojan 10/19/03 Adware.CNS3721 to Adware.Wengs 10/16/03 Deletions (sorted by Virus Name): Virus Name Infection Type Date removed ---------- -------------- ------------ Backdoor.Aphexdoor File infector 01/28/04 Backdoor.Ciadoor.b File infector 11/24/03 Backdoor.Regate File infector 12/01/03 Dialer.Dcon File infector 11/24/03 PWSteal.Blade.Trojan File infector 12/02/03 Trojan.Bookmarker.E File infector 01/28/04 Trojan.Xombe File infector 01/09/04 W32.HLLW.Bandie File infector 11/24/03 W32.HLLW.Freity@mm File infector 11/24/03 W32.HLLW.Gaobot.HY File infector 01/28/04 W32.HLLW.Gaobot.gen File infector 11/24/03 W32.HLLW.Xbotor File infector 11/24/03 W32.Headout File infector 11/24/03 W32.IRCBot.C File infector 01/28/04 W32.Mydoom.B@mm File infector 01/28/04 W32.Notime File infector 11/24/03 W32.Titog.L.Worm File infector 01/09/04 W32.Widare File infector 11/24/03 W95.Poson File infector 11/24/03 Wimp.1430 File infector 01/28/04 Deletions (sorted by Date removed): Virus Name Infection Type Date removed ---------- -------------- ------------ Backdoor.Aphexdoor File infector 01/28/04 Trojan.Bookmarker.E File infector 01/28/04 W32.HLLW.Gaobot.HY File infector 01/28/04 W32.IRCBot.C File infector 01/28/04 W32.Mydoom.B@mm File infector 01/28/04 Wimp.1430 File infector 01/28/04 Trojan.Xombe File infector 01/09/04 W32.Titog.L.Worm File infector 01/09/04 PWSteal.Blade.Trojan File infector 12/02/03 Backdoor.Regate File infector 12/01/03 Backdoor.Ciadoor.b File infector 11/24/03 Dialer.Dcon File infector 11/24/03 W32.HLLW.Bandie File infector 11/24/03 W32.HLLW.Freity@mm File infector 11/24/03 W32.HLLW.Gaobot.gen File infector 11/24/03 W32.HLLW.Xbotor File infector 11/24/03 W32.Headout File infector 11/24/03 W32.Notime File infector 11/24/03 W32.Widare File infector 11/24/03 W95.Poson File infector 11/24/03 ********************************************************************** ** Additional Information ** ********************************************************************** Additional information regarding this virus definitions update can be found in UPDATE.TXT and TECHNOTE.TXT.