********************************************************************** ** ** ** What's New in the NAV Virus Definitions Files WHATSNEW.TXT ** ** ** ** Symantec Security Response November 13, 2002 ** ** ** ********************************************************************** This document contains the following topics: * Virus Alerts * New Technologies * Changes Incorporated Into This Update * Additional Information ********************************************************************** ** Virus Alerts ** ********************************************************************** The ten most commonly reported viruses, worldwide: 1 W32.Bugbear@mm 2 W32.Klez.H@mm 3 W32.Opaserv.Worm 4 Trojan Horse 5 W95.Hybris.worm 6 W32.Datom.Worm 7 W95.Spaces.1445 8 W32.Klez.E@mm 9 W32.Yaha.F@mm 10 W95.CIH ********************************************************************** ** New Technologies ** ********************************************************************** DATE Technologies Added ---- ------------------ 08/02/01 * Engine Update 08/02/01 * All products that use the NAVEX 1.5 architecture (in other words, most major Symantec products released over the last 3 - 4 years) will receive the new functionality. * This enhanced technology provides improved script scanning as well as more proactive detection of unknown script-based threats. ********************************************************************** ** Changes Incorporated Into This Virus Definitions Update ** ********************************************************************** DATE ---- New virus definitions (sorted by Virus Name): Virus Name Infection Type Date added ---------- -------------- --------- Amuck3184.B File infector 11/05/02 BAT.Tiltel@mm File infector 10/30/02 BAT911.Worm File infector 11/05/02 Baba.494 File infector 11/12/02 Backdoor.Antilam.g1 File infector 11/11/02 Backdoor.Assasin.B File infector 11/06/02 Backdoor.Baste File infector 11/11/02 Backdoor.Cigivip File infector 11/04/02 Backdoor.Delf.D File infector 10/28/02 Backdoor.Dindang File infector 10/31/02 Backdoor.Floodnet File infector 11/01/02 Backdoor.GF.13 File infector 11/11/02 Backdoor.Klb File infector 10/30/02 Backdoor.LittleWitch.B File infector 10/28/02 Backdoor.Neodurk File infector 11/04/02 Backdoor.Niovadoor File infector 10/31/02 Backdoor.Spigot.B File infector 10/28/02 Backdoor.Wold File infector 10/31/02 Cybercide.2233 File infector 11/06/02 Danil.1560 File infector 11/06/02 Downloader.BO File infector 11/13/02 FCL.4577 File infector 11/07/02 Flashlight.966 File infector 11/12/02 HLLO.Hellow.6352 File infector 11/07/02 HLLO.Nmkami.8383 File infector 11/07/02 HLLP.5000.B(3) File infector 11/06/02 HLLP.5000.B(4) File infector 11/06/02 HLLP.5000.B(5) File infector 11/06/02 HLLP.Deleter.6048 File infector 11/06/02 HLLP.EW.7838 File infector 11/06/02 HLLP.Metra.6161 File infector 11/13/02 HLLP.Metra.6161(2) File infector 11/13/02 HLLP.Metra.6161(3) File infector 11/13/02 Ivanyan.895 File infector 11/06/02 JS.Seeker.I File infector 11/12/02 Jerusalem.1664 File infector 11/06/02 MTZ.2501 File infector 11/13/02 Mandrago.556 File infector 11/12/02 Oggo.3837 File infector 11/07/02 PWSteal.Antigen File infector 10/31/02 Sinto.585 File infector 11/05/02 Syst.1750 File infector 11/13/02 Syst.1764 File infector 11/13/02 Taiwan.743.B File infector 11/13/02 Tourofduty.1600 File infector 11/06/02 Trojan.AntiUpdater File infector 11/04/02 Trojan.Houpe File infector 11/06/02 Trojan.Iblis File infector 10/28/02 Trojan.Pet File infector 11/06/02 Trojan.Sharecom File infector 11/06/02 Trojan.Zasil File infector 11/05/02 VBS.Breberka@mm File infector 10/28/02 VBS.Dagli@mm File infector 10/31/02 VBS.Draft@mm File infector 10/28/02 VBS.Futonik@mm File infector 10/28/02 VBS.Intr@mm File infector 10/28/02 VBS.Likun@mm File infector 10/30/02 VBS.Melhack.C@mm File infector 11/04/02 VBS.Pics@mm File infector 10/28/02 VBS.Pocus File infector 10/28/02 VBS.Santa@mm File infector 10/30/02 VBS.Sillyworm.int File infector 10/30/02 VBS.Zsyang@m File infector 10/30/02 W32.Acint File infector 11/13/02 W32.Alcatap.Worm File infector 11/06/02 W32.Alkie File infector 11/06/02 W32.Amani@mm File infector 10/30/02 W32.Anel@mm File infector 10/30/02 W32.Antiqfx.F.Worm File infector 11/04/02 W32.Appix.D.Worm File infector 10/31/02 W32.Brid.A@mm File infector 11/04/02 W32.Chili File infector 11/13/02 W32.Fanta.B.Worm File infector 11/04/02 W32.Fregit@mm File infector 11/11/02 W32.Gaze@mm File infector 10/31/02 W32.Gezak File infector 10/30/02 W32.HLLO.28672 File infector 11/06/02 W32.HLLO.Homer.C File infector 11/07/02 W32.HLLO.Mario File infector 11/06/02 W32.HLLW.Amazex File infector 11/12/02 W32.HLLW.Enviar File infector 10/31/02 W32.HLLW.Nopadex File infector 11/06/02 W32.HLLW.Oror.B@mm File infector 11/06/02 W32.HLLW.Smilex File infector 11/06/02 W32.Jonbarr.B@mm File infector 11/11/02 W32.Kalm@mm File infector 10/31/02 W32.Karimex File infector 10/30/02 W32.Manex.Worm File infector 11/11/02 W32.Opaserv.G.Worm File infector 10/30/02 W32.Opaserv.H.Worm File infector 11/12/02 W32.Poscal.Worm File infector 11/07/02 W32.STD.D File infector 10/30/02 W32.Sponge@mm File infector 10/30/02 W32.Sponge@mm (html) File infector 10/30/02 W32.Tossed@mm File infector 10/30/02 W32.Wun.Irc File infector 11/06/02 W95.Atav.2073 File infector 11/07/02 W95.Paddi File infector 11/04/02 W97M.Sponge File infector 10/30/02 Wanderer.1332 File infector 11/07/02 New virus definitions (sorted by Date added): Virus Name Infection Type Date added ---------- -------------- ---------- Downloader.BO File infector 11/13/02 HLLP.Metra.6161 File infector 11/13/02 HLLP.Metra.6161(2) File infector 11/13/02 HLLP.Metra.6161(3) File infector 11/13/02 MTZ.2501 File infector 11/13/02 Syst.1750 File infector 11/13/02 Syst.1764 File infector 11/13/02 Taiwan.743.B File infector 11/13/02 W32.Acint File infector 11/13/02 W32.Chili File infector 11/13/02 Baba.494 File infector 11/12/02 Flashlight.966 File infector 11/12/02 JS.Seeker.I File infector 11/12/02 Mandrago.556 File infector 11/12/02 W32.HLLW.Amazex File infector 11/12/02 W32.Opaserv.H.Worm File infector 11/12/02 Backdoor.Antilam.g1 File infector 11/11/02 Backdoor.Baste File infector 11/11/02 Backdoor.GF.13 File infector 11/11/02 W32.Fregit@mm File infector 11/11/02 W32.Jonbarr.B@mm File infector 11/11/02 W32.Manex.Worm File infector 11/11/02 FCL.4577 File infector 11/07/02 HLLO.Hellow.6352 File infector 11/07/02 HLLO.Nmkami.8383 File infector 11/07/02 Oggo.3837 File infector 11/07/02 W32.HLLO.Homer.C File infector 11/07/02 W32.Poscal.Worm File infector 11/07/02 W95.Atav.2073 File infector 11/07/02 Wanderer.1332 File infector 11/07/02 Backdoor.Assasin.B File infector 11/06/02 Cybercide.2233 File infector 11/06/02 Danil.1560 File infector 11/06/02 HLLP.5000.B(3) File infector 11/06/02 HLLP.5000.B(4) File infector 11/06/02 HLLP.5000.B(5) File infector 11/06/02 HLLP.Deleter.6048 File infector 11/06/02 HLLP.EW.7838 File infector 11/06/02 Ivanyan.895 File infector 11/06/02 Jerusalem.1664 File infector 11/06/02 Tourofduty.1600 File infector 11/06/02 Trojan.Houpe File infector 11/06/02 Trojan.Pet File infector 11/06/02 Trojan.Sharecom File infector 11/06/02 W32.Alcatap.Worm File infector 11/06/02 W32.Alkie File infector 11/06/02 W32.HLLO.28672 File infector 11/06/02 W32.HLLO.Mario File infector 11/06/02 W32.HLLW.Nopadex File infector 11/06/02 W32.HLLW.Oror.B@mm File infector 11/06/02 W32.HLLW.Smilex File infector 11/06/02 W32.Wun.Irc File infector 11/06/02 Amuck3184.B File infector 11/05/02 BAT911.Worm File infector 11/05/02 Sinto.585 File infector 11/05/02 Trojan.Zasil File infector 11/05/02 Backdoor.Cigivip File infector 11/04/02 Backdoor.Neodurk File infector 11/04/02 Trojan.AntiUpdater File infector 11/04/02 VBS.Melhack.C@mm File infector 11/04/02 W32.Antiqfx.F.Worm File infector 11/04/02 W32.Brid.A@mm File infector 11/04/02 W32.Fanta.B.Worm File infector 11/04/02 W95.Paddi File infector 11/04/02 Backdoor.Floodnet File infector 11/01/02 Backdoor.Dindang File infector 10/31/02 Backdoor.Niovadoor File infector 10/31/02 Backdoor.Wold File infector 10/31/02 PWSteal.Antigen File infector 10/31/02 VBS.Dagli@mm File infector 10/31/02 W32.Appix.D.Worm File infector 10/31/02 W32.Gaze@mm File infector 10/31/02 W32.HLLW.Enviar File infector 10/31/02 W32.Kalm@mm File infector 10/31/02 BAT.Tiltel@mm File infector 10/30/02 Backdoor.Klb File infector 10/30/02 VBS.Likun@mm File infector 10/30/02 VBS.Santa@mm File infector 10/30/02 VBS.Sillyworm.int File infector 10/30/02 VBS.Zsyang@m File infector 10/30/02 W32.Amani@mm File infector 10/30/02 W32.Anel@mm File infector 10/30/02 W32.Gezak File infector 10/30/02 W32.Karimex File infector 10/30/02 W32.Opaserv.G.Worm File infector 10/30/02 W32.STD.D File infector 10/30/02 W32.Sponge@mm File infector 10/30/02 W32.Sponge@mm (html) File infector 10/30/02 W32.Tossed@mm File infector 10/30/02 W97M.Sponge File infector 10/30/02 Backdoor.Delf.D File infector 10/28/02 Backdoor.LittleWitch.B File infector 10/28/02 Backdoor.Spigot.B File infector 10/28/02 Trojan.Iblis File infector 10/28/02 VBS.Breberka@mm File infector 10/28/02 VBS.Draft@mm File infector 10/28/02 VBS.Futonik@mm File infector 10/28/02 VBS.Intr@mm File infector 10/28/02 VBS.Pics@mm File infector 10/28/02 VBS.Pocus File infector 10/28/02 Name Changes (sorted by Old Virus Name): Old Virus Name New Virus Name Date changed -------------- -------------- ------------ Backdoor.Dumba to Trojan.Dumba 09/23/02 Backdoor.Floodnet to Backdoor.Endool 11/13/02 Bin.Auto.AZL to PS-MPC.535.B 09/13/02 HLLC.HappyFlowers to W32.HLLC.Happylow 09/11/02 IRC.Pelic.Worm to VBS.Pelic.Worm 10/02/02 Syst.1665 to AOD.385.B 10/28/02 Trojan.Imiserv to Backdoor.Imiserv 09/19/02 Trojan.PWS.QQPass.gKb6 to Trojan.PWS.QQPass.C 10/18/02 VBS.Likun@mm to VBS.Likun 11/05/02 VBS.Thambl to VBS.Lavra.B.Worm 09/12/02 W32.Alcarys.H to W32.HLLP.Flate 09/11/02 W32.Alcatap.Worm to W32.Hobble.F@mm 11/08/02 W32.Alpoor.6144 to W32.HLLP.Alpoor 09/20/02 W32.Efno.Worm to W32.HLLW.Efno 09/16/02 W32.Fanta.B.Worm to Fanta.Trojan.Dr 11/06/02 W32.Fanta.worm to Fanta.Trojan 11/06/02 W32.Gezak to W32.Prodvin 11/06/02 W32.HLLO.Mario to W32.HLLO.Marion 11/08/02 W32.HLLO.Samand to W32.HLLC.Samand 10/10/02 W32.HLLP.Alpoor to W32.HLLP.Flate.C 09/25/02 W32.HLLW.Smilex to W32.Stupid.D 11/08/02 W32.Jonbarr.B@mm to W32.Jonbarr.C@mm 11/12/02 W32.Manex.Worm to W32.HLLW.Manex 11/12/02 W32.Protex.Worm to W32.Duksten.B@mm 10/24/02 W32.Seesix.Worm to W32.HLLP.VB.14336.C 11/04/02 W32.Topsec.Worm to W32.Topsec 10/14/02 W32.Tossed@mm to HLLW.Tossed@mm 11/06/02 W32.Walcomp to W32.HLLC.Happylow 09/13/02 W32.Wun.Irc to W32.Wuno.Irc 11/08/02 W95.Sleepyhead to W95.Sleepyhead.5632 10/22/02 Name Changes (sorted by Date changed): Old Virus Name New Virus Name Date changed -------------- -------------- ------------ Backdoor.Floodnet to Backdoor.Endool 11/13/02 W32.Jonbarr.B@mm to W32.Jonbarr.C@mm 11/12/02 W32.Manex.Worm to W32.HLLW.Manex 11/12/02 W32.Alcatap.Worm to W32.Hobble.F@mm 11/08/02 W32.HLLO.Mario to W32.HLLO.Marion 11/08/02 W32.HLLW.Smilex to W32.Stupid.D 11/08/02 W32.Wun.Irc to W32.Wuno.Irc 11/08/02 W32.Fanta.B.Worm to Fanta.Trojan.Dr 11/06/02 W32.Fanta.worm to Fanta.Trojan 11/06/02 W32.Gezak to W32.Prodvin 11/06/02 W32.Tossed@mm to HLLW.Tossed@mm 11/06/02 VBS.Likun@mm to VBS.Likun 11/05/02 W32.Seesix.Worm to W32.HLLP.VB.14336.C 11/04/02 Syst.1665 to AOD.385.B 10/28/02 W32.Protex.Worm to W32.Duksten.B@mm 10/24/02 W95.Sleepyhead to W95.Sleepyhead.5632 10/22/02 Trojan.PWS.QQPass.gKb6 to Trojan.PWS.QQPass.C 10/18/02 W32.Topsec.Worm to W32.Topsec 10/14/02 W32.HLLO.Samand to W32.HLLC.Samand 10/10/02 IRC.Pelic.Worm to VBS.Pelic.Worm 10/02/02 W32.HLLP.Alpoor to W32.HLLP.Flate.C 09/25/02 Backdoor.Dumba to Trojan.Dumba 09/23/02 W32.Alpoor.6144 to W32.HLLP.Alpoor 09/20/02 Trojan.Imiserv to Backdoor.Imiserv 09/19/02 W32.Efno.Worm to W32.HLLW.Efno 09/16/02 Bin.Auto.AZL to PS-MPC.535.B 09/13/02 W32.Walcomp to W32.HLLC.Happylow 09/13/02 VBS.Thambl to VBS.Lavra.B.Worm 09/12/02 HLLC.HappyFlowers to W32.HLLC.Happylow 09/11/02 W32.Alcarys.H to W32.HLLP.Flate 09/11/02 Deletions (sorted by Virus Name): Virus Name Infection Type Date removed ---------- -------------- ------------ BAT911.Worm File infector 11/05/02 JS.WindowBomb File infector 09/26/02 VBS.Breberka@mm File infector 10/29/02 VBS.Draft@mm File infector 10/29/02 VBS.Futonik@mm File infector 10/29/02 W32.Compo File infector 10/21/02 W32.HLLC.Happylow File infector 09/13/02 W32.Hotlix.Worm File infector 11/12/02 W97M.Pane File infector 10/11/02 Deletions (sorted by Date removed): Virus Name Infection Type Date removed ---------- -------------- ------------ W32.Hotlix.Worm File infector 11/12/02 BAT911.Worm File infector 11/05/02 VBS.Breberka@mm File infector 10/29/02 VBS.Draft@mm File infector 10/29/02 VBS.Futonik@mm File infector 10/29/02 W32.Compo File infector 10/21/02 W97M.Pane File infector 10/11/02 JS.WindowBomb File infector 09/26/02 W32.HLLC.Happylow File infector 09/13/02 ********************************************************************** ** Additional Information ** ********************************************************************** Additional information regarding this virus definitions update can be found in UPDATE.TXT and TECHNOTE.TXT.