********************************************************************** ** ** ** What's New in the NAV Virus Definitions Files WHATSNEW.TXT ** ** ** ** Symantec Security Response January 15, 2003 ** ** ** ********************************************************************** This document contains the following topics: * Virus Alerts * New Technologies * Changes Incorporated Into This Update * Additional Information ********************************************************************** ** Virus Alerts ** ********************************************************************** The ten most commonly reported viruses, worldwide: 1 W32.Bugbear@mm 2 W32.Klez.H@mm 3 W32.Opaserv.Worm 4 Trojan Horse 5 W95.Hybris.worm 6 W32.Datom.Worm 7 W95.Spaces.1445 8 W32.Klez.E@mm 9 W32.Yaha.F@mm 10 W95.CIH ********************************************************************** ** New Technologies ** ********************************************************************** DATE Technologies Added ---- ------------------ 08/02/01 * Engine Update 08/02/01 * All products that use the NAVEX 1.5 architecture (in other words, most major Symantec products released over the last 3 - 4 years) will receive the new functionality. * This enhanced technology provides improved script scanning as well as more proactive detection of unknown script-based threats. ********************************************************************** ** Changes Incorporated Into This Virus Definitions Update ** ********************************************************************** DATE ---- New virus definitions (sorted by Virus Name): Virus Name Infection Type Date added ---------- -------------- --------- Annihilator.449 File infector 01/14/03 Anti-Aznar.666 File infector 01/13/03 BAT.Vandeed.Worm File infector 01/15/03 Backdoor.FTP.Casus File infector 01/14/03 Backdoor.Revrs.B File infector 01/15/03 Beer.1835(x) File infector 01/10/03 Bin.Auto.CAV File infector 01/10/03 Bin.Auto.CAW File infector 01/10/03 Bin.Auto.CAX File infector 01/10/03 Bin.Auto.CAY File infector 01/10/03 Bin.Auto.CAZ File infector 01/10/03 Bin.Auto.CBA File infector 01/10/03 Bin.Auto.CBB File infector 01/10/03 Bin.Auto.CBK File infector 01/13/03 Bin.Auto.CBL File infector 01/14/03 Bin.Auto.CBM File infector 01/14/03 Bin.Auto.CBN File infector 01/14/03 Bin.Auto.CBO File infector 01/14/03 Bin.Auto.CBP File infector 01/14/03 Bin.Auto.CBQ File infector 01/14/03 Bin.Auto.CBR File infector 01/14/03 Bin.Auto.CBS File infector 01/14/03 Bin.Auto.CBT File infector 01/14/03 Bin.Auto.CBU File infector 01/14/03 Bin.Auto.CBV File infector 01/14/03 Bin.Auto.CBW File infector 01/14/03 Bin.Auto.CBX File infector 01/14/03 Bin.Auto.CBY File infector 01/14/03 Bin.Auto.CBZ File infector 01/14/03 Bin.Auto.CCA File infector 01/14/03 Bin.Auto.CCB File infector 01/14/03 Bin.Auto.CCC File infector 01/14/03 Bin.Auto.CCD File infector 01/14/03 Bin.Auto.CCE File infector 01/14/03 Bin.Auto.CCF File infector 01/14/03 Bin.Auto.CCG File infector 01/14/03 Bin.Auto.CCH File infector 01/14/03 Bin.Auto.CCI File infector 01/14/03 Bin.Auto.CCJ File infector 01/14/03 Bin.Auto.CCK File infector 01/14/03 Bin.Auto.CCL File infector 01/14/03 Bin.Auto.CCM File infector 01/15/03 Bin.Auto.CCN File infector 01/15/03 Bin.Auto.CCO File infector 01/15/03 Bin.Auto.CCP File infector 01/15/03 Bin.Auto.CCQ File infector 01/15/03 Bin.Auto.CCR File infector 01/15/03 Bin.Auto.CCS File infector 01/15/03 Bin.Auto.CCT File infector 01/15/03 Bin.Auto.CCU File infector 01/15/03 Bin.Auto.CCV File infector 01/15/03 Bin.Auto.CCW File infector 01/15/03 Bin.Auto.CCX File infector 01/15/03 Bin.Auto.CCY File infector 01/15/03 Bin.Auto.CCZ File infector 01/15/03 Bin.Auto.CDA File infector 01/15/03 Bin.Auto.CDB File infector 01/15/03 Bin.Auto.CDC File infector 01/15/03 Bin.Auto.CDD File infector 01/15/03 Bin.Auto.CDE File infector 01/15/03 Bin.Auto.CDF File infector 01/15/03 Bin.Auto.CDG File infector 01/15/03 DG.386 File infector 01/15/03 Ded.family File infector 01/15/03 Deicide.520 File infector 01/15/03 Demorali.359 File infector 01/15/03 Direc.834 File infector 01/15/03 Drdoom.family File infector 01/15/03 Drjohn.2000 File infector 01/15/03 Drozd.family File infector 01/15/03 Dy.285 File infector 01/15/03 Dys.1310 File infector 01/15/03 Edit.684 File infector 01/14/03 HLLP.GID.11824 File infector 01/14/03 HLLP.Teterin.7878 File infector 01/14/03 Perl.Chifier File infector 01/15/03 Perl.Hoakin File infector 01/15/03 Python.Bud File infector 01/15/03 SH.Corona File infector 01/15/03 SH.Kru File infector 01/15/03 Trojan.Day22 File infector 01/14/03 Trojan.Ivanet File infector 01/14/03 Trojan.Linux.JBellz File infector 01/15/03 Trojan.Linux.JBellz.dr File infector 01/15/03 Trojan.PWS.QQPass.D File infector 01/15/03 VBS.Betta.A File infector 01/15/03 VBS.Chistes@mm File infector 01/14/03 VBS.Keinef File infector 01/15/03 VBS.Moon.B File infector 01/15/03 VBS.StartPage File infector 01/15/03 W32.Bokya.Int File infector 01/15/03 W32.Deev.B@mm File infector 01/14/03 W32.HLLW.Veednav.B File infector 01/14/03 W32.Horo@mm File infector 01/14/03 W32.Keck.1933 File infector 01/15/03 W32.Sahay.A@mm File infector 01/15/03 W32.Socay.Worm File infector 01/15/03 W32.Yaha.K@mm.enc File infector 01/15/03 X97M.Jasmine.intd File infector 01/15/03 X97M.Marysol.intd File infector 01/15/03 New virus definitions (sorted by Date added): Virus Name Infection Type Date added ---------- -------------- ---------- BAT.Vandeed.Worm File infector 01/15/03 Backdoor.Revrs.B File infector 01/15/03 Bin.Auto.CCM File infector 01/15/03 Bin.Auto.CCN File infector 01/15/03 Bin.Auto.CCO File infector 01/15/03 Bin.Auto.CCP File infector 01/15/03 Bin.Auto.CCQ File infector 01/15/03 Bin.Auto.CCR File infector 01/15/03 Bin.Auto.CCS File infector 01/15/03 Bin.Auto.CCT File infector 01/15/03 Bin.Auto.CCU File infector 01/15/03 Bin.Auto.CCV File infector 01/15/03 Bin.Auto.CCW File infector 01/15/03 Bin.Auto.CCX File infector 01/15/03 Bin.Auto.CCY File infector 01/15/03 Bin.Auto.CCZ File infector 01/15/03 Bin.Auto.CDA File infector 01/15/03 Bin.Auto.CDB File infector 01/15/03 Bin.Auto.CDC File infector 01/15/03 Bin.Auto.CDD File infector 01/15/03 Bin.Auto.CDE File infector 01/15/03 Bin.Auto.CDF File infector 01/15/03 Bin.Auto.CDG File infector 01/15/03 DG.386 File infector 01/15/03 Ded.family File infector 01/15/03 Deicide.520 File infector 01/15/03 Demorali.359 File infector 01/15/03 Direc.834 File infector 01/15/03 Drdoom.family File infector 01/15/03 Drjohn.2000 File infector 01/15/03 Drozd.family File infector 01/15/03 Dy.285 File infector 01/15/03 Dys.1310 File infector 01/15/03 Perl.Chifier File infector 01/15/03 Perl.Hoakin File infector 01/15/03 Python.Bud File infector 01/15/03 SH.Corona File infector 01/15/03 SH.Kru File infector 01/15/03 Trojan.Linux.JBellz File infector 01/15/03 Trojan.Linux.JBellz.dr File infector 01/15/03 Trojan.PWS.QQPass.D File infector 01/15/03 VBS.Betta.A File infector 01/15/03 VBS.Keinef File infector 01/15/03 VBS.Moon.B File infector 01/15/03 VBS.StartPage File infector 01/15/03 W32.Bokya.Int File infector 01/15/03 W32.Keck.1933 File infector 01/15/03 W32.Sahay.A@mm File infector 01/15/03 W32.Socay.Worm File infector 01/15/03 W32.Yaha.K@mm.enc File infector 01/15/03 X97M.Jasmine.intd File infector 01/15/03 X97M.Marysol.intd File infector 01/15/03 Annihilator.449 File infector 01/14/03 Backdoor.FTP.Casus File infector 01/14/03 Bin.Auto.CBL File infector 01/14/03 Bin.Auto.CBM File infector 01/14/03 Bin.Auto.CBN File infector 01/14/03 Bin.Auto.CBO File infector 01/14/03 Bin.Auto.CBP File infector 01/14/03 Bin.Auto.CBQ File infector 01/14/03 Bin.Auto.CBR File infector 01/14/03 Bin.Auto.CBS File infector 01/14/03 Bin.Auto.CBT File infector 01/14/03 Bin.Auto.CBU File infector 01/14/03 Bin.Auto.CBV File infector 01/14/03 Bin.Auto.CBW File infector 01/14/03 Bin.Auto.CBX File infector 01/14/03 Bin.Auto.CBY File infector 01/14/03 Bin.Auto.CBZ File infector 01/14/03 Bin.Auto.CCA File infector 01/14/03 Bin.Auto.CCB File infector 01/14/03 Bin.Auto.CCC File infector 01/14/03 Bin.Auto.CCD File infector 01/14/03 Bin.Auto.CCE File infector 01/14/03 Bin.Auto.CCF File infector 01/14/03 Bin.Auto.CCG File infector 01/14/03 Bin.Auto.CCH File infector 01/14/03 Bin.Auto.CCI File infector 01/14/03 Bin.Auto.CCJ File infector 01/14/03 Bin.Auto.CCK File infector 01/14/03 Bin.Auto.CCL File infector 01/14/03 Edit.684 File infector 01/14/03 HLLP.GID.11824 File infector 01/14/03 HLLP.Teterin.7878 File infector 01/14/03 Trojan.Day22 File infector 01/14/03 Trojan.Ivanet File infector 01/14/03 VBS.Chistes@mm File infector 01/14/03 W32.Deev.B@mm File infector 01/14/03 W32.HLLW.Veednav.B File infector 01/14/03 W32.Horo@mm File infector 01/14/03 Anti-Aznar.666 File infector 01/13/03 Bin.Auto.CBK File infector 01/13/03 Beer.1835(x) File infector 01/10/03 Bin.Auto.CAV File infector 01/10/03 Bin.Auto.CAW File infector 01/10/03 Bin.Auto.CAX File infector 01/10/03 Bin.Auto.CAY File infector 01/10/03 Bin.Auto.CAZ File infector 01/10/03 Bin.Auto.CBA File infector 01/10/03 Bin.Auto.CBB File infector 01/10/03 Name Changes (sorted by Old Virus Name): Old Virus Name New Virus Name Date changed -------------- -------------- ------------ BAT.Junkboat@mm to W32.Enerlam.2774 12/05/02 Backdoor.Dumba to Trojan.Dumba 09/23/02 Backdoor.Floodnet to Backdoor.Endool 11/13/02 Bin.Auto.AZL to PS-MPC.535.B 09/13/02 Cruiser.1120 to Cruiser.1120.Int 11/26/02 Dik.1393 to Dik.1393.Int 11/26/02 HLLC.HappyFlowers to W32.HLLC.Happylow 09/11/02 IRC.Pelic.Worm to VBS.Pelic.Worm 10/02/02 Lonig.INT to Lonig.Kit 11/26/02 Syst.1665 to AOD.385.B 10/28/02 TAVC.Jazva to Jazva.686 11/26/02 TPE.cw.1915 to TPE.cw 01/08/03 Trojan.Imiserv to Backdoor.Imiserv 09/19/02 Trojan.PWS.QQPass.gKb6 to Trojan.PWS.QQPass.C 10/18/02 VBS.Likun@mm to VBS.Likun 11/05/02 VBS.Pica@m to VBS.Pica@mm 12/11/02 VBS.Thambl to VBS.Lavra.B.Worm 09/12/02 W32.Alcarys.H to W32.HLLP.Flate 09/11/02 W32.Alcatap.Worm to W32.Hobble.F@mm 11/08/02 W32.Alpoor.6144 to W32.HLLP.Alpoor 09/20/02 W32.Appix.H.Worm to Backdoor.OptixPro.10.b 12/18/02 W32.Efno.Worm to W32.HLLW.Efno 09/16/02 W32.Fanta.B.Worm to Fanta.Trojan.Dr 11/06/02 W32.Fanta.worm to Fanta.Trojan 11/06/02 W32.Gezak to W32.Prodvin 11/06/02 W32.HLLO.Mario to W32.HLLO.Marion 11/08/02 W32.HLLO.Samand to W32.HLLC.Samand 10/10/02 W32.HLLP.Alpoor to W32.HLLP.Flate.C 09/25/02 W32.HLLW.GOP.F@mm to W32.HLLW.Wangy@mm 01/07/03 W32.HLLW.Gotit to W32.Titog.B.Worm 01/09/03 W32.HLLW.Smilex to W32.Stupid.D 11/08/02 W32.HLLW.Stiq to W32.HLLW.Stiq@mm 01/07/03 W32.HLLW.Veednav.B to W32.HLLW.Veedna.B 01/15/03 W32.Holar.C@mm to W32.Galil@mm 12/05/02 W32.Jonbarr.B@mm to W32.Jonbarr.C@mm 11/12/02 W32.Manex.Worm to W32.HLLW.Manex 11/12/02 W32.Protex.Worm to W32.Duksten.B@mm 10/24/02 W32.Seesix.Worm to W32.HLLP.VB.14336.C 11/04/02 W32.Topsec.Worm to W32.Topsec 10/14/02 W32.Tossed@mm to HLLW.Tossed@mm 11/06/02 W32.Walcomp to W32.HLLC.Happylow 09/13/02 W32.Wun.Irc to W32.Wuno.Irc 11/08/02 W32.campurf@mm to W32.Campurf@mm 01/04/03 W95.CIH.1094 to W95.CIH.1106 11/20/02 W95.Sleepyhead to W95.Sleepyhead.5632 10/22/02 W97M.QWERTY to W97M.WERTY 12/17/02 W97M.Swatch to W97M.Spwatch 12/04/02 W97M.Thus.bi to W97M.Thus.BI 11/19/02 Name Changes (sorted by Date changed): Old Virus Name New Virus Name Date changed -------------- -------------- ------------ W32.HLLW.Veednav.B to W32.HLLW.Veedna.B 01/15/03 W32.HLLW.Gotit to W32.Titog.B.Worm 01/09/03 TPE.cw.1915 to TPE.cw 01/08/03 W32.HLLW.GOP.F@mm to W32.HLLW.Wangy@mm 01/07/03 W32.HLLW.Stiq to W32.HLLW.Stiq@mm 01/07/03 W32.campurf@mm to W32.Campurf@mm 01/04/03 W32.Appix.H.Worm to Backdoor.OptixPro.10.b 12/18/02 W97M.QWERTY to W97M.WERTY 12/17/02 VBS.Pica@m to VBS.Pica@mm 12/11/02 BAT.Junkboat@mm to W32.Enerlam.2774 12/05/02 W32.Holar.C@mm to W32.Galil@mm 12/05/02 W97M.Swatch to W97M.Spwatch 12/04/02 Cruiser.1120 to Cruiser.1120.Int 11/26/02 Dik.1393 to Dik.1393.Int 11/26/02 Lonig.INT to Lonig.Kit 11/26/02 TAVC.Jazva to Jazva.686 11/26/02 W95.CIH.1094 to W95.CIH.1106 11/20/02 W97M.Thus.bi to W97M.Thus.BI 11/19/02 Backdoor.Floodnet to Backdoor.Endool 11/13/02 W32.Jonbarr.B@mm to W32.Jonbarr.C@mm 11/12/02 W32.Manex.Worm to W32.HLLW.Manex 11/12/02 W32.Alcatap.Worm to W32.Hobble.F@mm 11/08/02 W32.HLLO.Mario to W32.HLLO.Marion 11/08/02 W32.HLLW.Smilex to W32.Stupid.D 11/08/02 W32.Wun.Irc to W32.Wuno.Irc 11/08/02 W32.Fanta.B.Worm to Fanta.Trojan.Dr 11/06/02 W32.Fanta.worm to Fanta.Trojan 11/06/02 W32.Gezak to W32.Prodvin 11/06/02 W32.Tossed@mm to HLLW.Tossed@mm 11/06/02 VBS.Likun@mm to VBS.Likun 11/05/02 W32.Seesix.Worm to W32.HLLP.VB.14336.C 11/04/02 Syst.1665 to AOD.385.B 10/28/02 W32.Protex.Worm to W32.Duksten.B@mm 10/24/02 W95.Sleepyhead to W95.Sleepyhead.5632 10/22/02 Trojan.PWS.QQPass.gKb6 to Trojan.PWS.QQPass.C 10/18/02 W32.Topsec.Worm to W32.Topsec 10/14/02 W32.HLLO.Samand to W32.HLLC.Samand 10/10/02 IRC.Pelic.Worm to VBS.Pelic.Worm 10/02/02 W32.HLLP.Alpoor to W32.HLLP.Flate.C 09/25/02 Backdoor.Dumba to Trojan.Dumba 09/23/02 W32.Alpoor.6144 to W32.HLLP.Alpoor 09/20/02 Trojan.Imiserv to Backdoor.Imiserv 09/19/02 W32.Efno.Worm to W32.HLLW.Efno 09/16/02 Bin.Auto.AZL to PS-MPC.535.B 09/13/02 W32.Walcomp to W32.HLLC.Happylow 09/13/02 VBS.Thambl to VBS.Lavra.B.Worm 09/12/02 HLLC.HappyFlowers to W32.HLLC.Happylow 09/11/02 W32.Alcarys.H to W32.HLLP.Flate 09/11/02 Deletions (sorted by Virus Name): Virus Name Infection Type Date removed ---------- -------------- ------------ BAT911.Worm File infector 11/05/02 Bin.Auto.CAQ File infector 12/04/02 HLLO.Gotov.5488 File infector 12/11/02 JS.WindowBomb File infector 09/26/02 VBS.Breberka@mm File infector 10/29/02 VBS.Draft@mm File infector 10/29/02 VBS.Futonik@mm File infector 10/29/02 W32.Compo File infector 10/21/02 W32.HLLC.Happylow File infector 09/13/02 W32.Hotlix.Worm File infector 11/12/02 W32.Wahwah@mm File infector 12/09/02 W97M.Pane File infector 10/11/02 Deletions (sorted by Date removed): Virus Name Infection Type Date removed ---------- -------------- ------------ HLLO.Gotov.5488 File infector 12/11/02 W32.Wahwah@mm File infector 12/09/02 Bin.Auto.CAQ File infector 12/04/02 W32.Hotlix.Worm File infector 11/12/02 BAT911.Worm File infector 11/05/02 VBS.Breberka@mm File infector 10/29/02 VBS.Draft@mm File infector 10/29/02 VBS.Futonik@mm File infector 10/29/02 W32.Compo File infector 10/21/02 W97M.Pane File infector 10/11/02 JS.WindowBomb File infector 09/26/02 W32.HLLC.Happylow File infector 09/13/02 ********************************************************************** ** Additional Information ** ********************************************************************** Additional information regarding this virus definitions update can be found in UPDATE.TXT and TECHNOTE.TXT.