home *** CD-ROM | disk | FTP | other *** search
- **********************************************************************
- ** **
- ** What's New in the NAV Virus Definitions Files WHATSNEW.TXT **
- ** **
- ** Symantec Security Response January 10, 2003 **
- ** **
- **********************************************************************
-
- This document contains the following topics:
-
- * Virus Alerts
- * New Technologies
- * Changes Incorporated Into This Update
- * Additional Information
-
-
- **********************************************************************
- ** Virus Alerts **
- **********************************************************************
-
- The ten most commonly reported viruses, worldwide:
-
- 1 W32.Bugbear@mm
- 2 W32.Klez.H@mm
- 3 W32.Opaserv.Worm
- 4 Trojan Horse
- 5 W95.Hybris.worm
- 6 W32.Datom.Worm
- 7 W95.Spaces.1445
- 8 W32.Klez.E@mm
- 9 W32.Yaha.F@mm
- 10 W95.CIH
-
-
- **********************************************************************
- ** New Technologies **
- **********************************************************************
-
- DATE Technologies Added
- ---- ------------------
-
- 08/02/01 * Engine Update 08/02/01
- * All products that use the NAVEX 1.5 architecture
- (in other words, most major Symantec products released over
- the last 3 - 4 years) will receive the new functionality.
- * This enhanced technology provides improved script scanning
- as well as more proactive detection of unknown script-based
- threats.
-
-
- **********************************************************************
- ** Changes Incorporated Into This Virus Definitions Update **
- **********************************************************************
-
- DATE
- ----
-
- New virus definitions (sorted by Virus Name):
-
- Virus Name Infection Type Date added
- ---------- -------------- ---------
- Babec.int File infector 01/07/03
- Backdoor.Amitis File infector 01/07/03
- Backdoor.Armageddon.20 File infector 01/09/03
- Backdoor.Bionet.306 File infector 01/07/03
- Backdoor.Bionet.312 File infector 01/07/03
- Backdoor.Colfuser File infector 01/08/03
- Backdoor.Cybspy File infector 01/08/03
- Backdoor.Deftcode File infector 01/07/03
- Backdoor.Drator File infector 01/07/03
- Backdoor.OICQSer (1) File infector 01/09/03
- Backdoor.OICQSer (2) File infector 01/09/03
- Backdoor.OICQSer.165 File infector 01/09/03
- Backdoor.OICQSer.17 File infector 01/09/03
- Backdoor.Ohpass File infector 01/07/03
- Backdoor.RemoteSOB File infector 01/08/03
- Backdoor.Sixca File infector 01/09/03
- Backdoor.VagrNocker File infector 01/09/03
- Backdoor.Xenozbot File infector 01/07/03
- Beer.1835(x) File infector 01/10/03
- BigJoke.1068 File infector 01/07/03
- Bin.Auto.CAR File infector 01/08/03
- Bin.Auto.CAS File infector 01/09/03
- Bin.Auto.CAT File infector 01/09/03
- Bin.Auto.CAU File infector 01/09/03
- Bin.Auto.CAV File infector 01/10/03
- Bin.Auto.CAW File infector 01/10/03
- Bin.Auto.CAX File infector 01/10/03
- Bin.Auto.CAY File infector 01/10/03
- Bin.Auto.CAZ File infector 01/10/03
- Bin.Auto.CBA File infector 01/10/03
- Bin.Auto.CBB File infector 01/10/03
- Bin.Auto.CBC File infector 01/10/03
- Bin.Auto.CBD File infector 01/10/03
- Bin.Auto.CBE File infector 01/10/03
- Bin.Auto.CBF File infector 01/10/03
- Bin.Auto.CBG File infector 01/10/03
- Bin.Auto.CBH File infector 01/10/03
- Bin.Auto.CBI File infector 01/10/03
- Bin.Auto.CBJ File infector 01/10/03
- Caesar.655 File infector 01/08/03
- Camel.family File infector 01/08/03
- Candymon File infector 01/08/03
- Carridark File infector 01/08/03
- Cdeed.2123 File infector 01/08/03
- Champaigne.218 File infector 01/08/03
- Cheez.395 File infector 01/08/03
- Cinder.379 File infector 01/08/03
- Clonew.178 File infector 01/08/03
- Coda.336 File infector 01/08/03
- Codebr.448 File infector 01/08/03
- Coka.669 File infector 01/08/03
- Colo.574 File infector 01/08/03
- Comcop.286 File infector 01/08/03
- Corrup.658 File infector 01/08/03
- Crazyc.525 File infector 01/08/03
- Deflo.6592 File infector 01/09/03
- EMSPE.int File infector 01/09/03
- Eumel.393 File infector 01/08/03
- Evc.family File infector 01/09/03
- HLLP.PPZ.8510 File infector 01/09/03
- Heurist File infector 01/10/03
- IDA.1440 File infector 01/09/03
- IDA.1536 File infector 01/08/03
- JS.Seeker.J File infector 01/10/03
- Moonlite.380 File infector 01/07/03
- PS-MPC.298 File infector 01/07/03
- PS-MPC.324 File infector 01/07/03
- SillyC.305 File infector 01/07/03
- SillyC.543 File infector 01/07/03
- SillyCO.728 File infector 01/07/03
- SillyE.307 File infector 01/08/03
- SillyE.800 File infector 01/09/03
- Trinity.500 File infector 01/09/03
- Trojan.KKiller File infector 01/07/03
- Trojan.PSW.Platan.5.A File infector 01/07/03
- VBS.Kagra@mm File infector 01/07/03
- VBS.PPWCK.gen File infector 01/07/03
- W32.Asterz@mm File infector 01/07/03
- W32.Cicicc File infector 01/07/03
- W32.Coflop@mm File infector 01/07/03
- W32.Dexec File infector 01/07/03
- W32.Elerad.5041 File infector 01/08/03
- W32.Erbo File infector 01/08/03
- W32.Explorezip.L.Worm File infector 01/10/03
- W32.Ftrap File infector 01/08/03
- W32.HLLC.Hoa File infector 01/08/03
- W32.HLLP.Ismod File infector 01/07/03
- W32.HLLW.Gotit File infector 01/07/03
- W32.HLLW.Kifie File infector 01/08/03
- W32.HLLW.Lolit File infector 01/08/03
- W32.HLLW.Parved File infector 01/08/03
- W32.HLLW.Smelles File infector 01/07/03
- W32.Junkcomp File infector 01/07/03
- W32.Lamic.Irc File infector 01/08/03
- W32.Lirva.C@mm File infector 01/08/03
- W32.Potar File infector 01/09/03
- W32.Roxor File infector 01/09/03
- W32.Sobig.A@mm File infector 01/09/03
- W32.Tborro File infector 01/08/03
- W32.Walru File infector 01/08/03
-
- New virus definitions (sorted by Date added):
-
- Virus Name Infection Type Date added
- ---------- -------------- ----------
- Beer.1835(x) File infector 01/10/03
- Bin.Auto.CAV File infector 01/10/03
- Bin.Auto.CAW File infector 01/10/03
- Bin.Auto.CAX File infector 01/10/03
- Bin.Auto.CAY File infector 01/10/03
- Bin.Auto.CAZ File infector 01/10/03
- Bin.Auto.CBA File infector 01/10/03
- Bin.Auto.CBB File infector 01/10/03
- Bin.Auto.CBC File infector 01/10/03
- Bin.Auto.CBD File infector 01/10/03
- Bin.Auto.CBE File infector 01/10/03
- Bin.Auto.CBF File infector 01/10/03
- Bin.Auto.CBG File infector 01/10/03
- Bin.Auto.CBH File infector 01/10/03
- Bin.Auto.CBI File infector 01/10/03
- Bin.Auto.CBJ File infector 01/10/03
- Heurist File infector 01/10/03
- JS.Seeker.J File infector 01/10/03
- W32.Explorezip.L.Worm File infector 01/10/03
- Backdoor.Armageddon.20 File infector 01/09/03
- Backdoor.OICQSer (1) File infector 01/09/03
- Backdoor.OICQSer (2) File infector 01/09/03
- Backdoor.OICQSer.165 File infector 01/09/03
- Backdoor.OICQSer.17 File infector 01/09/03
- Backdoor.Sixca File infector 01/09/03
- Backdoor.VagrNocker File infector 01/09/03
- Bin.Auto.CAS File infector 01/09/03
- Bin.Auto.CAT File infector 01/09/03
- Bin.Auto.CAU File infector 01/09/03
- Deflo.6592 File infector 01/09/03
- EMSPE.int File infector 01/09/03
- Evc.family File infector 01/09/03
- HLLP.PPZ.8510 File infector 01/09/03
- IDA.1440 File infector 01/09/03
- SillyE.800 File infector 01/09/03
- Trinity.500 File infector 01/09/03
- W32.Potar File infector 01/09/03
- W32.Roxor File infector 01/09/03
- W32.Sobig.A@mm File infector 01/09/03
- Backdoor.Colfuser File infector 01/08/03
- Backdoor.Cybspy File infector 01/08/03
- Backdoor.RemoteSOB File infector 01/08/03
- Bin.Auto.CAR File infector 01/08/03
- Caesar.655 File infector 01/08/03
- Camel.family File infector 01/08/03
- Candymon File infector 01/08/03
- Carridark File infector 01/08/03
- Cdeed.2123 File infector 01/08/03
- Champaigne.218 File infector 01/08/03
- Cheez.395 File infector 01/08/03
- Cinder.379 File infector 01/08/03
- Clonew.178 File infector 01/08/03
- Coda.336 File infector 01/08/03
- Codebr.448 File infector 01/08/03
- Coka.669 File infector 01/08/03
- Colo.574 File infector 01/08/03
- Comcop.286 File infector 01/08/03
- Corrup.658 File infector 01/08/03
- Crazyc.525 File infector 01/08/03
- Eumel.393 File infector 01/08/03
- IDA.1536 File infector 01/08/03
- SillyE.307 File infector 01/08/03
- W32.Elerad.5041 File infector 01/08/03
- W32.Erbo File infector 01/08/03
- W32.Ftrap File infector 01/08/03
- W32.HLLC.Hoa File infector 01/08/03
- W32.HLLW.Kifie File infector 01/08/03
- W32.HLLW.Lolit File infector 01/08/03
- W32.HLLW.Parved File infector 01/08/03
- W32.Lamic.Irc File infector 01/08/03
- W32.Lirva.C@mm File infector 01/08/03
- W32.Tborro File infector 01/08/03
- W32.Walru File infector 01/08/03
- Babec.int File infector 01/07/03
- Backdoor.Amitis File infector 01/07/03
- Backdoor.Bionet.306 File infector 01/07/03
- Backdoor.Bionet.312 File infector 01/07/03
- Backdoor.Deftcode File infector 01/07/03
- Backdoor.Drator File infector 01/07/03
- Backdoor.Ohpass File infector 01/07/03
- Backdoor.Xenozbot File infector 01/07/03
- BigJoke.1068 File infector 01/07/03
- Moonlite.380 File infector 01/07/03
- PS-MPC.298 File infector 01/07/03
- PS-MPC.324 File infector 01/07/03
- SillyC.305 File infector 01/07/03
- SillyC.543 File infector 01/07/03
- SillyCO.728 File infector 01/07/03
- Trojan.KKiller File infector 01/07/03
- Trojan.PSW.Platan.5.A File infector 01/07/03
- VBS.Kagra@mm File infector 01/07/03
- VBS.PPWCK.gen File infector 01/07/03
- W32.Asterz@mm File infector 01/07/03
- W32.Cicicc File infector 01/07/03
- W32.Coflop@mm File infector 01/07/03
- W32.Dexec File infector 01/07/03
- W32.HLLP.Ismod File infector 01/07/03
- W32.HLLW.Gotit File infector 01/07/03
- W32.HLLW.Smelles File infector 01/07/03
- W32.Junkcomp File infector 01/07/03
-
- Name Changes (sorted by Old Virus Name):
-
- Old Virus Name New Virus Name Date changed
- -------------- -------------- ------------
- BAT.Junkboat@mm to W32.Enerlam.2774 12/05/02
- Backdoor.Dumba to Trojan.Dumba 09/23/02
- Backdoor.Floodnet to Backdoor.Endool 11/13/02
- Bin.Auto.AZL to PS-MPC.535.B 09/13/02
- Cruiser.1120 to Cruiser.1120.Int 11/26/02
- Dik.1393 to Dik.1393.Int 11/26/02
- HLLC.HappyFlowers to W32.HLLC.Happylow 09/11/02
- IRC.Pelic.Worm to VBS.Pelic.Worm 10/02/02
- Lonig.INT to Lonig.Kit 11/26/02
- Syst.1665 to AOD.385.B 10/28/02
- TAVC.Jazva to Jazva.686 11/26/02
- TPE.cw.1915 to TPE.cw 01/08/03
- Trojan.Imiserv to Backdoor.Imiserv 09/19/02
- Trojan.PWS.QQPass.gKb6 to Trojan.PWS.QQPass.C 10/18/02
- VBS.Likun@mm to VBS.Likun 11/05/02
- VBS.Pica@m to VBS.Pica@mm 12/11/02
- VBS.Thambl to VBS.Lavra.B.Worm 09/12/02
- W32.Alcarys.H to W32.HLLP.Flate 09/11/02
- W32.Alcatap.Worm to W32.Hobble.F@mm 11/08/02
- W32.Alpoor.6144 to W32.HLLP.Alpoor 09/20/02
- W32.Appix.H.Worm to Backdoor.OptixPro.10.b 12/18/02
- W32.Efno.Worm to W32.HLLW.Efno 09/16/02
- W32.Fanta.B.Worm to Fanta.Trojan.Dr 11/06/02
- W32.Fanta.worm to Fanta.Trojan 11/06/02
- W32.Gezak to W32.Prodvin 11/06/02
- W32.HLLO.Mario to W32.HLLO.Marion 11/08/02
- W32.HLLO.Samand to W32.HLLC.Samand 10/10/02
- W32.HLLP.Alpoor to W32.HLLP.Flate.C 09/25/02
- W32.HLLW.GOP.F@mm to W32.HLLW.Wangy@mm 01/07/03
- W32.HLLW.Gotit to W32.Titog.B.Worm 01/09/03
- W32.HLLW.Smilex to W32.Stupid.D 11/08/02
- W32.HLLW.Stiq to W32.HLLW.Stiq@mm 01/07/03
- W32.Holar.C@mm to W32.Galil@mm 12/05/02
- W32.Jonbarr.B@mm to W32.Jonbarr.C@mm 11/12/02
- W32.Manex.Worm to W32.HLLW.Manex 11/12/02
- W32.Protex.Worm to W32.Duksten.B@mm 10/24/02
- W32.Seesix.Worm to W32.HLLP.VB.14336.C 11/04/02
- W32.Topsec.Worm to W32.Topsec 10/14/02
- W32.Tossed@mm to HLLW.Tossed@mm 11/06/02
- W32.Walcomp to W32.HLLC.Happylow 09/13/02
- W32.Wun.Irc to W32.Wuno.Irc 11/08/02
- W32.campurf@mm to W32.Campurf@mm 01/04/03
- W95.CIH.1094 to W95.CIH.1106 11/20/02
- W95.Sleepyhead to W95.Sleepyhead.5632 10/22/02
- W97M.QWERTY to W97M.WERTY 12/17/02
- W97M.Swatch to W97M.Spwatch 12/04/02
- W97M.Thus.bi to W97M.Thus.BI 11/19/02
-
- Name Changes (sorted by Date changed):
-
- Old Virus Name New Virus Name Date changed
- -------------- -------------- ------------
- W32.HLLW.Gotit to W32.Titog.B.Worm 01/09/03
- TPE.cw.1915 to TPE.cw 01/08/03
- W32.HLLW.GOP.F@mm to W32.HLLW.Wangy@mm 01/07/03
- W32.HLLW.Stiq to W32.HLLW.Stiq@mm 01/07/03
- W32.campurf@mm to W32.Campurf@mm 01/04/03
- W32.Appix.H.Worm to Backdoor.OptixPro.10.b 12/18/02
- W97M.QWERTY to W97M.WERTY 12/17/02
- VBS.Pica@m to VBS.Pica@mm 12/11/02
- BAT.Junkboat@mm to W32.Enerlam.2774 12/05/02
- W32.Holar.C@mm to W32.Galil@mm 12/05/02
- W97M.Swatch to W97M.Spwatch 12/04/02
- Cruiser.1120 to Cruiser.1120.Int 11/26/02
- Dik.1393 to Dik.1393.Int 11/26/02
- Lonig.INT to Lonig.Kit 11/26/02
- TAVC.Jazva to Jazva.686 11/26/02
- W95.CIH.1094 to W95.CIH.1106 11/20/02
- W97M.Thus.bi to W97M.Thus.BI 11/19/02
- Backdoor.Floodnet to Backdoor.Endool 11/13/02
- W32.Jonbarr.B@mm to W32.Jonbarr.C@mm 11/12/02
- W32.Manex.Worm to W32.HLLW.Manex 11/12/02
- W32.Alcatap.Worm to W32.Hobble.F@mm 11/08/02
- W32.HLLO.Mario to W32.HLLO.Marion 11/08/02
- W32.HLLW.Smilex to W32.Stupid.D 11/08/02
- W32.Wun.Irc to W32.Wuno.Irc 11/08/02
- W32.Fanta.B.Worm to Fanta.Trojan.Dr 11/06/02
- W32.Fanta.worm to Fanta.Trojan 11/06/02
- W32.Gezak to W32.Prodvin 11/06/02
- W32.Tossed@mm to HLLW.Tossed@mm 11/06/02
- VBS.Likun@mm to VBS.Likun 11/05/02
- W32.Seesix.Worm to W32.HLLP.VB.14336.C 11/04/02
- Syst.1665 to AOD.385.B 10/28/02
- W32.Protex.Worm to W32.Duksten.B@mm 10/24/02
- W95.Sleepyhead to W95.Sleepyhead.5632 10/22/02
- Trojan.PWS.QQPass.gKb6 to Trojan.PWS.QQPass.C 10/18/02
- W32.Topsec.Worm to W32.Topsec 10/14/02
- W32.HLLO.Samand to W32.HLLC.Samand 10/10/02
- IRC.Pelic.Worm to VBS.Pelic.Worm 10/02/02
- W32.HLLP.Alpoor to W32.HLLP.Flate.C 09/25/02
- Backdoor.Dumba to Trojan.Dumba 09/23/02
- W32.Alpoor.6144 to W32.HLLP.Alpoor 09/20/02
- Trojan.Imiserv to Backdoor.Imiserv 09/19/02
- W32.Efno.Worm to W32.HLLW.Efno 09/16/02
- Bin.Auto.AZL to PS-MPC.535.B 09/13/02
- W32.Walcomp to W32.HLLC.Happylow 09/13/02
- VBS.Thambl to VBS.Lavra.B.Worm 09/12/02
- HLLC.HappyFlowers to W32.HLLC.Happylow 09/11/02
- W32.Alcarys.H to W32.HLLP.Flate 09/11/02
-
- Deletions (sorted by Virus Name):
-
- Virus Name Infection Type Date removed
- ---------- -------------- ------------
- BAT911.Worm File infector 11/05/02
- Bin.Auto.CAQ File infector 12/04/02
- HLLO.Gotov.5488 File infector 12/11/02
- JS.WindowBomb File infector 09/26/02
- VBS.Breberka@mm File infector 10/29/02
- VBS.Draft@mm File infector 10/29/02
- VBS.Futonik@mm File infector 10/29/02
- W32.Compo File infector 10/21/02
- W32.HLLC.Happylow File infector 09/13/02
- W32.Hotlix.Worm File infector 11/12/02
- W32.Wahwah@mm File infector 12/09/02
- W97M.Pane File infector 10/11/02
-
- Deletions (sorted by Date removed):
-
- Virus Name Infection Type Date removed
- ---------- -------------- ------------
- HLLO.Gotov.5488 File infector 12/11/02
- W32.Wahwah@mm File infector 12/09/02
- Bin.Auto.CAQ File infector 12/04/02
- W32.Hotlix.Worm File infector 11/12/02
- BAT911.Worm File infector 11/05/02
- VBS.Breberka@mm File infector 10/29/02
- VBS.Draft@mm File infector 10/29/02
- VBS.Futonik@mm File infector 10/29/02
- W32.Compo File infector 10/21/02
- W97M.Pane File infector 10/11/02
- JS.WindowBomb File infector 09/26/02
- W32.HLLC.Happylow File infector 09/13/02
-
-
- **********************************************************************
- ** Additional Information **
- **********************************************************************
- Additional information regarding this virus definitions update can be
- found in UPDATE.TXT and TECHNOTE.TXT.
-
-