********************************************************************** ** ** ** What's New in the NAV Virus Definitions Files WHATSNEW.TXT ** ** ** ** Symantec Security Response March 19, 2003 ** ** ** ********************************************************************** This document contains the following topics: * Virus Alerts * New Technologies * Changes Incorporated Into This Update * Additional Information ********************************************************************** ** Virus Alerts ** ********************************************************************** The ten most commonly reported viruses, worldwide: 1 W32.Klez.H@mm 2 W32.Sobig.A@mm 3 Trojan Horse 4 W32.Yaha.K@mm 5 HTML.Redlof.A 6 W32.Bugbear@mm 7 W32.Lirva.A@mm 8 W95.Hybris.worm 9 W95.Spaces.1445 10 W32.FunLove.4099 ********************************************************************** ** New Technologies ** ********************************************************************** DATE Technologies Added ---- ------------------ 08/02/01 * Engine Update 08/02/01 * All products that use the NAVEX 1.5 architecture (in other words, most major Symantec products released over the last 3 - 4 years) will receive the new functionality. * This enhanced technology provides improved script scanning as well as more proactive detection of unknown script-based threats. ********************************************************************** ** Changes Incorporated Into This Virus Definitions Update ** ********************************************************************** DATE ---- New virus definitions (sorted by Virus Name): Virus Name Infection Type Date added ---------- -------------- --------- Annihilator.555 File infector 03/13/03 BAT.Dedboy.1709 File infector 03/14/03 Backdoor.Beasty.D File infector 03/11/03 Backdoor.Bridco File infector 03/11/03 Backdoor.Dvldr File infector 03/09/03 Backdoor.HackDefender File infector 03/12/03 Backdoor.Kol File infector 03/14/03 Backdoor.LittleWitch.C File infector 03/12/03 Backdoor.Longnu File infector 03/11/03 Backdoor.MSNCorrupt File infector 03/10/03 Backdoor.Marotob File infector 03/12/03 Backdoor.Plux File infector 03/07/03 Backdoor.Queen File infector 03/12/03 Backdoor.Sdbot.E File infector 03/13/03 Backdoor.Socksbot File infector 03/13/03 Backdoor.SysXXX File infector 03/13/03 Gibber.2256 File infector 03/12/03 HLLP.Non.31995 File infector 03/11/03 HYPC.3Tunes File infector 03/07/03 HYPC.9507 File infector 03/07/03 HYPC.9603 File infector 03/07/03 HYPC.Antibody File infector 03/07/03 HYPC.BangladeshSpice File infector 03/11/03 Hacktool.PWS.QQPass File infector 03/12/03 IRC.Vale.Worm File infector 03/17/03 JS.Wipe File infector 03/11/03 Mac.CPro File infector 03/11/03 Mac.ChinaTalk File infector 03/11/03 Mac.CursorPrank File infector 03/11/03 Mac.DimWit File infector 03/11/03 Mac.FontFinder File infector 03/11/03 Mac.Frankie File infector 03/11/03 Mac.HotlineDelete File infector 03/11/03 Mac.HotlineServer File infector 03/11/03 Mac.Mosaic File infector 03/11/03 Mac.NVP File infector 03/11/03 Mac.NaughtyLeftovers File infector 03/11/03 Mac.Oldgirl File infector 03/11/03 Mac.Scores File infector 03/11/03 Mac.Steroid File infector 03/11/03 Mac.VirusInfo File infector 03/11/03 MacOS.SubSeven File infector 03/12/03 MacOS.Tetracycle File infector 03/12/03 PS-MPC.741 File infector 03/13/03 Rho.1169 File infector 03/13/03 TC.Adware.7 File infector 03/11/03 TC.Adware.9 File infector 03/11/03 TC.HeurVirus.9 File infector 03/11/03 TC.Malware.7 File infector 03/11/03 TC.Malware.8 File infector 03/11/03 TC.Malware.9 File infector 03/11/03 TC.Spyware.8 File infector 03/11/03 Trojan.DCharge.DoS File infector 03/17/03 Trojan.Downloader.Aphe File infector 03/10/03 Trojan.FNK File infector 03/14/03 Trojan.PSW.Gip File infector 03/11/03 VBS.Agvuerrry File infector 03/11/03 VBS.Charlene File infector 03/11/03 VBS.Godog@mm File infector 03/17/03 VBS.Kasnar File infector 03/14/03 VBS.Krim.F@mm File infector 03/09/03 VBS.Kuasa@mm File infector 03/17/03 VBS.NorthSky@mm File infector 03/12/03 VBS.Pretender File infector 03/11/03 VBS.Ztin File infector 03/11/03 W32.Alco.AB@mm File infector 03/12/03 W32.Bibrog.C@mm File infector 03/14/03 W32.CVIH.Trojan File infector 03/11/03 W32.Deborm.Worm File infector 03/12/03 W32.Ganda.A@mm File infector 03/17/03 W32.Ganda.A@mm.enc File infector 03/19/03 W32.HLLC.Arhil File infector 03/14/03 W32.HLLP.Emesix File infector 03/18/03 W32.HLLW.Begbie@mm File infector 03/17/03 W32.HLLW.Deborms File infector 03/11/03 W32.HLLW.Deloder File infector 03/09/03 W32.HLLW.Der@mm File infector 03/19/03 W32.HLLW.Ducktest File infector 03/17/03 W32.HLLW.Genky File infector 03/19/03 W32.HLLW.Knon@mm File infector 03/14/03 W32.HLLW.Lovgate.F@mm File infector 03/12/03 W32.HLLW.Nebiwo File infector 03/10/03 W32.HLLW.Oror.AI@mm File infector 03/14/03 W32.HLLW.Oveu File infector 03/14/03 W32.HLLW.Primcol File infector 03/17/03 W32.HLLW.Ridsey File infector 03/14/03 W32.HLLW.Sucon File infector 03/14/03 W32.HLLW.Wanor@mm File infector 03/12/03 W32.Hawawi.Worm File infector 03/19/03 W32.Nicehello@mm File infector 03/10/03 W32.Rondon File infector 03/11/03 W32.Shakir File infector 03/14/03 W32.Subit.3331 File infector 03/12/03 W32.Sunel File infector 03/14/03 W32.Tosep File infector 03/17/03 W32.Zokrim.C@mm File infector 03/12/03 W97M.Plasma File infector 03/11/03 W97M.Saver.C File infector 03/14/03 W97M.Timret File infector 03/19/03 Wasp.1214 File infector 03/14/03 New virus definitions (sorted by Date added): Virus Name Infection Type Date added ---------- -------------- ---------- W32.Ganda.A@mm.enc File infector 03/19/03 W32.HLLW.Der@mm File infector 03/19/03 W32.HLLW.Genky File infector 03/19/03 W32.Hawawi.Worm File infector 03/19/03 W97M.Timret File infector 03/19/03 W32.HLLP.Emesix File infector 03/18/03 IRC.Vale.Worm File infector 03/17/03 Trojan.DCharge.DoS File infector 03/17/03 VBS.Godog@mm File infector 03/17/03 VBS.Kuasa@mm File infector 03/17/03 W32.Ganda.A@mm File infector 03/17/03 W32.HLLW.Begbie@mm File infector 03/17/03 W32.HLLW.Ducktest File infector 03/17/03 W32.HLLW.Primcol File infector 03/17/03 W32.Tosep File infector 03/17/03 BAT.Dedboy.1709 File infector 03/14/03 Backdoor.Kol File infector 03/14/03 Trojan.FNK File infector 03/14/03 VBS.Kasnar File infector 03/14/03 W32.Bibrog.C@mm File infector 03/14/03 W32.HLLC.Arhil File infector 03/14/03 W32.HLLW.Knon@mm File infector 03/14/03 W32.HLLW.Oror.AI@mm File infector 03/14/03 W32.HLLW.Oveu File infector 03/14/03 W32.HLLW.Ridsey File infector 03/14/03 W32.HLLW.Sucon File infector 03/14/03 W32.Shakir File infector 03/14/03 W32.Sunel File infector 03/14/03 W97M.Saver.C File infector 03/14/03 Wasp.1214 File infector 03/14/03 Annihilator.555 File infector 03/13/03 Backdoor.Sdbot.E File infector 03/13/03 Backdoor.Socksbot File infector 03/13/03 Backdoor.SysXXX File infector 03/13/03 PS-MPC.741 File infector 03/13/03 Rho.1169 File infector 03/13/03 Backdoor.HackDefender File infector 03/12/03 Backdoor.LittleWitch.C File infector 03/12/03 Backdoor.Marotob File infector 03/12/03 Backdoor.Queen File infector 03/12/03 Gibber.2256 File infector 03/12/03 Hacktool.PWS.QQPass File infector 03/12/03 MacOS.SubSeven File infector 03/12/03 MacOS.Tetracycle File infector 03/12/03 VBS.NorthSky@mm File infector 03/12/03 W32.Alco.AB@mm File infector 03/12/03 W32.Deborm.Worm File infector 03/12/03 W32.HLLW.Lovgate.F@mm File infector 03/12/03 W32.HLLW.Wanor@mm File infector 03/12/03 W32.Subit.3331 File infector 03/12/03 W32.Zokrim.C@mm File infector 03/12/03 Backdoor.Beasty.D File infector 03/11/03 Backdoor.Bridco File infector 03/11/03 Backdoor.Longnu File infector 03/11/03 HLLP.Non.31995 File infector 03/11/03 HYPC.BangladeshSpice File infector 03/11/03 JS.Wipe File infector 03/11/03 Mac.CPro File infector 03/11/03 Mac.ChinaTalk File infector 03/11/03 Mac.CursorPrank File infector 03/11/03 Mac.DimWit File infector 03/11/03 Mac.FontFinder File infector 03/11/03 Mac.Frankie File infector 03/11/03 Mac.HotlineDelete File infector 03/11/03 Mac.HotlineServer File infector 03/11/03 Mac.Mosaic File infector 03/11/03 Mac.NVP File infector 03/11/03 Mac.NaughtyLeftovers File infector 03/11/03 Mac.Oldgirl File infector 03/11/03 Mac.Scores File infector 03/11/03 Mac.Steroid File infector 03/11/03 Mac.VirusInfo File infector 03/11/03 TC.Adware.7 File infector 03/11/03 TC.Adware.9 File infector 03/11/03 TC.HeurVirus.9 File infector 03/11/03 TC.Malware.7 File infector 03/11/03 TC.Malware.8 File infector 03/11/03 TC.Malware.9 File infector 03/11/03 TC.Spyware.8 File infector 03/11/03 Trojan.PSW.Gip File infector 03/11/03 VBS.Agvuerrry File infector 03/11/03 VBS.Charlene File infector 03/11/03 VBS.Pretender File infector 03/11/03 VBS.Ztin File infector 03/11/03 W32.CVIH.Trojan File infector 03/11/03 W32.HLLW.Deborms File infector 03/11/03 W32.Rondon File infector 03/11/03 W97M.Plasma File infector 03/11/03 Backdoor.MSNCorrupt File infector 03/10/03 Trojan.Downloader.Aphe File infector 03/10/03 W32.HLLW.Nebiwo File infector 03/10/03 W32.Nicehello@mm File infector 03/10/03 Backdoor.Dvldr File infector 03/09/03 VBS.Krim.F@mm File infector 03/09/03 W32.HLLW.Deloder File infector 03/09/03 Backdoor.Plux File infector 03/07/03 HYPC.3Tunes File infector 03/07/03 HYPC.9507 File infector 03/07/03 HYPC.9603 File infector 03/07/03 HYPC.Antibody File infector 03/07/03 Name Changes (sorted by Old Virus Name): Old Virus Name New Virus Name Date changed -------------- -------------- ------------ BAT.Junkboat@mm to W32.Enerlam.2774 12/05/02 Backdoor.Beasty.E to Backdoor.Plux 03/11/03 Backdoor.Plux to Backdoor.Beasty.E 03/11/03 Backdoor.Qforager to Trojan.Qforager 01/22/03 Backdoor.Tkbot to W32.Tkbot.Worm 02/12/03 Backdoor.Zix to Backdoor.Zyxerv 03/06/03 HLLP.Roro to HLLO.Nedal.17174 (1) 02/27/03 MAC.Simpsons@mm to MacOS.Simpsons@mm 03/12/03 Mac.Autostart to MacOS.Autostart 03/12/03 Mac.CPro to MacOS.CPro 03/12/03 Mac.ChinaTalk to MacOS.ChinaTalk 03/12/03 Mac.CursorPrank to MacOS.CursorPrank 03/12/03 Mac.DimWit to MacOS.DimWit 03/12/03 Mac.FontFinder to MacOS.FontFinder 03/12/03 Mac.Frankie to MacOS.Frankie 03/12/03 Mac.HotlineDelete to MacOS.HotlineDelete 03/12/03 Mac.HotlineServer to MacOS.HotlineServer 03/12/03 Mac.Mosaic to MacOS.Mosaic 03/12/03 Mac.NVP to MacOS.NVP 03/12/03 Mac.NaughtyLeftovers to MacOS.NaughtyLeftovers 03/12/03 Mac.Oldgirl to MacOS.Oldgirl 03/12/03 Mac.Scores to MacOS.Scores 03/12/03 Mac.Steroid to MacOS.Steroid 03/12/03 Mac.VirusInfo to MacOS.VirusInfo 03/12/03 TPE.cw.1915 to TPE.cw 01/08/03 VBS.Betta.A to BAT.Betta.A 01/16/03 VBS.Bulbas.B to VBS.Bulbas.B@mm 03/11/03 VBS.Doggy@mm to HLLP.Roro 02/27/03 VBS.Pica@m to VBS.Pica@mm 12/11/02 W32.Appix.H.Worm to Backdoor.OptixPro.10.b 12/18/02 W32.Asterz@mm to W32.HLLW.Asterz.intd 01/20/03 W32.Bagif.Worm to W32.Bagif 02/10/03 W32.Deborm.Worm to W32.HLLW.Deborms.B 03/14/03 W32.HLLW.Backzat.F to W32.HLLW.Backzat.G 01/23/03 W32.HLLW.Begbie@mm to W32.Gibe.C@mm 03/19/03 W32.HLLW.Eissa to W32.HLLW.Cassidy.B 02/27/03 W32.HLLW.GOP.F@mm to W32.HLLW.Wangy@mm 01/07/03 W32.HLLW.Gotit to W32.Titog.B.Worm 01/09/03 W32.HLLW.Kifie to W32.HLLW.Backzat.H 02/05/03 W32.HLLW.Lovgate to W32.HLLW.Lovgate@mm 02/20/03 W32.HLLW.Oror.Z@mm to W32.HLLW.Oror.AG@mm 03/04/03 W32.HLLW.Stiq to W32.HLLW.Stiq@mm 01/07/03 W32.HLLW.Veednav.B to W32.HLLW.Veedna.B 01/15/03 W32.HLLW.Zackfoo to W32.Zackfoo 02/27/03 W32.Momma to IRC.Momma.Worm 01/21/03 W32.Rondon to Backdoor.IRC.Aladinz.B 03/12/03 W32.Yalat@mm to W32.Yalat.Worm 02/11/03 W32.campurf@mm to W32.Campurf@mm 01/04/03 W97M.QWERTY to W97M.WERTY 12/17/02 Zorm.695 to Zorm.family 01/21/03 Name Changes (sorted by Date changed): Old Virus Name New Virus Name Date changed -------------- -------------- ------------ W32.HLLW.Begbie@mm to W32.Gibe.C@mm 03/19/03 W32.Deborm.Worm to W32.HLLW.Deborms.B 03/14/03 MAC.Simpsons@mm to MacOS.Simpsons@mm 03/12/03 Mac.Autostart to MacOS.Autostart 03/12/03 Mac.CPro to MacOS.CPro 03/12/03 Mac.ChinaTalk to MacOS.ChinaTalk 03/12/03 Mac.CursorPrank to MacOS.CursorPrank 03/12/03 Mac.DimWit to MacOS.DimWit 03/12/03 Mac.FontFinder to MacOS.FontFinder 03/12/03 Mac.Frankie to MacOS.Frankie 03/12/03 Mac.HotlineDelete to MacOS.HotlineDelete 03/12/03 Mac.HotlineServer to MacOS.HotlineServer 03/12/03 Mac.Mosaic to MacOS.Mosaic 03/12/03 Mac.NVP to MacOS.NVP 03/12/03 Mac.NaughtyLeftovers to MacOS.NaughtyLeftovers 03/12/03 Mac.Oldgirl to MacOS.Oldgirl 03/12/03 Mac.Scores to MacOS.Scores 03/12/03 Mac.Steroid to MacOS.Steroid 03/12/03 Mac.VirusInfo to MacOS.VirusInfo 03/12/03 W32.Rondon to Backdoor.IRC.Aladinz.B 03/12/03 Backdoor.Beasty.E to Backdoor.Plux 03/11/03 Backdoor.Plux to Backdoor.Beasty.E 03/11/03 VBS.Bulbas.B to VBS.Bulbas.B@mm 03/11/03 Backdoor.Zix to Backdoor.Zyxerv 03/06/03 W32.HLLW.Oror.Z@mm to W32.HLLW.Oror.AG@mm 03/04/03 HLLP.Roro to HLLO.Nedal.17174 (1) 02/27/03 VBS.Doggy@mm to HLLP.Roro 02/27/03 W32.HLLW.Eissa to W32.HLLW.Cassidy.B 02/27/03 W32.HLLW.Zackfoo to W32.Zackfoo 02/27/03 W32.HLLW.Lovgate to W32.HLLW.Lovgate@mm 02/20/03 Backdoor.Tkbot to W32.Tkbot.Worm 02/12/03 W32.Yalat@mm to W32.Yalat.Worm 02/11/03 W32.Bagif.Worm to W32.Bagif 02/10/03 W32.HLLW.Kifie to W32.HLLW.Backzat.H 02/05/03 W32.HLLW.Backzat.F to W32.HLLW.Backzat.G 01/23/03 Backdoor.Qforager to Trojan.Qforager 01/22/03 W32.Momma to IRC.Momma.Worm 01/21/03 Zorm.695 to Zorm.family 01/21/03 W32.Asterz@mm to W32.HLLW.Asterz.intd 01/20/03 VBS.Betta.A to BAT.Betta.A 01/16/03 W32.HLLW.Veednav.B to W32.HLLW.Veedna.B 01/15/03 W32.HLLW.Gotit to W32.Titog.B.Worm 01/09/03 TPE.cw.1915 to TPE.cw 01/08/03 W32.HLLW.GOP.F@mm to W32.HLLW.Wangy@mm 01/07/03 W32.HLLW.Stiq to W32.HLLW.Stiq@mm 01/07/03 W32.campurf@mm to W32.Campurf@mm 01/04/03 W32.Appix.H.Worm to Backdoor.OptixPro.10.b 12/18/02 W97M.QWERTY to W97M.WERTY 12/17/02 VBS.Pica@m to VBS.Pica@mm 12/11/02 BAT.Junkboat@mm to W32.Enerlam.2774 12/05/02 Deletions (sorted by Virus Name): Virus Name Infection Type Date removed ---------- -------------- ------------ BAT911.Worm File infector 11/05/02 Bin.Auto.CAQ File infector 12/04/02 HLLO.Gotov.5488 File infector 12/11/02 JS.WindowBomb File infector 09/26/02 TC.Adware.7 File infector 03/11/03 TC.Adware.9 File infector 03/11/03 TC.HeurVirus.9 File infector 03/11/03 TC.Malware.7 File infector 03/11/03 TC.Malware.8 File infector 03/11/03 TC.Malware.9 File infector 03/11/03 TC.Spyware.8 File infector 03/11/03 VBS.Breberka@mm File infector 10/29/02 VBS.Draft@mm File infector 10/29/02 VBS.Futonik@mm File infector 10/29/02 W32.Compo File infector 10/21/02 W32.HLLC.Happylow File infector 09/13/02 W32.Hotlix.Worm File infector 11/12/02 W32.Wahwah@mm File infector 12/09/02 W97M.Pane File infector 10/11/02 Deletions (sorted by Date removed): Virus Name Infection Type Date removed ---------- -------------- ------------ TC.Adware.7 File infector 03/11/03 TC.Adware.9 File infector 03/11/03 TC.HeurVirus.9 File infector 03/11/03 TC.Malware.7 File infector 03/11/03 TC.Malware.8 File infector 03/11/03 TC.Malware.9 File infector 03/11/03 TC.Spyware.8 File infector 03/11/03 HLLO.Gotov.5488 File infector 12/11/02 W32.Wahwah@mm File infector 12/09/02 Bin.Auto.CAQ File infector 12/04/02 W32.Hotlix.Worm File infector 11/12/02 BAT911.Worm File infector 11/05/02 VBS.Breberka@mm File infector 10/29/02 VBS.Draft@mm File infector 10/29/02 VBS.Futonik@mm File infector 10/29/02 W32.Compo File infector 10/21/02 W97M.Pane File infector 10/11/02 JS.WindowBomb File infector 09/26/02 W32.HLLC.Happylow File infector 09/13/02 ********************************************************************** ** Additional Information ** ********************************************************************** Additional information regarding this virus definitions update can be found in UPDATE.TXT and TECHNOTE.TXT.