********************************************************************** ** ** ** What's New in the NAV Virus Definitions Files WHATSNEW.TXT ** ** ** ** Symantec Security Response May 08, 2003 ** ** ** ********************************************************************** This document contains the following topics: * Virus Alerts * New Technologies * Changes Incorporated Into This Update * Additional Information ********************************************************************** ** Virus Alerts ** ********************************************************************** The ten most commonly reported viruses for March 2003, worldwide: 1 W32.Klez.H@mm 2 Trojan Horse 3 HTML.Redlof.A 4 Backdoor.Dvldr 5 IRC Trojan 6 W95.Hybris.worm 7 W95.Spaces.1445 8 W32.FunLove.4099 9 W32.Nimda.E@mm 10 W32.HLLW.Deloder ********************************************************************** ** New Technologies ** ********************************************************************** DATE Technologies Added ---- ------------------ 08/02/01 * Engine Update 08/02/01 * All products that use the NAVEX 1.5 architecture (in other words, most major Symantec products released over the last 3 - 4 years) will receive the new functionality. * This enhanced technology provides improved script scanning as well as more proactive detection of unknown script-based threats. ********************************************************************** ** Changes Incorporated Into This Virus Definitions Update ** ********************************************************************** DATE ---- New virus definitions (sorted by Virus Name): Virus Name Infection Type Date added ---------- -------------- --------- AntiPascal.408 File infector 05/07/03 BAT.Batix File infector 05/05/03 BAT.Lala File infector 05/05/03 BAT.PDrome File infector 05/08/03 Backdoor.AntiLam.20.K File infector 05/05/03 Backdoor.Beasty.Cli File infector 05/05/03 Backdoor.Beasty.Family File infector 05/05/03 Backdoor.Bigfoot File infector 05/02/03 Backdoor.CNK.A File infector 05/05/03 Backdoor.CNK.A.Cli File infector 05/05/03 Backdoor.CamKing File infector 05/07/03 Backdoor.Cmjspy File infector 05/05/03 Backdoor.DSNX.A File infector 05/06/03 Backdoor.Death.Cli File infector 05/05/03 Backdoor.Delf.Cli File infector 05/05/03 Backdoor.Delf.Family File infector 05/05/03 Backdoor.FTP_Ana.E File infector 05/05/03 Backdoor.Fatroj File infector 05/05/03 Backdoor.Fatroj.Cli File infector 05/05/03 Backdoor.Freddy.A File infector 05/06/03 Backdoor.Fxdoor File infector 05/05/03 Backdoor.Fxdoor.Cli File infector 05/05/03 Backdoor.IRC.Based File infector 05/07/03 Backdoor.IRC.Bot File infector 05/05/03 Backdoor.IRC.Dr File infector 05/06/03 Backdoor.IRC.Lampsy File infector 05/07/03 Backdoor.IRC.Ratsou File infector 05/05/03 Backdoor.IRCScript.Fld File infector 05/07/03 Backdoor.IRCScript.Gen File infector 05/07/03 Backdoor.Latinus.C File infector 05/05/03 Backdoor.LeGuardien.B File infector 05/06/03 Backdoor.Peers File infector 05/06/03 Backdoor.Prosiak.Cli File infector 05/07/03 Backdoor.Rockse File infector 05/07/03 Backdoor.School File infector 05/08/03 Backdoor.Sdbot.I File infector 05/08/03 Backdoor.Shipper File infector 05/08/03 Backdoor.Snami File infector 05/07/03 Backdoor.Softshell File infector 05/06/03 Backdoor.Specrem File infector 05/08/03 Backdoor.Specrem.Cli File infector 05/08/03 Backdoor.URCS File infector 05/05/03 Backdoor.Y3KRat.01 File infector 05/05/03 Backdoor.Zdemon.126 File infector 05/05/03 Bin.Auto.CFI File infector 05/02/03 Bin.Auto.CFJ File infector 05/02/03 Bin.Auto.CFK File infector 05/02/03 Bin.Auto.CFL File infector 05/02/03 Bin.Auto.CFM File infector 05/02/03 Bin.Auto.CFN File infector 05/02/03 Bin.Auto.CFO File infector 05/02/03 Bin.Auto.CFP File infector 05/02/03 Bin.Auto.CFQ File infector 05/08/03 Bin.Auto.CFR File infector 05/08/03 Bin.Auto.CFS File infector 05/08/03 Bin.Auto.CFT File infector 05/08/03 Bin.Auto.CFU File infector 05/08/03 Bin.Auto.CFV File infector 05/08/03 Bin.Auto.CFW File infector 05/08/03 Bin.Auto.CFX File infector 05/08/03 Camel.425 File infector 05/08/03 Camel.426 File infector 05/08/03 Downloader.BO.B File infector 05/07/03 Downloader.BO.B.dr File infector 05/07/03 Hackdoor.Mailrelay File infector 05/02/03 PDF.Yourde File infector 05/05/03 PWSteal.Kipper File infector 05/05/03 PWSteal.Lemir.105 File infector 05/02/03 Remember.1081 File infector 05/08/03 Remember.1087 File infector 05/08/03 Remember.1091 File infector 05/08/03 SillyC.157.b File infector 05/08/03 SillyC.159 File infector 05/08/03 SillyC.160 File infector 05/08/03 SillyC.189.ow File infector 05/07/03 Trojan.Adclicker.A File infector 05/02/03 Trojan.Kaht File infector 05/05/03 VBS.Charl File infector 05/02/03 W32.Adclicker.C.Trojan File infector 05/02/03 W32.Benatic File infector 05/06/03 W32.Boa.Worm File infector 05/02/03 W32.Busan File infector 05/06/03 W32.Darend.Worm File infector 05/02/03 W32.Ekan File infector 05/02/03 W32.HLLP.Ibord File infector 05/02/03 W32.HLLP.Spreda File infector 05/02/03 W32.HLLP.Tamin File infector 05/05/03 W32.HLLW.Cydog.C@mm File infector 05/06/03 W32.HLLW.Druagz File infector 05/05/03 W32.HLLW.Vifiter File infector 05/05/03 W32.HLLW.Weakas File infector 05/07/03 W32.Lastas.Worm File infector 05/06/03 W32.Manfol@mm File infector 05/05/03 W32.Mexer.Worm File infector 05/06/03 W32.Mintal.Worm File infector 05/05/03 W32.Perser.Worm File infector 05/06/03 W32.Poorpoor File infector 05/06/03 W32.Purner File infector 05/05/03 W32.Soder File infector 05/05/03 W32.Valentex File infector 05/05/03 New virus definitions (sorted by Date added): Virus Name Infection Type Date added ---------- -------------- ---------- BAT.PDrome File infector 05/08/03 Backdoor.School File infector 05/08/03 Backdoor.Sdbot.I File infector 05/08/03 Backdoor.Shipper File infector 05/08/03 Backdoor.Specrem File infector 05/08/03 Backdoor.Specrem.Cli File infector 05/08/03 Bin.Auto.CFQ File infector 05/08/03 Bin.Auto.CFR File infector 05/08/03 Bin.Auto.CFS File infector 05/08/03 Bin.Auto.CFT File infector 05/08/03 Bin.Auto.CFU File infector 05/08/03 Bin.Auto.CFV File infector 05/08/03 Bin.Auto.CFW File infector 05/08/03 Bin.Auto.CFX File infector 05/08/03 Camel.425 File infector 05/08/03 Camel.426 File infector 05/08/03 Remember.1081 File infector 05/08/03 Remember.1087 File infector 05/08/03 Remember.1091 File infector 05/08/03 SillyC.157.b File infector 05/08/03 SillyC.159 File infector 05/08/03 SillyC.160 File infector 05/08/03 AntiPascal.408 File infector 05/07/03 Backdoor.CamKing File infector 05/07/03 Backdoor.IRC.Based File infector 05/07/03 Backdoor.IRC.Lampsy File infector 05/07/03 Backdoor.IRCScript.Fld File infector 05/07/03 Backdoor.IRCScript.Gen File infector 05/07/03 Backdoor.Prosiak.Cli File infector 05/07/03 Backdoor.Rockse File infector 05/07/03 Backdoor.Snami File infector 05/07/03 Downloader.BO.B File infector 05/07/03 Downloader.BO.B.dr File infector 05/07/03 SillyC.189.ow File infector 05/07/03 W32.HLLW.Weakas File infector 05/07/03 Backdoor.DSNX.A File infector 05/06/03 Backdoor.Freddy.A File infector 05/06/03 Backdoor.IRC.Dr File infector 05/06/03 Backdoor.LeGuardien.B File infector 05/06/03 Backdoor.Peers File infector 05/06/03 Backdoor.Softshell File infector 05/06/03 W32.Benatic File infector 05/06/03 W32.Busan File infector 05/06/03 W32.HLLW.Cydog.C@mm File infector 05/06/03 W32.Lastas.Worm File infector 05/06/03 W32.Mexer.Worm File infector 05/06/03 W32.Perser.Worm File infector 05/06/03 W32.Poorpoor File infector 05/06/03 BAT.Batix File infector 05/05/03 BAT.Lala File infector 05/05/03 Backdoor.AntiLam.20.K File infector 05/05/03 Backdoor.Beasty.Cli File infector 05/05/03 Backdoor.Beasty.Family File infector 05/05/03 Backdoor.CNK.A File infector 05/05/03 Backdoor.CNK.A.Cli File infector 05/05/03 Backdoor.Cmjspy File infector 05/05/03 Backdoor.Death.Cli File infector 05/05/03 Backdoor.Delf.Cli File infector 05/05/03 Backdoor.Delf.Family File infector 05/05/03 Backdoor.FTP_Ana.E File infector 05/05/03 Backdoor.Fatroj File infector 05/05/03 Backdoor.Fatroj.Cli File infector 05/05/03 Backdoor.Fxdoor File infector 05/05/03 Backdoor.Fxdoor.Cli File infector 05/05/03 Backdoor.IRC.Bot File infector 05/05/03 Backdoor.IRC.Ratsou File infector 05/05/03 Backdoor.Latinus.C File infector 05/05/03 Backdoor.URCS File infector 05/05/03 Backdoor.Y3KRat.01 File infector 05/05/03 Backdoor.Zdemon.126 File infector 05/05/03 PDF.Yourde File infector 05/05/03 PWSteal.Kipper File infector 05/05/03 Trojan.Kaht File infector 05/05/03 W32.HLLP.Tamin File infector 05/05/03 W32.HLLW.Druagz File infector 05/05/03 W32.HLLW.Vifiter File infector 05/05/03 W32.Manfol@mm File infector 05/05/03 W32.Mintal.Worm File infector 05/05/03 W32.Purner File infector 05/05/03 W32.Soder File infector 05/05/03 W32.Valentex File infector 05/05/03 Backdoor.Bigfoot File infector 05/02/03 Bin.Auto.CFI File infector 05/02/03 Bin.Auto.CFJ File infector 05/02/03 Bin.Auto.CFK File infector 05/02/03 Bin.Auto.CFL File infector 05/02/03 Bin.Auto.CFM File infector 05/02/03 Bin.Auto.CFN File infector 05/02/03 Bin.Auto.CFO File infector 05/02/03 Bin.Auto.CFP File infector 05/02/03 Hackdoor.Mailrelay File infector 05/02/03 PWSteal.Lemir.105 File infector 05/02/03 Trojan.Adclicker.A File infector 05/02/03 VBS.Charl File infector 05/02/03 W32.Adclicker.C.Trojan File infector 05/02/03 W32.Boa.Worm File infector 05/02/03 W32.Darend.Worm File infector 05/02/03 W32.Ekan File infector 05/02/03 W32.HLLP.Ibord File infector 05/02/03 W32.HLLP.Spreda File infector 05/02/03 Name Changes (sorted by Old Virus Name): Old Virus Name New Virus Name Date changed -------------- -------------- ------------ Backdoor.Beasty.E to Backdoor.Plux 03/11/03 Backdoor.Colfuser to Backdoor.Coldfusion 03/20/03 Backdoor.IRC.Based to Backdoor.IRC.Client 05/08/03 Backdoor.Plux to Backdoor.Beasty.E 03/11/03 Backdoor.Tkbot to W32.Tkbot.Worm 02/12/03 Backdoor.Zix to Backdoor.Zyxerv 03/06/03 HLLP.Roro to HLLO.Nedal.17174 (1) 02/27/03 Hackdoor.Mailrelay to Backdoor.Guzu 05/05/03 IRC.DMSetup to VBS.AlphaE@mm 04/24/03 MAC.Simpsons@mm to MacOS.Simpsons@mm 03/12/03 Mac.Autostart to MacOS.Autostart 03/12/03 Mac.CPro to MacOS.CPro 03/12/03 Mac.ChinaTalk to MacOS.ChinaTalk 03/12/03 Mac.CursorPrank to MacOS.CursorPrank 03/12/03 Mac.DimWit to MacOS.DimWit 03/12/03 Mac.FontFinder to MacOS.FontFinder 03/12/03 Mac.Frankie to MacOS.Frankie 03/12/03 Mac.HotlineDelete to MacOS.HotlineDelete 03/12/03 Mac.HotlineServer to MacOS.HotlineServer 03/12/03 Mac.Mosaic to MacOS.Mosaic 03/12/03 Mac.NVP to MacOS.NVP 03/12/03 Mac.NaughtyLeftovers to MacOS.NaughtyLeftovers 03/12/03 Mac.Oldgirl to MacOS.Oldgirl 03/12/03 Mac.Scores to MacOS.Scores 03/12/03 Mac.Steroid to MacOS.Steroid 03/12/03 Mac.VirusInfo to MacOS.VirusInfo 03/12/03 Trojan.Poot to Trojan.Slanret.B 04/04/03 VBS.AlphaE@mm to VBS.Alphae@mm 04/25/03 VBS.Bulbas.B to VBS.Bulbas.B@mm 03/11/03 VBS.Doggy@mm to HLLP.Roro 02/27/03 VBS.Scooter.Worm to VBS.Scrambler.Worm 05/02/03 W32.Backzat.Worm to W32.HLLW.Backzat 04/25/03 W32.Bagif.Worm to W32.Bagif 02/10/03 W32.Deborm.Worm to W32.HLLW.Deborms.B 03/14/03 W32.HLLW.Begbie@mm to W32.Gibe.C@mm 03/19/03 W32.HLLW.Cydog.C@mm to W32.HLLW.Kickin.A@mm 05/08/03 W32.HLLW.Der@mm to W32.Vote.D@mm 03/21/03 W32.HLLW.Eissa to W32.HLLW.Cassidy.B 02/27/03 W32.HLLW.Kifie to W32.HLLW.Backzat.H 02/05/03 W32.HLLW.Lovgate to W32.HLLW.Lovgate@mm 02/20/03 W32.HLLW.Oror.Z@mm to W32.HLLW.Oror.AG@mm 03/04/03 W32.HLLW.VB.A to W32.Jits 04/22/03 W32.HLLW.Zackfoo to W32.Zackfoo 02/27/03 W32.Rondon to Backdoor.IRC.Aladinz.B 03/12/03 W32.Scooter.Worm to W32.HLLP.Scrambler 05/02/03 W32.Taxey to W95.Tenrobot.B 04/23/03 W32.Yaha.I@mm to W32.Yaha.Q@mm 03/27/03 W32.Yalat@mm to W32.Yalat.Worm 02/11/03 W97M.Virugoer to W97M.Twopey.D 04/02/03 X97M.Suhd@mm to X97M.Suhd 05/01/03 Name Changes (sorted by Date changed): Old Virus Name New Virus Name Date changed -------------- -------------- ------------ Backdoor.IRC.Based to Backdoor.IRC.Client 05/08/03 W32.HLLW.Cydog.C@mm to W32.HLLW.Kickin.A@mm 05/08/03 Hackdoor.Mailrelay to Backdoor.Guzu 05/05/03 VBS.Scooter.Worm to VBS.Scrambler.Worm 05/02/03 W32.Scooter.Worm to W32.HLLP.Scrambler 05/02/03 X97M.Suhd@mm to X97M.Suhd 05/01/03 VBS.AlphaE@mm to VBS.Alphae@mm 04/25/03 W32.Backzat.Worm to W32.HLLW.Backzat 04/25/03 IRC.DMSetup to VBS.AlphaE@mm 04/24/03 W32.Taxey to W95.Tenrobot.B 04/23/03 W32.HLLW.VB.A to W32.Jits 04/22/03 Trojan.Poot to Trojan.Slanret.B 04/04/03 W97M.Virugoer to W97M.Twopey.D 04/02/03 W32.Yaha.I@mm to W32.Yaha.Q@mm 03/27/03 W32.HLLW.Der@mm to W32.Vote.D@mm 03/21/03 Backdoor.Colfuser to Backdoor.Coldfusion 03/20/03 W32.HLLW.Begbie@mm to W32.Gibe.C@mm 03/19/03 W32.Deborm.Worm to W32.HLLW.Deborms.B 03/14/03 MAC.Simpsons@mm to MacOS.Simpsons@mm 03/12/03 Mac.Autostart to MacOS.Autostart 03/12/03 Mac.CPro to MacOS.CPro 03/12/03 Mac.ChinaTalk to MacOS.ChinaTalk 03/12/03 Mac.CursorPrank to MacOS.CursorPrank 03/12/03 Mac.DimWit to MacOS.DimWit 03/12/03 Mac.FontFinder to MacOS.FontFinder 03/12/03 Mac.Frankie to MacOS.Frankie 03/12/03 Mac.HotlineDelete to MacOS.HotlineDelete 03/12/03 Mac.HotlineServer to MacOS.HotlineServer 03/12/03 Mac.Mosaic to MacOS.Mosaic 03/12/03 Mac.NVP to MacOS.NVP 03/12/03 Mac.NaughtyLeftovers to MacOS.NaughtyLeftovers 03/12/03 Mac.Oldgirl to MacOS.Oldgirl 03/12/03 Mac.Scores to MacOS.Scores 03/12/03 Mac.Steroid to MacOS.Steroid 03/12/03 Mac.VirusInfo to MacOS.VirusInfo 03/12/03 W32.Rondon to Backdoor.IRC.Aladinz.B 03/12/03 Backdoor.Beasty.E to Backdoor.Plux 03/11/03 Backdoor.Plux to Backdoor.Beasty.E 03/11/03 VBS.Bulbas.B to VBS.Bulbas.B@mm 03/11/03 Backdoor.Zix to Backdoor.Zyxerv 03/06/03 W32.HLLW.Oror.Z@mm to W32.HLLW.Oror.AG@mm 03/04/03 HLLP.Roro to HLLO.Nedal.17174 (1) 02/27/03 VBS.Doggy@mm to HLLP.Roro 02/27/03 W32.HLLW.Eissa to W32.HLLW.Cassidy.B 02/27/03 W32.HLLW.Zackfoo to W32.Zackfoo 02/27/03 W32.HLLW.Lovgate to W32.HLLW.Lovgate@mm 02/20/03 Backdoor.Tkbot to W32.Tkbot.Worm 02/12/03 W32.Yalat@mm to W32.Yalat.Worm 02/11/03 W32.Bagif.Worm to W32.Bagif 02/10/03 W32.HLLW.Kifie to W32.HLLW.Backzat.H 02/05/03 Deletions (sorted by Virus Name): Virus Name Infection Type Date removed ---------- -------------- ------------ Adware.BDE File infector 04/30/03 Adware.BargainBuddy File infector 04/30/03 Adware.CommonName File infector 04/30/03 Adware.Cydoor File infector 04/30/03 Adware.Dware File infector 04/30/03 Adware.Exactbar File infector 04/30/03 Adware.Flashtrack File infector 04/30/03 Adware.Flyswat File infector 04/30/03 Adware.Gator File infector 04/30/03 Adware.IGetNet File infector 04/30/03 Adware.MoeMoney File infector 04/30/03 Adware.Ncase File infector 04/30/03 Adware.Savenow File infector 04/30/03 Backdoor.IRCScript.Fld File infector 05/08/03 Backdoor.IRCScript.Gen File infector 05/08/03 Bin.Auto.CCY File infector 05/08/03 Hacktool.Keyloggpro File infector 04/30/03 PDF.Virus File infector 05/01/03 PDF.Yourde File infector 05/06/03 VBS.Charl File infector 05/02/03 Deletions (sorted by Date removed): Virus Name Infection Type Date removed ---------- -------------- ------------ Backdoor.IRCScript.Fld File infector 05/08/03 Backdoor.IRCScript.Gen File infector 05/08/03 Bin.Auto.CCY File infector 05/08/03 PDF.Yourde File infector 05/06/03 VBS.Charl File infector 05/02/03 PDF.Virus File infector 05/01/03 Adware.BDE File infector 04/30/03 Adware.BargainBuddy File infector 04/30/03 Adware.CommonName File infector 04/30/03 Adware.Cydoor File infector 04/30/03 Adware.Dware File infector 04/30/03 Adware.Exactbar File infector 04/30/03 Adware.Flashtrack File infector 04/30/03 Adware.Flyswat File infector 04/30/03 Adware.Gator File infector 04/30/03 Adware.IGetNet File infector 04/30/03 Adware.MoeMoney File infector 04/30/03 Adware.Ncase File infector 04/30/03 Adware.Savenow File infector 04/30/03 Hacktool.Keyloggpro File infector 04/30/03 ********************************************************************** ** Additional Information ** ********************************************************************** Additional information regarding this virus definitions update can be found in UPDATE.TXT and TECHNOTE.TXT.