home *** CD-ROM | disk | FTP | other *** search

---

/ Chip 2000 March / Chip_2000-03_cd.bin / servis / Aviry / NAV / 0124i32.exe / WHATSNEW.TXT

< prev

next >

Wrap

Text File  |  2000-01-24  |  23KB  |  397 lines

---

1. **********************************************************************
2. **                                                                  **
3. **  What's New in the NAV Virus Definitions Files      WHATSNEW.TXT **
4. **                                                                  **
5. **  Symantec AntiVirus Research Center (SARC)      January 24, 2000 **
6. **                                                                  **
7. **********************************************************************
8. This document contains the following topics:
9.  
10.  * Virus Alerts
11.  * New Technologies
12.  * Changes Incorporated Into This Update
13.  * Enabling/Disabling PowerPoint Scanning
14.  * Additional Information
15.  
16. **********************************************************************
17. ** Virus Alerts                                                     **
18. **********************************************************************
19. The ten most commonly reported viruses, worldwide:
20.  
21.     1  W97M.Class
22.     2  XM.Laroux
23.     3  O97M.Tristate
24.     4  W95.CIH
25.     5  Happy99.Worm
26.     6  WM.Cap
27.     7  W97M.ColdApe
28.     8  W97M.Ethan
29.     9  W97M.Melissa
30.    10  Worm.ExploreZip
31.  
32. **********************************************************************
33. ** New Technologies                                                 **
34. **********************************************************************
35.  
36. DATE         Technologies Added
37. ----         ------------------
38. 8/19/98    * Excel heuristics which detect and repair new and unknown
39.              macro viruses in Excel 95 & 97 documents.
40.  
41. 9/16/98    * Added repair for encrypted Excel 97 documents.
42.  
43. 10/21/98   * Heuristics to detect AOL Password Stealer Trojans.
44.            * WORD Heuristics improvement to increase detection rate.
45.  
46. 12/17/98   * Macro Exclusion Engine to speed up the scanning for Word
47.              and Excel documents.
48.            * PowerPoint engine to scan PowerPoint related viruses.
49.              To enable this technology please read "Enabling/Disabling
50.              PowerPoint Scanning" section later in this document.
51.  
52. 02/18/99   * Detection and repair of macro viruses in Word and Excel
53.              2000 documents.
54.  
55. 05/12/99   * Added repair for PowerPoint viruses.
56.            * Improved heuristics to detect more WORD 97 related
57.              viruses.
58.  
59. 06/10/99   * Menu repair technology for WORD macro viruses that change
60.              command bar customizations in NORMAL.DOT.
61.  
62. 07/12/99   * Added support for scanning of Ichitaro 8/9 documents.
63.              (Ichitaro is a Japanese word processing program).
64.  
65. 08/19/99   * Added detection and repair for embedded documents inside
66.              PowerPoint 97.
67.  
68. 11/22/99   * Added detection and repair for Trojans embedded in OLE
69.              files, such as Windows scrap files and MS Office
70.              documents.
71.            * Added detection for viruses which infect Microsoft
72.              Project documents (P98M.Corner.A, for example).
73.  
74.  
75. **********************************************************************
76. ** Changes Incorporated Into This Virus Definitions Update            **
77. **********************************************************************
78. New virus definitions:
79.  
80.         Virus Name                Infection Type          Week added
81.         ----------                --------------          ----------
82.         AOL 79316.Trojan          File infector           01/24/00
83.         Backdoor.BO.d             File infector           12/30/99
84.         Backdoor.Netget.A         File infector           01/03/00
85.         Backdoor.SchoolBus.A      File infector           12/30/99
86.         Backdoor.Sockets23        File infector           01/24/00
87.         Backdoor.sysinst          File infector           12/27/99
88.         Backdoor.TheThing.b       File infector           12/27/99
89.         Backdoor.TheThing.c       File infector           12/30/99
90.         BAT.Chantal.B             File infector           12/30/99
91.         Bloodhound.W32            File infector           01/15/00
92.         Danny.872                 File infector           12/30/99
93.         DMsetup242.IRC.Trojan     File infector           01/15/00
94.         DonaldD.Trojan.a          File infector           01/15/00
95.         Hellfire                  File infector           01/10/00
96.         Hellfire (2)              File infector           01/10/00
97.         Hellfire (3)              File infector           01/10/00
98.         I-Worm.NewApt.c           File infector           01/10/00
99.         Kill98.Trojan             File infector           01/03/00
100.         Marzia.2048.ww.c          File and boot infector  01/03/00
101.         Marzia.2048.ww.c (2)      File and boot infector  01/03/00
102.         Marzia.2048.ww.c (b)      File and boot infector  01/03/00
103.         Marzia.D                  File and Boot infector  12/30/99
104.         Marzia.D (2)              File and Boot infector  12/30/99
105.         O97M.Hopper.S             File infector           12/27/99
106.         O97M.Toraja.A             File infector           12/27/99
107.         Opera                     File infector           01/24/00
108.         Orifice.dr                File infector           01/03/00
109.         PSW.Weird.Trojan          File infector           12/30/99
110.         THE_FLY                   File infector           12/27/99
111.         Trivial.i.ow.15360        File infector           12/30/99
112.         Trojan.77254              File infector           01/24/00
113.         Trojan.AOL.Winsyst        File infector           12/27/99
114.         Trojan.Coced              File infector           01/24/00
115.         Trojan.Gas                File infector           01/24/00
116.         Trojan.Logger             File infector           12/27/99
117.         Trojan.MSREXE             File infector           12/27/99
118.         Trojan.MSREXE.b           File infector           01/24/00
119.         Trojan.RFPoison           File infector           12/27/99
120.         Trojan.Skism.a            File infector           01/10/00
121.         Trojan.Watcher            File infector           01/03/00
122.         VBS.Chantal.B             File infector           12/30/99
123.         VBS.Illen                 File infector           12/27/99
124.         VBS.Illen.B               File infector           01/24/00
125.         VBS.Lucky                 File infector           01/03/00
126.         VBS.Mix.1852.A            File infector           01/03/00
127.         VBS.Tune                  File infector           12/30/99
128.         Vienna.457                File infector           01/15/00
129.         W2K.Installer.1676        File infector           01/10/00
130.         W2K.Installer.1688        File infector           01/10/00
131.         W32.Antiqfx.Worm          File infector           12/30/99
132.         W32.Cabanas (gen1)        File infector           01/10/00
133.         W32.Crypto                File infector           01/03/00
134.         W32.ExploreZip.D.Worm     File infector           01/24/00
135.         W32.HLPDemo.Dropper       File infector           12/27/99
136.         W32.I13.8192.B            File infector           01/24/00
137.         W32.IhSix.3048            File infector           01/03/00
138.         W32.IhSix.Wsock           File infector           01/03/00
139.         W32.Legacy                File infector           01/03/00
140.         W32.Mix.1852              File infector           01/03/00
141.         W32.Mix.1852.dr           File infector           01/03/00
142.         W32.NewApt.C2.Worm        File infector           01/10/00
143.         W32.NewApt.D.Worm         File infector           01/10/00
144.         W32.Oporto.3074           File infector           12/27/99
145.         W32.Passion.26112         File infector           12/27/99
146.         W32.Passion.27648         File infector           12/10/99
147.         W32.Passion.27648(2)      File infector           12/10/99
148.         W32.Plage.Worm            File infector           01/14/00
149.         W32.Resure.29696          File infector           01/10/00
150.         W32.Sahara.9728           File infector           12/27/99
151.         W32.Stupid.B              File infector           01/03/00
152.         W32.Winext.Worm           File infector           01/24/00
153.         W95.Caw                   File infector           12/27/99
154.         W95.CIH (int)             File infector           01/10/00
155.         W95.Enumiacs              File infector           01/24/00
156.         W95.Esmeralda.807         File infector           12/30/99
157.         W95.Fiasko.2500           File infector           01/10/00
158.         W95.Filth.1030            File infector           01/24/00
159.         W95.Horn.1862             File infector           01/24/00
160.         W95.I13.8192              File infector           01/10/00
161.         W95.Lovesong.998          File infector           12/30/99
162.         W95.Mmort.1340            File infector           01/10/00
163.         W95.Murkry.399            File infector           01/03/00
164.         W95.Nathan                File infector           12/27/99
165.         W95.Nathan.3792           File infector           01/10/00
166.         W95.SK                    File infector           01/03/00
167.         W95.Spaces.1633           File infector           12/30/99
168.         W95.Spawn.4608            File infector           01/10/00
169.         W95.Vulcano.Int           File infector           12/27/99
170.         W95.WG.12288              File infector           01/03/00
171.         W95.Ylang.1024            File infector           12/27/99
172.         W97M.Akuma.Family         File infector           12/27/99
173.         W97M.Alliance.A           File infector           12/27/99
174.         W97M.Alliance.I           File infector           12/27/99
175.         W97M.Anime.A.Troj         File infector           12/27/99
176.         W97M.Armagid.A            File infector           01/03/00
177.         W97M.Astia.W              File infector           12/30/99
178.         W97M.Astia.Z              File infector           01/10/00
179.         W97M.Backhand.A           File infector           12/30/99
180.         W97M.Brisk.A              File infector           12/27/99
181.         W97M.Bumble.B             File infector           12/27/99
182.         W97M.Chantal.B            File infector           12/30/99
183.         W97M.Chydow.A             File infector           12/27/99
184.         W97M.Drawbridge           File infector           01/15/00
185.         W97M.Eitern.A             File infector           12/27/99
186.         W97M.Emelia.A             File infector           12/27/99
187.         W97M.Emelia.B             File infector           12/27/99
188.         W97M.Figura.A             File infector           01/10/00
189.         W97M.JuneFill.A           File infector           01/10/00
190.         W97M.Liar                 File infector           12/27/99
191.         W97M.Minimal.BH           File infector           12/27/99
192.         W97M.Minimorph.B          File infector           12/27/99
193.         W97M.Mono.A               File infector           12/27/99
194.         W97M.Multino.A            File infector           12/27/99
195.         W97M.Mxfile.B             File infector           01/24/00
196.         W97M.Myna.C               File infector           01/24/00
197.         W97M.Neo.A                File infector           12/27/99
198.         W97M.Opey.M               File infector           01/03/00
199.         W97M.Pathetic.B           File infector           12/27/99
200.         W97M.Patricia.A           File infector           01/15/00
201.         W97M.Pene.A               File infector           12/27/99
202.         W97M.Pip.A                File infector           12/27/99
203.         W97M.Pr.A                 File infector           12/27/99
204.         W97M.Pull.A               File infector           01/10/00
205.         W97M.Reveal.A             File infector           12/27/99
206.         W97M.Rgade                File infector           01/24/00
207.         W97M.Scharf.A             File infector           12/27/99
208.         W97M.Shepmah              File infector           01/10/00
209.         W97M.SN.A                 File infector           12/27/99
210.         W97M.STM.A                File infector           12/27/99
211.         W97M.Techno.A             File infector           12/27/99
212.         W97M.Thus.B               File infector           01/24/00
213.         W97M.Thus.E               File infector           12/30/99
214.         W97M.Thus.F               File infector           01/10/00
215.         W97M.Thus.G               File infector           01/15/00
216.         W97M.Tvang.A              File infector           12/27/99
217.         W97M.Tvang.B              File infector           12/27/99
218.         W97M.VMPCK1.CR            File infector           12/27/99
219.         W97M.VMPCK1.DE            File infector           12/30/99
220.         W97M.VMPCK1.DF            File infector           01/15/00
221.         W97M.VMPCK1.DG            File infector           01/24/00
222.         W97M.Zerg.B               File infector           12/30/99
223.         WinSKC.Trojan             File infector           01/10/00
224.         WM.Alliance.J             File infector           12/27/99
225.         WM.EMV.A                  File infector           12/27/99
226.         WM.Marc.C                 File infector           12/27/99
227.         WM.ME                     File infector           12/27/99
228.         WM.Minimal.BM             File infector           12/27/99
229.         WM.MVM.A                  File infector           12/27/99
230.         WM.Simple.C               File infector           12/27/99
231.         WM.TH.A                   File infector           01/15/00
232.         WM.TH.B                   File infector           01/24/00
233.         WM.Why.B                  File infector           12/27/99
234.         Worm.ExploreZip.B         File infector           12/10/99
235.         Worm.ExploreZip.C         File infector           12/30/99
236.         WScript.KakWorm           File infector           12/30/99
237.         X97M.Faith.A              File infector           12/27/99
238.         X97M.Manalo.F             File infector           12/27/99
239.         X97M.Manalo.G             File infector           12/27/99
240.         X97M.Sud.A.intd           File infector           12/27/99
241.         XM.Manalo.E               File infector           12/27/99
242.         XM.Weit.A                 File infector           12/27/99
243.         YAI.Trojan                File infector           01/24/00
244.         Zelu                      File infector           01/03/00
245.  
246. Name Changes:
247.  
248.         Old Virus Name            New Virus Name          Date changed
249.         --------------            --------------          ------------
250.         W32.Passion.27648(2)   to Backdoor.VHM            01/24/00
251.         W32.Stupid             to W32.Stupid.A            01/03/00
252.         W95.Nathan             to W95.Nathan.3520         01/10/00
253.         W97M.Aleja             to W97M.Aleja.B            01/24/00
254.         W97M.Aleja5            to W97M.Aleja.A            01/24/00
255.         W97M.Aleja5.B          to W97M.Aleja.C            01/24/00
256.         W97M.Aleja5.C          to W97M.Aleja.E            01/24/00
257.         W97M.Aleja5.D          to W97M.Aleja.I            01/24/00
258.         W97M.Aleja5.E          to W97M.Aleja.D            01/24/00
259.         W97M.Anime.A.Troj      to W97M.Anime.A.Trojan     12/30/99
260.         W97M.AntiSocial        to W97M.AntiSocial.A/B     01/24/00
261.         W97M.AntiSocial.F      to W97M.AntiSocial.F,H     01/24/00
262.         W97M.Appder.O          to W97M.Appder.S           01/24/00
263.         W97M.Bablas            to W97M.Bablas.Family      01/24/00
264.         W97M.BADTEMP.A         to W97M.Smac.B             01/24/00
265.         W97M.Bellingham        to W97M.Metys.A            01/24/00
266.         W97M.Biolord           to W97M.Nid.A              01/24/00
267.         W97M.Cali.A            to W97M.Caligula.A         01/24/00
268.         W97M.Carrier.D         to W97M.Sin.A.intd         01/24/00
269.         W97M.Cartman.B         to W97M.VMPCK1.F           01/24/00
270.         W97M.Cartman.C         to W97M.VMPCK1.T           01/24/00
271.         W97M.Cartman.D         to W97M.VMPCK1.U           01/24/00
272.         W97M.Cartman.E         to W97M.VMPCK1.CX          01/24/00
273.         W97M.CHACK.I           to W97M.Chack.K            01/24/00
274.         W97M.CHACK.J           to W97M.Chack.AR           01/24/00
275.         W97M.Class.BD          to W97M.Class.AZ/BD/EA     01/24/00
276.         W97M.Class.BE          to W97M.Class.AY           01/24/00
277.         W97M.Class.BP          to W97M.Class.BH           01/24/00
278.         W97M.Class.BT          to W97M.Class.BV           01/24/00
279.         W97M.Class.D           to W97M.Jerk.A             01/24/00
280.         W97M.Class.S           to W97M.Class.I.var        01/24/00
281.         W97M.ColdApe.B         to W97M.ColdApe.C          01/24/00
282.         W97M.ColdApe.C         to W97M.ColdApe.B          01/24/00
283.         W97M.CopyTemp.intd     to W97M.Buendi.A           01/24/00
284.         W97M.Counter.D         to W97M.Counter.E          01/24/00
285.         W97M.Creeper           to W97M.Magnetic.A         01/24/00
286.         W97M.Daydream.A        to W97M.Lys.E              01/24/00
287.         W97M.Derroche          to W97M.DWMVCK1.F          01/24/00
288.         W97M.Destro            to W97M.Class.BV(2)        01/24/00
289.         W97M.Drawbridge        to W97M.Opey.O             01/24/00
290.         W97M.DWMVCK1.C         to W97M.PassBox.C          01/24/00
291.         W97M.DWMVCK1.F         to W97M.Ozwer.A            01/24/00
292.         W97M.DWMVCK1.G         to W97M.VMPCK1.CZ          01/24/00
293.         W97M.DWMVCK1.H         to W97M.Ozwer.C            01/24/00
294.         W97M.Emelia.A          to W97M.Emelia.A(intd)     12/30/99
295.         W97M.Emelia.B          to W97M.Emelia.B(intd)     12/30/99
296.         W97M.Footprint         to W97M.Footer.B           01/24/00
297.         W97M.Furby             to W97M.Class.BA/BB        01/24/00
298.         W97M.Hark.B            to W97M.Nottice.Y          01/24/00
299.         W97M.India.C           to W97M.Marker.AB          01/24/00
300.         W97M.IRCJack.A         to W97M.Story.A            01/24/00
301.         W97M.ITSC              to W97M.Osm                01/24/00
302.         W97M.Jedi.G            to W97M.Jedi.J             01/24/00
303.         W97M.Joy               to W97M.Class.W            01/24/00
304.         W97M.JuneFill.A        to W97M.Marker.BN          01/24/00
305.         W97M.Liar              to W97M.Liar(gen)          12/30/99
306.         W97M.Passbox.C         to W97M.Passbox.D          01/24/00
307.         W97M.Passbox.D         to W97M.Passbox.D(2)       01/24/00
308.         W97M.Scharf.A          to W97M.Scharf.A.trojan    12/30/99
309.         W97M.Tvang.A           to W97M.Tvang.A.trojan     12/30/99
310.         W97M.Tvang.B           to W97M.Tvang.B.trojan     12/30/99
311.         W97M.VMPCK1.F          to W97M.Remplace.E         01/24/00
312.         WM.ME                  to WM.ME(gen)              12/30/99
313.         XM.Laroux.TM           to XM.Laroux.LI            12/21/99
314.  
315. Deletions:
316.  
317.         Virus Name                Infection Type          Date removed
318.         ----------                --------------          ------------
319.         Marzia.D                  File and Boot infector  12/30/99
320.  
321. **********************************************************************
322. **    Enabling/Disabling PowerPoint Scanning                            **
323. **********************************************************************
324. PowerPoint Scanning is now enabled by default and can be optionally
325. disabled.  However, you may want to verify that files with
326. PowerPoint extensions will be scanned by making sure that your
327. NAV options have both ".PPT" and ".POT" in the list of extensions
328. to scan.
329.  
330. To disable PowerPoint scanning in NAV for Windows 95/NT
331. version 4.x or NAV for OS/2, a text file named NAVEX15.INF should
332. be placed in the directory where NAV 4.x or NAV 5.x is installed
333. (i.e., C:\Program Files\Norton AntiVirus).
334.  
335. To disable PowerPoint scanning in NAV for Netware version 4.x, a text
336. file named NAVEX15.INF should be placed in the directory where NAV
337. 4.x is installed (i.e., sys:system\navnlm).
338.  
339. To disable PowerPoint scanning in NAV for Windows 95/NT version 2.0,
340. NAV 4.x for Windows 3.1/DOS, NAVIEG 1.x, or NAVFW 1.x a text file
341. named NAVEX.INF should be placed in the directory where NAV is
342. installed (i.e., C:\NAV).
343.  
344. The contents of the text file, NAVEX15.INF or NAVEX.INF, determine
345. which components of NAV have PowerPoint scanning disabled.
346.  
347. To disable PowerPoint scanning for a particular component, use the
348. following table to determine the lines to add to the text file.
349. PowerPoint scanning can be disabled for more than one component if
350. needed by adding the required lines for the desired components.
351.  
352. +---------------------+--------------------------+--------------------+
353. |Windows 95/NT scanner|Windows 95/NT auto-protect|DOS scanner         |
354. +---------------------+--------------------------+--------------------+
355. |[NAVW32]             |[NAVAP]                   |[NAVDX]             |
356. |PowerPointScanning=0 |PowerPointScanning=0      |PowerPointScanning=0|
357. +---------------------+--------------------------+--------------------+
358.  
359. +----------------------+--------------------+--------------------+
360. |Windows 3.1 scanner/AP|Netware scanner         |OS/2 scanner/AP |
361. +----------------------+--------------------+--------------------+
362. |[NAVWIN]              |[NAVNLM]            |[NAVOS2]            |
363. |PowerPointScanning=0  |PowerPointScanning=0|PowerPointScanning=0|
364. +----------------------+--------------------+--------------------+
365.  
366. To enable PowerPoint scanning for a component, delete the lines
367. added for that component from the NAVEX15.INF or NAVEX.INF file.
368.  
369. **********************************************************************
370. **    Additional Information                                            **
371. **********************************************************************
372. SARC has equipped Norton AntiVirus with a new feature called
373. "Infestation Mode."  If a large number of new or unknown viruses
374. is found on the system during a scan, Norton AntiVirus will
375. automatically enable its highest level of detection.  This gives
376. users the most comprehensive protection in cases where a viral
377. infestation may have been detected.  If you would like to disable
378. this feature, you can do so by following these instructions:
379.  
380. 1. Create a text File called NAVEX15.INF in your Norton AntiVirus
381.    directory,e.g., C:\Program Files\Norton AntiVirus. If this file
382.    already exist go to step two.
383.  
384. 2. Place the following lines in this File on the left-hand margin:
385.  
386. [NAVW32]
387. infestmode=0
388.  
389. [NAVDX]
390. infestmode=0
391.  
392. 3. Save the File.
393.  
394.  
395. Additional information regarding this virus definitions update can be
396. found in UPDATE.TXT and TECHNOTE.TXT.
397.