home *** CD-ROM | disk | FTP | other *** search

---

/ PC World 1999 April / PCWorld_1999-04_cd.bin / Software / Antiviry / Nav34Dos / 0308i16.exe / WHATSNEW.TXT

< prev

Wrap

Text File  |  1999-03-08  |  20KB  |  352 lines

---

1. **********************************************************************
2. **                                                                  **
3. **  What's New in the NAV Virus Definitions Files      WHATSNEW.TXT **
4. **                                                                  **
5. **  Symantec AntiVirus Research Center (SARC)         March 8, 1999 **
6. **                                                                  **
7. **********************************************************************
8. This document contains the following topics:
9.  
10.  * Virus Alerts
11.  * New Technologies
12.  * Changes Incorporated Into This Update
13.  * Enabling/Disabling PowerPoint Scanning
14.  * Additional Information
15.  
16. **********************************************************************
17. ** Virus Alerts                                                     **
18. **********************************************************************
19. The fifteen most commonly reported viruses, worldwide:
20.  
21.     1  XM.Laroux
22.     2  WM.Concept
23.     3  XM.Extra
24.     4  WM.Cap
25.     5  W97M.Class
26.     6  WM.CopyCap
27.     7  NYB
28.     8  AntiCMOS.A
29.     9  Stealth_Boot.B
30.    10  W95.CIH
31.    11  XF.Paix
32.    12  Stoned.Empire.Monk
33.    13  AntiExe
34.    14  Form.A
35.    15  WM.Wazzu
36.  
37. **********************************************************************
38. ** New Technologies                                                 **
39. **********************************************************************
40.  
41. DATE         Technologies Added
42. ----         ------------------
43. 8/19/98    * Excel heuristics which detect and repair new and unknown
44.              macro viruses in Excel 95 & 97 documents.
45.  
46. 9/16/98    * Added repair for encrypted Excel 97 documents.
47.  
48. 10/21/98   * Heuristics to detect AOL Password Stealer Trojans.
49.            * WORD Heuristics improvement to increase detection rate.
50.  
51. 12/17/98   * Macro Exclusion Engine to speed up the scanning for Word
52.              and Excel documents.
53.            * PowerPoint engine to scan PowerPoint related viruses.
54.              To enable this technology please read "Enabling/Disabling
55.              PowerPoint Scanning" section later in this document.
56.  
57. 02/18/99   * Detection and repair of macro viruses in Word and Excel
58.              2000 documents.
59.  
60. **********************************************************************
61. ** Changes Incorporated Into This Virus Definitions Update            **
62. **********************************************************************
63. New virus definitions:
64.  
65.         Virus Name                Infection Type          Week added
66.         ----------                --------------          ----------
67.         Alar.4873                 File and Boot infector  02/16/99
68.         Alar.4873(b)              Boot infector           03/01/99
69.         Alphavirus.1628           File infector           03/01/99
70.         Antifort.1723             File infector           03/01/99
71.         Antifort.1723 (2)         File infector           03/01/99
72.         Antifort.1723 (3)         File infector           03/01/99
73.         Antifort.1723 (b)         Boot infector           03/01/99
74.         Ascii.675                 File infector           03/01/99
75.         Backdoor.Trojan           File infector           02/16/99
76.         Beast.A.Trojan            File infector           03/01/99
77.         Bottle Trojan             File infector           02/08/99
78.         Bottle Trojan (2)         File infector           02/08/99
79.         Bottle Trojan (3)         File infector           02/08/99
80.         Cluster Bomb.1423 (x)     File infector           03/01/99
81.         COMIlliad.312             File infector           02/16/99
82.         COMIlliad.312(2)          File infector           02/16/99
83.         Darkmatter.2074           File infector           02/18/99
84.         Dead.1373                 File infector           03/01/99
85.         Dead.1373 (2)             File infector           03/01/99
86.         Dead.1373 (x)             File infector           03/01/99
87.         DeathBoy.893              File infector           03/01/99
88.         Diehard2.4000.I           File infector           03/01/99
89.         DoRen VirSimul (b)        Boot Virus Simulator    03/08/99
90.         DoRen VirSimulator        Virus Simulator         03/08/99
91.         DoRen VirSimulator.B      Virus Simulator         03/08/99
92.         DoRen VirSimulator.C      Virus Simulator         03/08/99
93.         FindABCD                  File infector           03/01/99
94.         FindABCD (1)              File infector           03/01/99
95.         Gollum.7167               File infector           02/08/99
96.         Gollum.7167(2)            File infector           02/08/99
97.         Gollum.7167(VxD)          File infector           02/08/99
98.         GU.1500                   File infector           03/01/99
99.         GU.1500 (2)               File infector           03/01/99
100.         GU.1500 (3)               File infector           03/01/99
101.         GU.1594                   File infector           03/01/99
102.         GU.1594 (2)               File infector           03/01/99
103.         H-Ware.4199               File infector           02/08/99
104.         HLLC.Sebek.4407           File infector           03/01/99
105.         HLLC.Sebek.4407 (2)       File infector           03/01/99
106.         HLLC.Sebek.4407 (3)       File infector           03/01/99
107.         HLLC.Sebek.4407 (4)       File infector           03/01/99
108.         HLLO.Pick.3808            File infector           03/01/99
109.         HLLO.Pick.3808 (2)        File infector           03/01/99
110.         HLLO.Pick.3808 (3)        File infector           03/01/99
111.         HLLO.Pick.4016            File infector           03/01/99
112.         HLLO.Pick.4016 (2)        File infector           03/01/99
113.         HLLO.Pick.4016 (3)        File infector           03/01/99
114.         HLLO.Pick.4256            File infector           03/01/99
115.         HLLO.Pick.4256 (2)        File infector           03/01/99
116.         HLLO.Pick.4256 (3)        File infector           03/01/99
117.         HLLP.Jumper.6702          File infector           03/01/99
118.         HLLP.Jumper.6702 (2)      File infector           03/01/99
119.         HLLP.Jumper.6702 (3)      File infector           03/01/99
120.         HLLP.Jumper.6702 (4)      File infector           03/01/99
121.         HLLP.Koles.4493           File infector           03/01/99
122.         HLLP.Koles.4493(2)        File infector           03/01/99
123.         HLLP.Kondor.6800          File infector           03/01/99
124.         HLLP.Kondor.6800 (2)      File infector           03/01/99
125.         HLLP.Kondor.6800 (3)      File infector           03/01/99
126.         HLLP.UX.7088              File infector           03/01/99
127.         HLLP.UX.7088 (2)          File infector           03/01/99
128.         HLLP.UX.7088 (3)          File infector           03/01/99
129.         HLLT.4758                 File infector           03/08/99
130.         HLLT.4758(2)              File infector           03/08/99
131.         HLLT.4758U                File infector           03/08/99
132.         HLLT.4758U(2)             File infector           03/08/99
133.         IVPBased.912              File infector           02/16/99
134.         Jorgito.726               File infector           03/01/99
135.         Jurasic.3242              File infector           02/08/99
136.         Jurasic.3242 (2)          File infector           02/08/99
137.         KillMe.1972               File infector           03/08/99
138.         KillMe.1972 (x)           File infector           03/08/99
139.         KillMe.1972 (x2)          File infector           03/08/99
140.         LittleDevil.2109 (x)      File infector           02/16/99
141.         LittleDevil.2109 (x2)     File infector           02/16/99
142.         lpJahack                  File infector           03/01/99
143.         Nephew.3760               File infector           03/01/99
144.         Netbus.170 dropper        File infector           02/08/99
145.         Netbus.170 dropper (2)    File infector           02/08/99
146.         Netbus.170 dropper (3)    File infector           02/08/99
147.         Nomad.1302                File infector           03/08/99
148.         Nomad.1302 (2)            File infector           03/08/99
149.         O97M.HalfCross.A          File infector           03/08/99
150.         O97M.Jerk                 File infector           03/08/99
151.         O97M.Shiver.D             File infector           03/01/99
152.         O97M.Tristate.A           File infector           02/18/99
153.         O97M.Tristate.C           File infector           03/01/99
154.         O97M.Tristate.Variant     File infector           03/01/99
155.         Piggy.709                 File infector           03/08/99
156.         PLIK.2154                 File infector           03/01/99
157.         PQRVW                     Boot infector           03/01/99
158.         Project.801               File infector           03/08/99
159.         PS-MPC (1)                File infector           03/01/99
160.         Radom.2688                File infector           03/01/99
161.         RDA-Based                 File infector           03/08/99
162.         Sebek.4407 (unp)          File infector           03/01/99
163.         Sebek.4407 (unp) (2)      File infector           03/01/99
164.         Sebek.4407 (unp) (3)      File infector           03/01/99
165.         SillyC.125                File infector           03/01/99
166.         SillyC.126                File infector           03/01/99
167.         SillyC.140B               File infector           03/01/99
168.         SillyC.87                 File infector           03/01/99
169.         Sillyoc.167               File infector           03/01/99
170.         SillyRC.328               File infector           03/01/99
171.         Soulburn.1509             File infector           03/01/99
172.         SPE.718                   File infector           03/01/99
173.         SPE.718 (2)               File infector           03/01/99
174.         SPE.791                   File infector           03/01/99
175.         SPE.791 (2)               File infector           03/01/99
176.         SPE.844                   File infector           03/01/99
177.         SPE.844 (2)               File infector           03/01/99
178.         SPing.Trojan(1)           File infector           03/01/99
179.         SPing.Trojan(2)           File infector           03/01/99
180.         Suleiman.692              File infector           03/01/99
181.         Suleiman.692 (2)          File infector           03/01/99
182.         Systers.2181              File infector           03/01/99
183.         Systers.2181 (x)          File infector           03/01/99
184.         Termite.B                 File infector           02/08/99
185.         Termite.B(2)              File infector           02/08/99
186.         TFSG.2805                 File infector           03/01/99
187.         TFSG.2805 (2)             File infector           03/01/99
188.         TFSG.3000                 File infector           03/01/99
189.         TFSG.3000 (2)             File infector           03/01/99
190.         TFSG.3000 (3)             File infector           03/01/99
191.         Trivial.159               File infector           02/18/99
192.         Trivial.159 (2)           File infector           02/18/99
193.         Trivial.27.G              File infector           03/01/99
194.         Trivial.call.243          File infector           03/01/99
195.         Trivial.Count.35          File infector           03/01/99
196.         Trivial.Win.118           File infector           03/01/99
197.         Trivial.Win.118 (2)       File infector           03/01/99
198.         Trivial.Word.642          File infector           03/01/99
199.         Trivial.Word.642 (2)      File infector           03/01/99
200.         Urkel.B (b)               Boot infector           03/01/99
201.         VCLBased.Comp.241         File infector           02/16/99
202.         VCLBased.Comp.241(2)      File infector           02/16/99
203.         Vein (b)                  Boot infector           03/01/99
204.         Veronika.1490.B           File infector           03/08/99
205.         Vien.435.B                File infector           02/16/99
206.         Viva.695                  File infector           03/01/99
207.         W95.Kenston               File infector           02/08/99
208.         W97M.Argh.A               File infector           02/16/99
209.         W97M.Argh.B               File infector           03/01/99
210.         W97M.Beast.A              File infector           03/01/99
211.         W97M.Class.BE             File infector           03/01/99
212.         W97M.Class.BQ             File infector           02/08/99
213.         W97M.Class.BT             File infector           02/16/99
214.         W97M.Derroche             File infector           02/16/99
215.         W97M.Hark.B               File infector           03/08/99
216.         W97M.LafS.A               File infector           03/01/99
217.         W97M.Nottice.N            File infector           03/01/99
218.         W97M.Opey.A               File infector           02/08/99
219.         W97M.Passbox.E            File infector           02/08/99
220.         W97M.Satt.A               File infector           02/08/99
221.         W97M.Setmd.G              File infector           02/16/99
222.         W97M.Switch               File infector           03/01/99
223.         W97M.Vampire.Q            File infector           03/01/99
224.         W97M.ZMK.P                File infector           02/16/99
225.         WM.Decept.A               File infector           03/01/99
226.         WM.Ivana.G                File infector           02/08/99
227.         WM.KMT.Family             File infector           02/16/99
228.         WM.Niceday.X.Family       File infector           02/16/99
229.         X97M.Sugar.Dropper        File infector           02/08/99
230.         XM.Laroux.GI              File infector           02/16/99
231.         XM.Laroux.GJ              File infector           02/08/99
232.         XM.Laroux.GK              File infector           03/08/99
233.         XM.Laroux.HO              File infector           02/08/99
234.         XM.Laroux.HP              File infector           02/08/99
235.         XM.Laroux.HW              File infector           03/08/99
236.         XM.Ueda                   File infector           03/01/99
237.  
238. Name Changes:
239.  
240.         Old Virus Name            New Virus Name          Date changed
241.         --------------            --------------          ------------
242.         Trojan.APS             to PWsteal.Trojan.4409     10/12/98
243.         Trojan.BOD             to BOD.Trojan              10/12/98
244.         Trojan.Bruces.GF (1)   to Bruces.GF.Trojan        10/12/98
245.         Trojan.Bruces.GF (2)   to Bruces.GF(2).Trojan     10/12/98
246.         Trojan.Bruces.GF (3)   to Bruces.GF.Trojan(3)     10/12/98
247.         Trojan.Candy           to Candy.Trojan            10/12/98
248.         Trojan.DMSetup2        to DMSetup2.IRC.Trojan     10/12/98
249.         Trojan.Hacked          to Hacked.Trojan           10/12/98
250.         Trojan.HaltYou         to HaltYou.Trojan          10/12/98
251.         Trojan.ICKiller        to ICKiller.Trojan         10/12/98
252.         Trojan.Orchid          to Orchid.Trojan           10/12/98
253.         Trojan.Plimo           to Plimo.Trojan            10/12/98
254.         Trojan.Typhoon         to Typhoon.Trojan          10/12/98
255.         Trojan.ViperX          to ViperX.Trojan           10/12/98
256.         Trojan.W95.Netbus      to Netbus.W95.Trojan       10/12/98
257.         Trojan.W95.Netbus.160  to Netbus.160.W95.Trojan   10/12/98
258.         Trojan.Win.Dontt       to Dontt.Win.Trojan        10/12/98
259.         Trojan.Win.FY          to FY.Win.Trojan           10/12/98
260.         Trojan.Win.Taskkill    to Taskkill.Win.Trojan     10/12/98
261.         Trojan.Win95.Jerk      to Jerk.Win95.Trojan       10/12/98
262.         Trojan_4283            to Trojan_4283.Trojan      10/12/98
263.         WM.Concept.CN          to WM.Leveler.A            10/12/98
264.         XM.Laroux.DR           to XM.Laroux.DX            10/12/98
265.         XM.Laroux.DX           to XM.Laroux.DZ            10/12/98
266.  
267. Deletions:
268.  
269.         Virus Name                Infection Type          Date removed
270.         ----------                --------------          ------------
271.         Bottle Trojan             File infector           02/08/99
272.         Cuki.Trojan               File infector           02/01/99
273.         Gollum.7167               File infector           02/08/99
274.         HLLO.3816                 File infector           02/01/99
275.         June 12th.2265 (2)        File infector           02/08/99
276.         LittleDevil.2109 (x)      File infector           02/08/99
277.         PS-MPC (1)                File infector           03/01/99
278.         Vien.435.B                File infector           02/01/99
279.         W95.Spawn.cmp             File infector           03/08/99
280.         X97M.Sugar.Dropper        File infector           02/08/99
281.  
282. **********************************************************************
283. **    Enabling/Disabling PowerPoint Scanning                                      **
284. **********************************************************************
285. To enable PowerPoint scanning in NAV for Windows 95/NT version 4.0 or
286. greater, a text file named NAVEX15.INF should be placed in the
287. directory where NAV 4.0 is installed
288. (i.e., C:\Program Files\Norton AntiVirus).
289.  
290. To enable PowerPoint scanning in NAV for Netware version 4.0, a text
291. file named NAVEX15.INF should be placed in the directory where NAV 4.0
292. is installed (i.e., sys:system\navnlm).
293.  
294. To enable PowerPoint scanning in NAV for Windows 95/NT version 2.0,
295. NAV 4.0 for Windows 3.1/DOS, NAVIEG 1.0, or NAVFW 1.0 a text file
296. named NAVEX.INF should be placed in the directory where NAV is
297. installed (i.e., C:\NAV).
298.  
299. The contents of the text file, NAVEX15.INF or NAVEX.INF, determine
300. which components of NAV have PowerPoint scanning enabled.
301.  
302. To enable PowerPoint scanning for a particular component, use the
303. following table to determine the lines to add to the text file.
304. PowerPoint scanning can be enabled for more than one component if
305. needed by adding the required lines for the desired components.
306.  
307. +---------------------+--------------------------+--------------------+
308. |Windows 95/NT scanner|Windows 95/NT auto-protect|DOS scanner         |
309. +---------------------+--------------------------+--------------------+
310. |[NAVW32]             |[NAVAP]                   |[NAVDX]             |
311. |PowerPointScanning=1 |PowerPointScanning=1      |PowerPointScanning=1|
312. +---------------------+--------------------------+--------------------+
313.  
314. +----------------------+--------------------+
315. |Windows 3.1 scanner/AP|Netware scanner     |
316. +----------------------+--------------------+
317. |[NAVWIN]              |[NAVNLM]            |
318. |PowerPointScanning=1  |PowerPointScanning=1|
319. +----------------------+--------------------+
320.  
321. To disable PowerPoint scanning for a component, delete the lines
322. added for that component from the NAVEX15.INF or NAVEX.INF file.
323.  
324. **********************************************************************
325. **    Additional Information                                            **
326. **********************************************************************
327. SARC has equipped Norton AntiVirus with a new feature called
328. "Infestation Mode."  If a large number of new or unknown viruses
329. is found on the system during a scan, Norton AntiVirus will
330. automatically enable its highest level of detection.  This gives
331. users the most comprehensive protection in cases where a viral
332. infestation may have been detected.  If you would like to disable
333. this feature, you can do so by following these instructions:
334.  
335. 1. Create a text File called NAVEX15.INF in your Norton AntiVirus
336.    directory,e.g., C:\Program Files\Norton AntiVirus. If this file
337.    already exist go to step two.
338.  
339. 2. Place the following lines in this File on the left-hand margin:
340.  
341. [NAVW32]
342. infestmode=0
343.  
344. [NAVDX]
345. infestmode=0
346.  
347. 3. Save the File.
348.  
349.  
350. Additional information regarding this virus definitions update can be
351. found in UPDATE.TXT and TECHNOTE.TXT.
352.