home *** CD-ROM | disk | FTP | other *** search
/ PC World 1999 May / PCWorld_1999-05_cd.bin / software / Antiviry / navuniv / 0408x86.exe / WHATSNEW.TXT < prev    next >
Text File  |  1999-04-08  |  19KB  |  335 lines

  1. **********************************************************************
  2. **                                                                  **
  3. **  What's New in the NAV Virus Definitions Files      WHATSNEW.TXT **
  4. **                                                                  **
  5. **  Symantec AntiVirus Research Center (SARC)        April 08, 1999 **
  6. **                                                                  **
  7. **********************************************************************
  8. This document contains the following topics:
  9.  
  10.  * Virus Alerts
  11.  * New Technologies
  12.  * Changes Incorporated Into This Update
  13.  * Enabling/Disabling PowerPoint Scanning
  14.  * Additional Information
  15.  
  16. **********************************************************************
  17. ** Virus Alerts                                                     **
  18. **********************************************************************
  19. The fifteen most commonly reported viruses, worldwide:
  20.  
  21.     1  XM.Laroux
  22.     2  WM.Concept
  23.     3  XM.Extra
  24.     4  WM.Cap
  25.     5  W97M.Class
  26.     6  WM.CopyCap
  27.     7  NYB
  28.     8  AntiCMOS.A
  29.     9  Stealth_Boot.B
  30.    10  W95.CIH
  31.    11  XF.Paix
  32.    12  Stoned.Empire.Monk
  33.    13  AntiExe
  34.    14  Form.A
  35.    15  WM.Wazzu
  36.  
  37. **********************************************************************
  38. ** New Technologies                                                 **
  39. **********************************************************************
  40.  
  41. DATE         Technologies Added
  42. ----         ------------------
  43. 8/19/98    * Excel heuristics which detect and repair new and unknown
  44.              macro viruses in Excel 95 & 97 documents.
  45.  
  46. 9/16/98    * Added repair for encrypted Excel 97 documents.
  47.  
  48. 10/21/98   * Heuristics to detect AOL Password Stealer Trojans.
  49.            * WORD Heuristics improvement to increase detection rate.
  50.  
  51. 12/17/98   * Macro Exclusion Engine to speed up the scanning for Word
  52.              and Excel documents.
  53.            * PowerPoint engine to scan PowerPoint related viruses.
  54.              To enable this technology please read "Enabling/Disabling
  55.              PowerPoint Scanning" section later in this document.
  56.  
  57. 02/18/99   * Detection and repair of macro viruses in Word and Excel
  58.              2000 documents.
  59.  
  60. **********************************************************************
  61. ** Changes Incorporated Into This Virus Definitions Update            **
  62. **********************************************************************
  63. New virus definitions:
  64.  
  65.         Virus Name                Infection Type          Week added
  66.         ----------                --------------          ----------
  67.         ARCV.1060 (1)             File infector           04/08/99
  68.         ARCV.1060 (2)             File infector           04/08/99
  69.         ARCV.1060 (x)             File infector           04/08/99
  70.         ARCV.1060.Dropper         File infector           04/08/99
  71.         Bleem.Trojan              File infector           04/08/99
  72.         Bloodhound.NeuralBoot     Boot infector           04/08/99
  73.         Bloodhound.NeuralMBR      Boot infector           04/08/99
  74.         DarkCowboy.2484           File infector           04/08/99
  75.         DarkCowboy.2484 (2)       File infector           04/08/99
  76.         Del_Armgo.366             File infector           03/22/99
  77.         Del_Armgo.366(2)          File infector           03/22/99
  78.         DoRen VirSimul (b)        Boot Virus Simulator    03/08/99
  79.         DoRen VirSimulator        Virus Simulator         03/08/99
  80.         DoRen VirSimulator.B      Virus Simulator         03/08/99
  81.         DoRen VirSimulator.C      Virus Simulator         03/08/99
  82.         Fair.1936                 File infector           04/08/99
  83.         Fair.1936 (x)             File infector           04/08/99
  84.         HLLC.6052 (1)             File infector           04/08/99
  85.         HLLC.6052 (2)             File infector           04/08/99
  86.         HLLO.RAMA.2666            File infector           04/02/99
  87.         HLLO.RAMA.2666(2)         File infector           04/02/99
  88.         HLLO.VSW.4017             File infector           04/02/99
  89.         HLLO.VSW.4017(2)          File infector           04/02/99
  90.         HLLP.9787                 File infector           04/02/99
  91.         HLLP.9787(2)              File infector           04/02/99
  92.         HLLP.AB.7508              File infector           04/02/99
  93.         HLLP.AB.7508(2)           File infector           04/02/99
  94.         HLLP.Krile.5744           File infector           04/02/99
  95.         HLLP.Krile.5744(2)        File infector           04/02/99
  96.         HLLP.REDARC.TWIX          File infector           04/02/99
  97.         HLLP.REDARC.TWIX(2)       File infector           04/02/99
  98.         HLLP.Russian.5701         File infector           04/02/99
  99.         HLLP.Russian.5701(2)      File infector           04/02/99
  100.         HLLP.Russian.6002         File infector           04/02/99
  101.         HLLP.Russian.6002(2)      File infector           04/02/99
  102.         HLLT.4758                 File infector           03/08/99
  103.         HLLT.4758(2)              File infector           03/08/99
  104.         HLLT.4758U                File infector           03/08/99
  105.         HLLT.4758U(2)             File infector           03/08/99
  106.         HLLT.7864                 File infector           04/02/99
  107.         HLLT.7864(2)              File infector           04/02/99
  108.         Intended.Online.627       File infector           03/22/99
  109.         Jerkin.333                File infector           04/08/99
  110.         Jeru.Tarapa.B (1)         File infector           04/08/99
  111.         Jeru.Tarapa.B (2)         File infector           04/08/99
  112.         Jeru.Tarapa.B (x1)        File infector           04/08/99
  113.         Jeru.Tarapa.B (x2)        File infector           04/08/99
  114.         Jeru.Tarapa.C             File infector           04/02/99
  115.         Jeru.Tarapa.C (x)         File infector           04/02/99
  116.         Jerusalem.1716.A (x)      File infector           04/02/99
  117.         KillMe.1972               File infector           03/08/99
  118.         KillMe.1972 (x)           File infector           03/08/99
  119.         KillMe.1972 (x2)          File infector           03/08/99
  120.         leo.328                   File infector           04/08/99
  121.         leo.328 (2)               File infector           04/08/99
  122.         Lizard.5150 (VXD)         File infector           04/08/99
  123.         Lizard.5150 (VXD) (2)     File infector           04/08/99
  124.         LUCE.3600                 File infector           04/08/99
  125.         Markiz.1972               File infector           03/22/99
  126.         Nazgul                    File infector           04/02/99
  127.         Nazgul(2)                 File infector           04/02/99
  128.         Nomad.1302                File infector           03/08/99
  129.         Nomad.1302 (2)            File infector           03/08/99
  130.         Nuke.Howard.Dropper       File infector           04/08/99
  131.         Nuke.Marauder.Dropper     File infector           04/08/99
  132.         O97M.HalfCross.A          File infector           03/08/99
  133.         O97M.Jerk                 File infector           03/08/99
  134.         OFFIN.365                 File infector           04/02/99
  135.         Opa.257                   File infector           04/02/99
  136.         Orifice.Addon.Trojan      File infector           04/08/99
  137.         PASCASIO.402              File infector           04/02/99
  138.         PASCASIO.402(2)           File infector           04/02/99
  139.         Piggy.709                 File infector           03/08/99
  140.         PP97M.Master.A            File infector           03/22/99
  141.         PP97M.Vic.B               File infector           03/22/99
  142.         Project.801               File infector           03/08/99
  143.         ProMail.Trojan            Trojan Horse            03/22/99
  144.         RDA-Based                 File infector           03/08/99
  145.         Silly.491                 File infector           03/22/99
  146.         SILLYC.98                 File infector           04/02/99
  147.         Simple.IncorrectDOS       File infector           04/08/99
  148.         SISORUEN.463              File infector           04/02/99
  149.         Sisters.902               File infector           03/15/99
  150.         Small.104.b               File infector           04/08/99
  151.         Spooky.218                File infector           04/02/99
  152.         Tai-Pan                   File infector           04/02/99
  153.         TAI-PAN.1104 (x1)         File infector           04/02/99
  154.         TAI-PAN.1104 (x2)         File infector           04/02/99
  155.         TaiPan.Doom2.666          File infector           03/22/99
  156.         TaiPan.Doom2.666(2)       File infector           03/22/99
  157.         Tiny.273                  File infector           04/08/99
  158.         Tiny.273 (2)              File infector           04/08/99
  159.         Toys.Companion.5000       File infector           04/02/99
  160.         Toys.Companion.5000(2)    File infector           04/02/99
  161.         Triv.29.J                 File infector           04/02/99
  162.         Trivial.180               File infector           04/02/99
  163.         Trivial.63.B              File infector           04/02/99
  164.         Trivial.77                File infector           04/08/99
  165.         Trivial.79                File infector           04/02/99
  166.         Trivial.80                File infector           04/02/99
  167.         Trivial.87.B              File infector           04/02/99
  168.         Trivial.89.B              File infector           04/02/99
  169.         TRIVIAL.HTML.866          File infector           04/02/99
  170.         TRIVIAL.HTML.867          File infector           04/02/99
  171.         TRIVIAL.HTML.883          File infector           04/02/99
  172.         Twin.351b                 File infector           04/02/99
  173.         V.544                     File infector           04/08/99
  174.         Veronika.1490.B           File infector           03/08/99
  175.         Vien.623 (2)              File infector           04/08/99
  176.         W32.Apathy                File infector           04/08/99
  177.         W32.Heretic               File infector           04/08/99
  178.         W32.Heretic (DLL)         File infector           04/08/99
  179.         W32.Heretic (DLL) (2)     File infector           04/08/99
  180.         W32.Heretic (DLL) (3)     File infector           04/08/99
  181.         W32.Idyllwild             File infector           04/08/99
  182.         W32.Maya                  File infector           04/08/99
  183.         W32.Redemption            File infector           04/08/99
  184.         W32.VB                    File infector           04/08/99
  185.         W95.Fono (b)              File and Boot infector  04/08/99
  186.         W95.Inca (var)            File infector           03/15/99
  187.         W95.Inca (var2)           File infector           03/15/99
  188.         W95.Lud.Jadis             File infector           04/08/99
  189.         W95.Mad.2736              File infector           04/08/99
  190.         W95.Murky.390             File infector           04/08/99
  191.         W95.Regswap               File infector           04/08/99
  192.         W95.Sexy                  File infector           04/02/99
  193.         W95.Spawn.cmp             File infector           03/15/99
  194.         W95.Twinny                File infector           04/08/99
  195.         W95.Uwaga                 File infector           04/08/99
  196.         W97M.Aleja5               File infector           03/15/99
  197.         W97M.Class.CN             File infector           04/02/99
  198.         W97M.Counter.D            File infector           04/08/99
  199.         W97M.Furby                File infector           03/15/99
  200.         W97M.Hark.B               File infector           03/08/99
  201.         W97M.Joy                  File infector           04/08/99
  202.         W97M.Melissa.B.intd       File infector           03/31/99
  203.         W97M.Melissa.C.intd       File infector           03/31/99
  204.         W97M.Melissa.Intended     File infector           04/02/99
  205.         W97M.Nail                 File infector           04/08/99
  206.         W97M.NewHope.A:TW         File infector           04/08/99
  207.         W97M.NTVDMv2              File infector           03/15/99
  208.         W97M.Opey.B               File infector           04/02/99
  209.         W97M.Ping.A               File infector           03/27/99
  210.         W97M.Sin                  File infector           04/02/99
  211.         W97M.SWLABS.AB            File infector           04/08/99
  212.         W97M.SWLabs.U             File infector           03/22/99
  213.         W97M.Swlabs.V             File infector           04/08/99
  214.         W97M.Syndicate            File infector           03/31/99
  215.         W97M.Ultra.Joy            File infector           03/15/99
  216.         W97M.Zerg                 File infector           03/31/99
  217.         WM.External.Update        File infector           04/08/99
  218.         WM.Minimal.SendKeys       File infector           04/08/99
  219.         X97M.Papa.A.intended      File infector           03/27/99
  220.         X97M.Papa.B               File infector           03/31/99
  221.         X97M.VCX.D                File infector           03/22/99
  222.         XM.Bulet                  File infector           04/08/99
  223.         XM.GTHOMSNZ               File infector           04/08/99
  224.         XM.Laroux.GK              File infector           03/08/99
  225.         XM.Laroux.HW              File infector           03/08/99
  226.         XM.Slide                  File infector           03/15/99
  227.         Yankee.44.A.2992          File infector           03/15/99
  228.  
  229. Name Changes:
  230.  
  231.         Old Virus Name            New Virus Name          Date changed
  232.         --------------            --------------          ------------
  233.         Ginger.2249 Variant    to Ginger.2249 (1)         04/02/99
  234.         Ginger.2249 Var (2)    to Ginger.2249 (2)         04/02/99
  235.         Howard                 to Nuke.Howard.967         04/08/99
  236.         Marauder.860.B         to Nuke.Marauder.860       04/08/99
  237.         Vien.622               to Vien.622 (1)            04/08/99
  238.         Vien.623 (2)           to Vien.622 (2)            04/08/99
  239.         W95.Inca (vxd)         to W95.Fono (drop)         03/22/99
  240.         W95.Inca               to W95.Fono                03/22/99
  241.         W95.Inca (COM)         to W95.Fono (COM)          03/22/99
  242.         W95.Inca (var)         to W95.Fono (vxd)          03/22/99
  243.         W95.Inca (var2)        to W95.Fono (vxd2)         03/22/99
  244.         W95.Marburg.B          to W95.Marburg             04/08/99
  245.         W97M.Mailissa.A        to W97M.Melissa.A          03/27/99
  246.         Yankee.44.A            to Yankee.44.A (EXE)       03/22/99
  247.         Yankee.44.A (x)        to Yankee.44.A (COM)       03/22/99
  248.  
  249. Deletions:
  250.  
  251.         Virus Name                Infection Type          Date removed
  252.         ----------                --------------          ------------
  253.         ARCV.X-3B                 File infector           04/08/99
  254.         HLLO.7808                 File infector           04/08/99
  255.         HLLP.Jumper.6702          File infector           03/15/99
  256.         W95.Spawn.cmp             File infector           03/08/99
  257.         W32.Idyllwild             File infector           04/02/99
  258.  
  259. **********************************************************************
  260. **  Enabling/Disabling PowerPoint Scanning                          **
  261. **********************************************************************
  262. PowerPoint Scanning is now enabled by default and can be optionally
  263. disabled.  However, you may want to verify that files with
  264. PowerPoint extensions will be scanned by making sure that your
  265. NAV options have both ".PPT" and ".POT" in the list of extensions
  266. to scan.
  267.  
  268. To disable PowerPoint scanning in NAV for Windows 95/NT
  269. version 4.x or NAV for OS/2, a text file named NAVEX15.INF should
  270. be placed in the directory where NAV 4.x or NAV 5.x is installed
  271. (i.e., C:\Program Files\Norton AntiVirus).
  272.  
  273. To disable PowerPoint scanning in NAV for Netware version 4.x, a text
  274. file named NAVEX15.INF should be placed in the directory where NAV
  275. 4.x is installed (i.e., sys:system\navnlm).
  276.  
  277. To disable PowerPoint scanning in NAV for Windows 95/NT version 2.0,
  278. NAV 4.x for Windows 3.1/DOS, NAVIEG 1.x, or NAVFW 1.x a text file
  279. named NAVEX.INF should be placed in the directory where NAV is
  280. installed (i.e., C:\NAV).
  281.  
  282. The contents of the text file, NAVEX15.INF or NAVEX.INF, determine
  283. which components of NAV have PowerPoint scanning disabled.
  284.  
  285. To disable PowerPoint scanning for a particular component, use the
  286. following table to determine the lines to add to the text file.
  287. PowerPoint scanning can be disabled for more than one component if
  288. needed by adding the required lines for the desired components.
  289.  
  290. +---------------------+--------------------------+--------------------+
  291. |Windows 95/NT scanner|Windows 95/NT auto-protect|DOS scanner         |
  292. +---------------------+--------------------------+--------------------+
  293. |[NAVW32]             |[NAVAP]                   |[NAVDX]             |
  294. |PowerPointScanning=0 |PowerPointScanning=0      |PowerPointScanning=0|
  295. +---------------------+--------------------------+--------------------+
  296.  
  297. +----------------------+--------------------+--------------------+
  298. |Windows 3.1 scanner/AP|Netware scanner     |OS/2 scanner/AP     |
  299. +----------------------+--------------------+--------------------+
  300. |[NAVWIN]              |[NAVNLM]            |[NAVOS2]            |
  301. |PowerPointScanning=0  |PowerPointScanning=0|PowerPointScanning=0|
  302. +----------------------+--------------------+--------------------+
  303.  
  304. To enable PowerPoint scanning for a component, delete the lines
  305. added for that component from the NAVEX15.INF or NAVEX.INF file.
  306.  
  307. **********************************************************************
  308. **    Additional Information                                            **
  309. **********************************************************************
  310. SARC has equipped Norton AntiVirus with a new feature called
  311. "Infestation Mode."  If a large number of new or unknown viruses
  312. is found on the system during a scan, Norton AntiVirus will
  313. automatically enable its highest level of detection.  This gives
  314. users the most comprehensive protection in cases where a viral
  315. infestation may have been detected.  If you would like to disable
  316. this feature, you can do so by following these instructions:
  317.  
  318. 1. Create a text File called NAVEX15.INF in your Norton AntiVirus
  319.    directory,e.g., C:\Program Files\Norton AntiVirus. If this file
  320.    already exist go to step two.
  321.  
  322. 2. Place the following lines in this File on the left-hand margin:
  323.  
  324. [NAVW32]
  325. infestmode=0
  326.  
  327. [NAVDX]
  328. infestmode=0
  329.  
  330. 3. Save the File.
  331.  
  332.  
  333. Additional information regarding this virus definitions update can be
  334. found in UPDATE.TXT and TECHNOTE.TXT.
  335.