home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
PC World 1999 May
/
PCWorld_1999-05_cd.bin
/
software
/
Antiviry
/
navuniv
/
0408x86.exe
/
WHATSNEW.TXT
< prev
next >
Wrap
Text File
|
1999-04-08
|
19KB
|
335 lines
**********************************************************************
** **
** What's New in the NAV Virus Definitions Files WHATSNEW.TXT **
** **
** Symantec AntiVirus Research Center (SARC) April 08, 1999 **
** **
**********************************************************************
This document contains the following topics:
* Virus Alerts
* New Technologies
* Changes Incorporated Into This Update
* Enabling/Disabling PowerPoint Scanning
* Additional Information
**********************************************************************
** Virus Alerts **
**********************************************************************
The fifteen most commonly reported viruses, worldwide:
1 XM.Laroux
2 WM.Concept
3 XM.Extra
4 WM.Cap
5 W97M.Class
6 WM.CopyCap
7 NYB
8 AntiCMOS.A
9 Stealth_Boot.B
10 W95.CIH
11 XF.Paix
12 Stoned.Empire.Monk
13 AntiExe
14 Form.A
15 WM.Wazzu
**********************************************************************
** New Technologies **
**********************************************************************
DATE Technologies Added
---- ------------------
8/19/98 * Excel heuristics which detect and repair new and unknown
macro viruses in Excel 95 & 97 documents.
9/16/98 * Added repair for encrypted Excel 97 documents.
10/21/98 * Heuristics to detect AOL Password Stealer Trojans.
* WORD Heuristics improvement to increase detection rate.
12/17/98 * Macro Exclusion Engine to speed up the scanning for Word
and Excel documents.
* PowerPoint engine to scan PowerPoint related viruses.
To enable this technology please read "Enabling/Disabling
PowerPoint Scanning" section later in this document.
02/18/99 * Detection and repair of macro viruses in Word and Excel
2000 documents.
**********************************************************************
** Changes Incorporated Into This Virus Definitions Update **
**********************************************************************
New virus definitions:
Virus Name Infection Type Week added
---------- -------------- ----------
ARCV.1060 (1) File infector 04/08/99
ARCV.1060 (2) File infector 04/08/99
ARCV.1060 (x) File infector 04/08/99
ARCV.1060.Dropper File infector 04/08/99
Bleem.Trojan File infector 04/08/99
Bloodhound.NeuralBoot Boot infector 04/08/99
Bloodhound.NeuralMBR Boot infector 04/08/99
DarkCowboy.2484 File infector 04/08/99
DarkCowboy.2484 (2) File infector 04/08/99
Del_Armgo.366 File infector 03/22/99
Del_Armgo.366(2) File infector 03/22/99
DoRen VirSimul (b) Boot Virus Simulator 03/08/99
DoRen VirSimulator Virus Simulator 03/08/99
DoRen VirSimulator.B Virus Simulator 03/08/99
DoRen VirSimulator.C Virus Simulator 03/08/99
Fair.1936 File infector 04/08/99
Fair.1936 (x) File infector 04/08/99
HLLC.6052 (1) File infector 04/08/99
HLLC.6052 (2) File infector 04/08/99
HLLO.RAMA.2666 File infector 04/02/99
HLLO.RAMA.2666(2) File infector 04/02/99
HLLO.VSW.4017 File infector 04/02/99
HLLO.VSW.4017(2) File infector 04/02/99
HLLP.9787 File infector 04/02/99
HLLP.9787(2) File infector 04/02/99
HLLP.AB.7508 File infector 04/02/99
HLLP.AB.7508(2) File infector 04/02/99
HLLP.Krile.5744 File infector 04/02/99
HLLP.Krile.5744(2) File infector 04/02/99
HLLP.REDARC.TWIX File infector 04/02/99
HLLP.REDARC.TWIX(2) File infector 04/02/99
HLLP.Russian.5701 File infector 04/02/99
HLLP.Russian.5701(2) File infector 04/02/99
HLLP.Russian.6002 File infector 04/02/99
HLLP.Russian.6002(2) File infector 04/02/99
HLLT.4758 File infector 03/08/99
HLLT.4758(2) File infector 03/08/99
HLLT.4758U File infector 03/08/99
HLLT.4758U(2) File infector 03/08/99
HLLT.7864 File infector 04/02/99
HLLT.7864(2) File infector 04/02/99
Intended.Online.627 File infector 03/22/99
Jerkin.333 File infector 04/08/99
Jeru.Tarapa.B (1) File infector 04/08/99
Jeru.Tarapa.B (2) File infector 04/08/99
Jeru.Tarapa.B (x1) File infector 04/08/99
Jeru.Tarapa.B (x2) File infector 04/08/99
Jeru.Tarapa.C File infector 04/02/99
Jeru.Tarapa.C (x) File infector 04/02/99
Jerusalem.1716.A (x) File infector 04/02/99
KillMe.1972 File infector 03/08/99
KillMe.1972 (x) File infector 03/08/99
KillMe.1972 (x2) File infector 03/08/99
leo.328 File infector 04/08/99
leo.328 (2) File infector 04/08/99
Lizard.5150 (VXD) File infector 04/08/99
Lizard.5150 (VXD) (2) File infector 04/08/99
LUCE.3600 File infector 04/08/99
Markiz.1972 File infector 03/22/99
Nazgul File infector 04/02/99
Nazgul(2) File infector 04/02/99
Nomad.1302 File infector 03/08/99
Nomad.1302 (2) File infector 03/08/99
Nuke.Howard.Dropper File infector 04/08/99
Nuke.Marauder.Dropper File infector 04/08/99
O97M.HalfCross.A File infector 03/08/99
O97M.Jerk File infector 03/08/99
OFFIN.365 File infector 04/02/99
Opa.257 File infector 04/02/99
Orifice.Addon.Trojan File infector 04/08/99
PASCASIO.402 File infector 04/02/99
PASCASIO.402(2) File infector 04/02/99
Piggy.709 File infector 03/08/99
PP97M.Master.A File infector 03/22/99
PP97M.Vic.B File infector 03/22/99
Project.801 File infector 03/08/99
ProMail.Trojan Trojan Horse 03/22/99
RDA-Based File infector 03/08/99
Silly.491 File infector 03/22/99
SILLYC.98 File infector 04/02/99
Simple.IncorrectDOS File infector 04/08/99
SISORUEN.463 File infector 04/02/99
Sisters.902 File infector 03/15/99
Small.104.b File infector 04/08/99
Spooky.218 File infector 04/02/99
Tai-Pan File infector 04/02/99
TAI-PAN.1104 (x1) File infector 04/02/99
TAI-PAN.1104 (x2) File infector 04/02/99
TaiPan.Doom2.666 File infector 03/22/99
TaiPan.Doom2.666(2) File infector 03/22/99
Tiny.273 File infector 04/08/99
Tiny.273 (2) File infector 04/08/99
Toys.Companion.5000 File infector 04/02/99
Toys.Companion.5000(2) File infector 04/02/99
Triv.29.J File infector 04/02/99
Trivial.180 File infector 04/02/99
Trivial.63.B File infector 04/02/99
Trivial.77 File infector 04/08/99
Trivial.79 File infector 04/02/99
Trivial.80 File infector 04/02/99
Trivial.87.B File infector 04/02/99
Trivial.89.B File infector 04/02/99
TRIVIAL.HTML.866 File infector 04/02/99
TRIVIAL.HTML.867 File infector 04/02/99
TRIVIAL.HTML.883 File infector 04/02/99
Twin.351b File infector 04/02/99
V.544 File infector 04/08/99
Veronika.1490.B File infector 03/08/99
Vien.623 (2) File infector 04/08/99
W32.Apathy File infector 04/08/99
W32.Heretic File infector 04/08/99
W32.Heretic (DLL) File infector 04/08/99
W32.Heretic (DLL) (2) File infector 04/08/99
W32.Heretic (DLL) (3) File infector 04/08/99
W32.Idyllwild File infector 04/08/99
W32.Maya File infector 04/08/99
W32.Redemption File infector 04/08/99
W32.VB File infector 04/08/99
W95.Fono (b) File and Boot infector 04/08/99
W95.Inca (var) File infector 03/15/99
W95.Inca (var2) File infector 03/15/99
W95.Lud.Jadis File infector 04/08/99
W95.Mad.2736 File infector 04/08/99
W95.Murky.390 File infector 04/08/99
W95.Regswap File infector 04/08/99
W95.Sexy File infector 04/02/99
W95.Spawn.cmp File infector 03/15/99
W95.Twinny File infector 04/08/99
W95.Uwaga File infector 04/08/99
W97M.Aleja5 File infector 03/15/99
W97M.Class.CN File infector 04/02/99
W97M.Counter.D File infector 04/08/99
W97M.Furby File infector 03/15/99
W97M.Hark.B File infector 03/08/99
W97M.Joy File infector 04/08/99
W97M.Melissa.B.intd File infector 03/31/99
W97M.Melissa.C.intd File infector 03/31/99
W97M.Melissa.Intended File infector 04/02/99
W97M.Nail File infector 04/08/99
W97M.NewHope.A:TW File infector 04/08/99
W97M.NTVDMv2 File infector 03/15/99
W97M.Opey.B File infector 04/02/99
W97M.Ping.A File infector 03/27/99
W97M.Sin File infector 04/02/99
W97M.SWLABS.AB File infector 04/08/99
W97M.SWLabs.U File infector 03/22/99
W97M.Swlabs.V File infector 04/08/99
W97M.Syndicate File infector 03/31/99
W97M.Ultra.Joy File infector 03/15/99
W97M.Zerg File infector 03/31/99
WM.External.Update File infector 04/08/99
WM.Minimal.SendKeys File infector 04/08/99
X97M.Papa.A.intended File infector 03/27/99
X97M.Papa.B File infector 03/31/99
X97M.VCX.D File infector 03/22/99
XM.Bulet File infector 04/08/99
XM.GTHOMSNZ File infector 04/08/99
XM.Laroux.GK File infector 03/08/99
XM.Laroux.HW File infector 03/08/99
XM.Slide File infector 03/15/99
Yankee.44.A.2992 File infector 03/15/99
Name Changes:
Old Virus Name New Virus Name Date changed
-------------- -------------- ------------
Ginger.2249 Variant to Ginger.2249 (1) 04/02/99
Ginger.2249 Var (2) to Ginger.2249 (2) 04/02/99
Howard to Nuke.Howard.967 04/08/99
Marauder.860.B to Nuke.Marauder.860 04/08/99
Vien.622 to Vien.622 (1) 04/08/99
Vien.623 (2) to Vien.622 (2) 04/08/99
W95.Inca (vxd) to W95.Fono (drop) 03/22/99
W95.Inca to W95.Fono 03/22/99
W95.Inca (COM) to W95.Fono (COM) 03/22/99
W95.Inca (var) to W95.Fono (vxd) 03/22/99
W95.Inca (var2) to W95.Fono (vxd2) 03/22/99
W95.Marburg.B to W95.Marburg 04/08/99
W97M.Mailissa.A to W97M.Melissa.A 03/27/99
Yankee.44.A to Yankee.44.A (EXE) 03/22/99
Yankee.44.A (x) to Yankee.44.A (COM) 03/22/99
Deletions:
Virus Name Infection Type Date removed
---------- -------------- ------------
ARCV.X-3B File infector 04/08/99
HLLO.7808 File infector 04/08/99
HLLP.Jumper.6702 File infector 03/15/99
W95.Spawn.cmp File infector 03/08/99
W32.Idyllwild File infector 04/02/99
**********************************************************************
** Enabling/Disabling PowerPoint Scanning **
**********************************************************************
PowerPoint Scanning is now enabled by default and can be optionally
disabled. However, you may want to verify that files with
PowerPoint extensions will be scanned by making sure that your
NAV options have both ".PPT" and ".POT" in the list of extensions
to scan.
To disable PowerPoint scanning in NAV for Windows 95/NT
version 4.x or NAV for OS/2, a text file named NAVEX15.INF should
be placed in the directory where NAV 4.x or NAV 5.x is installed
(i.e., C:\Program Files\Norton AntiVirus).
To disable PowerPoint scanning in NAV for Netware version 4.x, a text
file named NAVEX15.INF should be placed in the directory where NAV
4.x is installed (i.e., sys:system\navnlm).
To disable PowerPoint scanning in NAV for Windows 95/NT version 2.0,
NAV 4.x for Windows 3.1/DOS, NAVIEG 1.x, or NAVFW 1.x a text file
named NAVEX.INF should be placed in the directory where NAV is
installed (i.e., C:\NAV).
The contents of the text file, NAVEX15.INF or NAVEX.INF, determine
which components of NAV have PowerPoint scanning disabled.
To disable PowerPoint scanning for a particular component, use the
following table to determine the lines to add to the text file.
PowerPoint scanning can be disabled for more than one component if
needed by adding the required lines for the desired components.
+---------------------+--------------------------+--------------------+
|Windows 95/NT scanner|Windows 95/NT auto-protect|DOS scanner |
+---------------------+--------------------------+--------------------+
|[NAVW32] |[NAVAP] |[NAVDX] |
|PowerPointScanning=0 |PowerPointScanning=0 |PowerPointScanning=0|
+---------------------+--------------------------+--------------------+
+----------------------+--------------------+--------------------+
|Windows 3.1 scanner/AP|Netware scanner |OS/2 scanner/AP |
+----------------------+--------------------+--------------------+
|[NAVWIN] |[NAVNLM] |[NAVOS2] |
|PowerPointScanning=0 |PowerPointScanning=0|PowerPointScanning=0|
+----------------------+--------------------+--------------------+
To enable PowerPoint scanning for a component, delete the lines
added for that component from the NAVEX15.INF or NAVEX.INF file.
**********************************************************************
** Additional Information **
**********************************************************************
SARC has equipped Norton AntiVirus with a new feature called
"Infestation Mode." If a large number of new or unknown viruses
is found on the system during a scan, Norton AntiVirus will
automatically enable its highest level of detection. This gives
users the most comprehensive protection in cases where a viral
infestation may have been detected. If you would like to disable
this feature, you can do so by following these instructions:
1. Create a text File called NAVEX15.INF in your Norton AntiVirus
directory,e.g., C:\Program Files\Norton AntiVirus. If this file
already exist go to step two.
2. Place the following lines in this File on the left-hand margin:
[NAVW32]
infestmode=0
[NAVDX]
infestmode=0
3. Save the File.
Additional information regarding this virus definitions update can be
found in UPDATE.TXT and TECHNOTE.TXT.