home *** CD-ROM | disk | FTP | other *** search

---

/ PC World 1999 July / PCWorld_1999-07_cd.bin / software / Antiviry / nav16 / 0607i16.exe / WHATSNEW.TXT

< prev

Wrap

Text File  |  1999-06-07  |  22KB  |  374 lines

---

1. **********************************************************************
2. **                                                                  **
3. **  What's New in the NAV Virus Definitions Files      WHATSNEW.TXT **
4. **                                                                  **
5. **  Symantec AntiVirus Research Center (SARC)          June 7, 1999 **
6. **                                                                  **
7. **********************************************************************
8. This document contains the following topics:
9.  
10.  * Virus Alerts
11.  * New Technologies
12.  * Changes Incorporated Into This Update
13.  * Enabling/Disabling PowerPoint Scanning
14.  * Additional Information
15.  
16. **********************************************************************
17. ** Virus Alerts                                                     **
18. **********************************************************************
19. The ten most commonly reported viruses, worldwide:
20.  
21.     1  W97M.Class
22.     2  XM.Laroux
23.     3  O97M.Trisate
24.     4  W95.CIH
25.     5  Happy99.Worm
26.     6  WM.Cap
27.     7  W97M.ColdApe
28.     8  W97M.Ethan
29.     9  W97M.Marker
30.    10  W97M.Melissa
31.  
32. **********************************************************************
33. ** New Technologies                                                 **
34. **********************************************************************
35.  
36. DATE         Technologies Added
37. ----         ------------------
38. 8/19/98    * Excel heuristics which detect and repair new and unknown
39.              macro viruses in Excel 95 & 97 documents.
40.  
41. 9/16/98    * Added repair for encrypted Excel 97 documents.
42.  
43. 10/21/98   * Heuristics to detect AOL Password Stealer Trojans.
44.            * WORD Heuristics improvement to increase detection rate.
45.  
46. 12/17/98   * Macro Exclusion Engine to speed up the scanning for Word
47.              and Excel documents.
48.            * PowerPoint engine to scan PowerPoint related viruses.
49.              To enable this technology please read "Enabling/Disabling
50.              PowerPoint Scanning" section later in this document.
51.  
52. 02/18/99   * Detection and repair of macro viruses in Word and Excel
53.              2000 documents.
54.  
55. 05/12/99   * Added repair for PowerPoint viruses.
56.            * Improved heuristics to detect more WORD 97 related
57.              viruses.
58.  
59. **********************************************************************
60. ** Changes Incorporated Into This Virus Definitions Update            **
61. **********************************************************************
62. New virus definitions:
63.  
64.         Virus Name                Infection Type          Week added
65.         ----------                --------------          ----------
66.         AOL Trojan 1              File infector           06/07/99
67.         AOL Trojan 2              File infector           06/07/99
68.         AOL Trojan 3              File infector           06/07/99
69.         AOL Trojan 4              File infector           06/07/99
70.         AOL Trojan 5              File infector           06/07/99
71.         AOL Trojan 6              File infector           06/07/99
72.         AOL Trojan 7              File infector           06/07/99
73.         AOL Trojan 8              File infector           06/07/99
74.         AOL Trojan 9              File infector           06/07/99
75.         AOL Trojan Buddy          File infector           06/07/99
76.         AOL Trojan Buddy 2        File infector           06/07/99
77.         AOL Trojan Buddy 3        File infector           06/07/99
78.         AOL Trojan Winsyst        File infector           06/07/99
79.         AOL Trojan Winsyst 2      File infector           06/07/99
80.         AOL Trojan Winsyst 3      File infector           06/07/99
81.         Backdoor.SubSeven         File infector           06/07/99
82.         BackdoorG-DLL.Trojan      File infector           06/07/99
83.         BAT.Bingo.1963            File infector           05/12/99
84.         BAT.Combat.736            File infector           05/12/99
85.         BAT.Combat.737            File infector           05/12/99
86.         BAT.FRET.1023             File infector           05/12/99
87.         BAT.GRUNCH.1189           File infector           05/12/99
88.         BAT.HIGHJAQ.1400          File infector           05/12/99
89.         BAT.HOLOCAST.1362         File infector           05/12/99
90.         BAT.HOLOCAST.1655         File infector           05/12/99
91.         BAT.MDMA.990              File infector           05/12/99
92.         Bloodhound.Hybrid         File infector           05/12/99
93.         Boza.D                    File infector           05/12/99
94.         Camilo.dd.378             File infector           05/03/99
95.         Companion.Friendb.330     File infector           06/01/99
96.         CS.Galadriel              File infector           05/12/99
97.         CS.Galadriel (2)          File infector           05/12/99
98.         CS.Galadriel (3)          File infector           05/12/99
99.         DBO-3 (b)                 Boot infector           06/01/99
100.         Derwolf.2219              File infector           06/01/99
101.         Derwolf.2219 (2)          File infector           06/01/99
102.         Devcon.8824               File infector           05/12/99
103.         Djifx.2372                File infector           05/24/99
104.         Elsa.857                  File infector           05/24/99
105.         Emperor                   File and Boot infector  06/01/99
106.         EXEHDR.BANE.256.C         File infector           05/12/99
107.         EXEHDR.CLUST.384.C        File infector           05/12/99
108.         EXEHDR.EM.250             File infector           05/12/99
109.         FCL.2044                  File infector           06/07/99
110.         FCL.2044 (2)              File infector           06/07/99
111.         FCL.2044 (3)              File infector           06/07/99
112.         Goma.1002                 File infector           06/01/99
113.         Goma.743                  File infector           06/01/99
114.         HLLC.4480                 File infector           05/24/99
115.         HLLC.4480 (2)             File infector           05/24/99
116.         HLLC.4528                 File infector           06/07/99
117.         HLLC.4528(2)              File infector           06/07/99
118.         HLLC.4544                 File infector           05/24/99
119.         HLLC.4544 (2)             File infector           05/24/99
120.         HLLO.4317.B               File infector           05/12/99
121.         HLLO.C-VIRUS.4601         File infector           05/12/99
122.         HLLO.C-VIRUS.5924         File infector           05/12/99
123.         HLLO.Maniac.5946          File infector           06/01/99
124.         HLLO.Maniac.5946 (2)      File infector           06/01/99
125.         HLLP.5192                 File infector           06/07/99
126.         HLLP.5192(2)              File infector           06/07/99
127.         HLLP.9700                 File infector           05/24/99
128.         HLLP.9700 (2)             File infector           05/24/99
129.         HLLP.9700 (3)             File infector           05/24/99
130.         HLLP.DThought.13120       File infector           05/24/99
131.         HLLP.DThought.13120.B     File infector           05/24/99
132.         HLLP.GROSSER              File infector           05/24/99
133.         HLLP.GROSSER (2)          File infector           05/24/99
134.         HLLP.Kasienka             File infector           05/03/99
135.         HLLP.Kasienka (2)         File infector           05/03/99
136.         HLLP.Krile.5017           File infector           05/24/99
137.         HLLP.Lithua               File infector           05/03/99
138.         HLLP.Lithua (2)           File infector           05/03/99
139.         HLLT.Krile.5017           File infector           05/24/99
140.         HLLW.8560                 File infector           06/07/99
141.         HLLW.8560(2)              File infector           06/07/99
142.         Istanbul.1385             File infector           06/01/99
143.         Istanbul.1385 (x)         File infector           06/01/99
144.         Jacky.1107 (Gen1)         File infector           05/10/99
145.         Jags.394                  File infector           06/01/99
146.         JAP_HAL (b)               Boot infector           06/01/99
147.         K2PS.Trojan               File infector           05/12/99
148.         KID.256                   File infector           05/12/99
149.         KuSuMah.3967              File infector           06/01/99
150.         KuSuMah.4268 (x)          File infector           06/01/99
151.         Lazarus.2222              File infector           06/01/99
152.         Lilith(2)                 Boot infector           05/12/99
153.         Lucky.487                 File infector           05/24/99
154.         Magichole.512             File infector           06/01/99
155.         Mahon.1372                File infector           06/01/99
156.         Moloch(2)                 Boot infector           05/12/99
157.         Nephew.3758               File infector           06/01/99
158.         Nephew.3758 (2)           File infector           06/01/99
159.         Nephew.3758 (x)           File infector           06/01/99
160.         Nephew.3758 (x2)          File infector           06/01/99
161.         Netbus 2.01 Trojan 1      File infector           06/07/99
162.         Netbus 2.01 Trojan 10     File infector           06/07/99
163.         Netbus 2.01 Trojan 11     File infector           06/07/99
164.         Netbus 2.01 Trojan 12     File infector           06/07/99
165.         Netbus 2.01 Trojan 13     File infector           06/07/99
166.         Netbus 2.01 Trojan 14     File infector           06/07/99
167.         Netbus 2.01 Trojan 15     File infector           06/07/99
168.         Netbus 2.01 Trojan 2      File infector           06/07/99
169.         Netbus 2.01 Trojan 3      File infector           06/07/99
170.         Netbus 2.01 Trojan 4      File infector           06/07/99
171.         Netbus 2.01 Trojan 5      File infector           06/07/99
172.         Netbus 2.01 Trojan 6      File infector           06/07/99
173.         Netbus 2.01 Trojan 7      File infector           06/07/99
174.         Netbus 2.01 Trojan 8      File infector           06/07/99
175.         Netbus 2.01 Trojan 9      File infector           06/07/99
176.         Nipple.823                File infector           06/01/99
177.         Nipple.823 (2)            File infector           06/01/99
178.         PrettyPark.Worm           File infector           06/07/99
179.         PS-MPC.Mudshark           File infector           06/07/99
180.         PVW (Gen1)                File infector           05/24/99
181.         Reizfaktor (Bat)          File infector           06/01/99
182.         Reizfaktor (inf)          File infector           06/01/99
183.         Reizfaktor (inf2)         File infector           06/01/99
184.         Retro.852                 File infector           05/24/99
185.         Retro.974                 File infector           06/01/99
186.         Retro.974 (2)             File infector           06/01/99
187.         Retro.974 (3)             File infector           06/01/99
188.         Senda.4162                File and Boot infector  05/10/99
189.         Senda.4162 (b)            File and Boot infector  05/10/99
190.         Senda.4162 (m)            File and Boot infector  05/10/99
191.         SillyC.315                File infector           05/24/99
192.         SillyC.352                File infector           05/24/99
193.         SillyC.999                File infector           05/24/99
194.         SillyC.999 (Gen1)         File infector           05/24/99
195.         SILLYOC.106.A             File infector           05/12/99
196.         SILLYOC.186.B2            File infector           05/12/99
197.         SillyOE.Scorn             File infector           05/24/99
198.         Simple.Nazareth           File infector           05/03/99
199.         SP1 Basic.Trojan          File infector           06/01/99
200.         SP1 Basic.Trojan (2)      File infector           06/01/99
201.         Trivial.123.b             File infector           05/24/99
202.         Trivial.60.E              File infector           05/24/99
203.         Trivial.60.F              File infector           05/24/99
204.         Trivial.84.b              File infector           05/24/99
205.         Troi.926                  File infector           06/07/99
206.         Troi.926 (2)              File infector           06/07/99
207.         Ugly.4893                 File infector           05/12/99
208.         VirDem.824                File infector           06/07/99
209.         Viva.752                  File infector           06/01/99
210.         Vojager.512               File infector           05/24/99
211.         W95.Apparition            File infector           05/10/99
212.         W95.Emotion               File infector           05/10/99
213.         W95.Emotion (2)           File infector           05/10/99
214.         W95.Enumiacs              File infector           05/12/99
215.         W95.Enumiacs (EXE)        File infector           05/12/99
216.         W95.Enumiacs (EXE) 2      File infector           05/12/99
217.         W95.Enumiacs (EXE) 3      File infector           05/12/99
218.         W95.Giri                  File infector           05/10/99
219.         W95.Highway               File infector           05/12/99
220.         W95.Highway (DLL)         File infector           05/12/99
221.         W95.Highway (DLL) 2       File infector           05/12/99
222.         W95.Highway (DLL) 3       File infector           05/12/99
223.         W95.HPS (Gen1)            File infector           05/03/99
224.         W95.HPS (Gen1) (2)        File infector           05/03/99
225.         W95.Levi                  File infector           05/10/99
226.         W95.Lud.Jez               File infector           05/10/99
227.         W95.Niko                  File infector           05/12/99
228.         W95.Obsolete              File infector           05/12/99
229.         W95.Powerful              File infector           05/10/99
230.         W95.Ruff                  File infector           05/12/99
231.         W95.Savior                File infector           05/12/99
232.         W95.Tentacle.2048         File infector           05/10/99
233.         W95.Voodoo                File infector           05/10/99
234.         W95.Yabran (Gen1)         File infector           05/10/99
235.         W95.Zombie.B              File infector           05/24/99
236.         W97M.CopyTemp.intd        File infector           06/01/99
237.         W97M.Daydream.A           File infector           06/01/99
238.         W97M.Jedi.G               File infector           05/24/99
239.         W97M.MAMM.A               File infector           05/12/99
240.         W97M.MDMA.BV              File infector           05/12/99
241.         W97M.Mimir.A              File infector           05/12/99
242.         W97M.Nottice.Family       File infector           05/03/99
243.         W97M.No_va.D              File infector           06/01/99
244.         W97M.NSI.A                File infector           05/10/99
245.         W97M.Reizfaktor           File infector           06/01/99
246.         W97M.VMPCK1.BJ            File infector           05/03/99
247.         Win.Padania               File infector           05/10/99
248.         WM.Automat.H              File infector           05/12/99
249.         WM.Automat.Q              File infector           05/24/99
250.         WM.Decept (Damaged)       File infector           05/03/99
251.         WM.Mentes.E               File infector           06/07/99
252.         Worm.ExploreZip           File infector           06/07/99
253.         WuChing.Boot.Dropper      Boot infector           06/01/99
254.         X97M.Laroux.JF            File infector           05/24/99
255.         X97M.PTH                  File infector           05/24/99
256.         X97M.VCX.E                File infector           05/10/99
257.         XM.Cpot.intd              File infector           05/24/99
258.         XM.Friend.B               File infector           06/07/99
259.         XM.Laroux.HQ              File infector           06/01/99
260.         XM.Laroux.HR              File infector           06/07/99
261.         Zohr.4160                 File infector           06/01/99
262.         Zorm.265                  File infector           05/24/99
263.         Zorm.573                  File infector           06/01/99
264.         ZY[X].3474                File infector           05/10/99
265.         ZY[X].3474 (2)            File infector           05/10/99
266.         ZY[X].3474 (SYS)          File infector           05/10/99
267.  
268. Name Changes:
269.  
270.         Old Virus Name            New Virus Name          Date changed
271.         --------------            --------------          ------------
272.         Explore666.59932       to Explore666.59392        06/07/99
273.         Explore666.59932(2)    to Explore666.59392(2)     06/07/99
274.         P3IDthief.Trojan       to P3IDthief.Trojan.Demo   05/03/99
275.         Tentacle               to W95.Tentacle.1958       05/03/99
276.         Werewolf.1367          to Werewolf.1361.B         05/10/99
277.         Werewolf.1367 (2)      to Werewolf.1361 (2)       05/10/99
278.         Werewolf.1367 (3)      to Werewolf.1361 (3)       05/10/99
279.  
280. Deletions:
281.  
282.         Virus Name                Infection Type          Date removed
283.         ----------                --------------          ------------
284.         Bupt.1279                 File infector           06/01/99
285.         Djifx.2372                File infector           05/12/99
286.         FCL.2044                  File infector           06/07/99
287.         FCL.2044 (2)              File infector           06/07/99
288.         FCL.2044 (3)              File infector           06/07/99
289.         HLL.Kasienka              File infector           05/03/99
290.         HLL.Kasienka (2)          File infector           05/03/99
291.         JAP_HAL (b)               Boot infector           06/07/99
292.         November 17.768.B (x)     File infector           06/07/99
293.         PS-MPC.Mudshark           File infector           06/01/99
294.         PVW (Gen1)                File infector           05/12/99
295.         VirDem.824                File infector           06/01/99
296.         WM.Automat.H              File infector           05/24/99
297.  
298. **********************************************************************
299. **    Enabling/Disabling PowerPoint Scanning                            **
300. **********************************************************************
301. PowerPoint Scanning is now enabled by default and can be optionally
302. disabled.  However, you may want to verify that files with
303. PowerPoint extensions will be scanned by making sure that your
304. NAV options have both ".PPT" and ".POT" in the list of extensions
305. to scan.
306.  
307. To disable PowerPoint scanning in NAV for Windows 95/NT
308. version 4.x or NAV for OS/2, a text file named NAVEX15.INF should
309. be placed in the directory where NAV 4.x or NAV 5.x is installed
310. (i.e., C:\Program Files\Norton AntiVirus).
311.  
312. To disable PowerPoint scanning in NAV for Netware version 4.x, a text
313. file named NAVEX15.INF should be placed in the directory where NAV
314. 4.x is installed (i.e., sys:system\navnlm).
315.  
316. To disable PowerPoint scanning in NAV for Windows 95/NT version 2.0,
317. NAV 4.x for Windows 3.1/DOS, NAVIEG 1.x, or NAVFW 1.x a text file
318. named NAVEX.INF should be placed in the directory where NAV is
319. installed (i.e., C:\NAV).
320.  
321. The contents of the text file, NAVEX15.INF or NAVEX.INF, determine
322. which components of NAV have PowerPoint scanning disabled.
323.  
324. To disable PowerPoint scanning for a particular component, use the
325. following table to determine the lines to add to the text file.
326. PowerPoint scanning can be disabled for more than one component if
327. needed by adding the required lines for the desired components.
328.  
329. +---------------------+--------------------------+--------------------+
330. |Windows 95/NT scanner|Windows 95/NT auto-protect|DOS scanner         |
331. +---------------------+--------------------------+--------------------+
332. |[NAVW32]             |[NAVAP]                   |[NAVDX]             |
333. |PowerPointScanning=0 |PowerPointScanning=0      |PowerPointScanning=0|
334. +---------------------+--------------------------+--------------------+
335.  
336. +----------------------+--------------------+--------------------+
337. |Windows 3.1 scanner/AP|Netware scanner         |OS/2 scanner/AP |
338. +----------------------+--------------------+--------------------+
339. |[NAVWIN]              |[NAVNLM]            |[NAVOS2]            |
340. |PowerPointScanning=0  |PowerPointScanning=0|PowerPointScanning=0|
341. +----------------------+--------------------+--------------------+
342.  
343. To enable PowerPoint scanning for a component, delete the lines
344. added for that component from the NAVEX15.INF or NAVEX.INF file.
345.  
346. **********************************************************************
347. **    Additional Information                                            **
348. **********************************************************************
349. SARC has equipped Norton AntiVirus with a new feature called
350. "Infestation Mode."  If a large number of new or unknown viruses
351. is found on the system during a scan, Norton AntiVirus will
352. automatically enable its highest level of detection.  This gives
353. users the most comprehensive protection in cases where a viral
354. infestation may have been detected.  If you would like to disable
355. this feature, you can do so by following these instructions:
356.  
357. 1. Create a text File called NAVEX15.INF in your Norton AntiVirus
358.    directory,e.g., C:\Program Files\Norton AntiVirus. If this file
359.    already exist go to step two.
360.  
361. 2. Place the following lines in this File on the left-hand margin:
362.  
363. [NAVW32]
364. infestmode=0
365.  
366. [NAVDX]
367. infestmode=0
368.  
369. 3. Save the File.
370.  
371.  
372. Additional information regarding this virus definitions update can be
373. found in UPDATE.TXT and TECHNOTE.TXT.
374.