home *** CD-ROM | disk | FTP | other *** search

---

/ PC World 1999 October / PCWorld_1999-10_cd1.bin / Software / Antiviry / nav16 / 0907i16.exe / WHATSNEW.TXT

< prev

Wrap

Text File  |  1999-09-07  |  21KB  |  371 lines

---

1. **********************************************************************
2. **                                                                  **
3. **  What's New in the NAV Virus Definitions Files      WHATSNEW.TXT **
4. **                                                                  **
5. **  Symantec AntiVirus Research Center (SARC)    September 07, 1999 **
6. **                                                                  **
7. **********************************************************************
8. This document contains the following topics:
9.  
10.  * Virus Alerts
11.  * New Technologies
12.  * Changes Incorporated Into This Update
13.  * Enabling/Disabling PowerPoint Scanning
14.  * Additional Information
15.  
16. **********************************************************************
17. ** Virus Alerts                                                     **
18. **********************************************************************
19. The ten most commonly reported viruses, worldwide:
20.  
21.     1  W97M.Class
22.     2  XM.Laroux
23.     3  O97M.Tristate
24.     4  W95.CIH
25.     5  Happy99.Worm
26.     6  WM.Cap
27.     7  W97M.ColdApe
28.     8  W97M.Ethan
29.     9  W97M.Melissa
30.    10  Worm.ExploreZip
31.  
32. **********************************************************************
33. ** New Technologies                                                 **
34. **********************************************************************
35.  
36. DATE         Technologies Added
37. ----         ------------------
38. 8/19/98    * Excel heuristics which detect and repair new and unknown
39.              macro viruses in Excel 95 & 97 documents.
40.  
41. 9/16/98    * Added repair for encrypted Excel 97 documents.
42.  
43. 10/21/98   * Heuristics to detect AOL Password Stealer Trojans.
44.            * WORD Heuristics improvement to increase detection rate.
45.  
46. 12/17/98   * Macro Exclusion Engine to speed up the scanning for Word
47.              and Excel documents.
48.            * PowerPoint engine to scan PowerPoint related viruses.
49.              To enable this technology please read "Enabling/Disabling
50.              PowerPoint Scanning" section later in this document.
51.  
52. 02/18/99   * Detection and repair of macro viruses in Word and Excel
53.              2000 documents.
54.  
55. 05/12/99   * Added repair for PowerPoint viruses.
56.            * Improved heuristics to detect more WORD 97 related
57.              viruses.
58.  
59. 06/10/99   * Menu repair technology for WORD macro viruses that change
60.              command bar customizations in NORMAL.DOT.
61.  
62. 07/12/99   * Added support for scanning of Ichitaro 8/9 documents.
63.              (Ichitaro is a Japanese word processing program).
64.  
65. 08/19/99   * Added detection and repair for embedded documents inside
66.              PowerPoint 97.
67.  
68.  
69. **********************************************************************
70. ** Changes Incorporated Into This Virus Definitions Update            **
71. **********************************************************************
72. New virus definitions:
73.  
74.         Virus Name                Infection Type          Week added
75.         ----------                --------------          ----------
76.         BALOO.897                 File infector           08/02/99
77.         BO2K.Trojan Variant       File infector           08/09/99
78.         Bumble.250                File infector           08/16/99
79.         CLME.Ming.1528            File infector           08/09/99
80.         Companion.Mad.82          File infector           08/16/99
81.         DEADMAN.548               File infector           08/16/99
82.         Dei.1792 (Gen)            File infector           08/19/99
83.         DIKSHEV.COMP.38           File infector           08/02/99
84.         DIKSHEV.COMP.40           File infector           08/02/99
85.         DIKSHEV.COMP.41           File infector           08/02/99
86.         DIKSHEV.COMP.43.a         File infector           08/02/99
87.         DIKSHEV.COMP.43.b         File infector           08/02/99
88.         DIKSHEV.COMP.44.a         File infector           08/02/99
89.         DIKSHEV.COMP.44.b         File infector           08/02/99
90.         DIKSHEV.COMP.45.A         File infector           08/02/99
91.         DIKSHEV.COMP.45.d         File infector           08/02/99
92.         DIKSHEV.COMP.46.a         File infector           08/02/99
93.         DIKSHEV.COMP.46.b         File infector           08/02/99
94.         DIKSHEV.COMP.47           File infector           08/02/99
95.         DIKSHEV.COMP.48           File infector           08/09/99
96.         DIKSHEV.COMP.49           File infector           08/09/99
97.         DIKSHEV.COMP.50           File infector           08/09/99
98.         DIKSHEV.COMP.52           File infector           08/09/99
99.         DIKSHEV.COMP.53           File infector           08/09/99
100.         DIKSHEV.COMP.54           File infector           08/09/99
101.         DIKSHEV.COMP.55           File infector           08/09/99
102.         DIKSHEV.COMP.56           File infector           08/30/99
103.         DIKSHEV.COMP.60           File infector           08/30/99
104.         DIKSHEV.COMP.66           File infector           08/30/99
105.         DIKSHEV.COMP.67           File infector           08/02/99
106.         EXE Infector              File infector           08/16/99
107.         ExeBug.Dropper            File and Boot infector  08/30/99
108.         Gotcha.Trojan             File infector           08/16/99
109.         HBV.2000                  File infector           08/02/99
110.         HBV.2000 (x)              File infector           08/02/99
111.         HG.450                    File infector           08/16/99
112.         HLLC.Companion.6796       File infector           08/16/99
113.         HLLC.HEBRA.7413           File infector           08/02/99
114.         HLLC.HEBRA.7413(2)        File infector           08/02/99
115.         HLLC.UNVISIBLE.D          File infector           08/02/99
116.         HLLC.UNVISIBLE.D(2)       File infector           08/02/99
117.         HLLO.3520                 File infector           08/02/99
118.         HLLO.3520 (2)             File infector           08/02/99
119.         HLLO.3520 (3)             File infector           08/02/99
120.         HLLO.4880                 File infector           08/02/99
121.         HLLO.4880 (2)             File infector           08/02/99
122.         HLLO.4880 (3)             File infector           08/02/99
123.         HLLO.Anti-NATO.4496       File infector           08/02/99
124.         HLLO.Anti-NATO.4496(2)    File infector           08/02/99
125.         HLLO.Anti-NATO.4496(3)    File infector           08/02/99
126.         HLLO.MYON.3549            File infector           08/02/99
127.         HLLO.MYON.3549(2)         File infector           08/02/99
128.         HLLP.4318                 File infector           08/16/99
129.         HLLP.4318 (2)             File infector           08/16/99
130.         HLLP.4318 (3)             File infector           08/16/99
131.         HLLP.DUKE.4336            File infector           08/16/99
132.         HLLP.DUKE.4336 (2)        File infector           08/16/99
133.         HLLP.DUKE.4336 (3)        File infector           08/16/99
134.         HLLP.DUKE.5200            File infector           08/16/99
135.         HLLP.DUKE.5200 (2)        File infector           08/16/99
136.         HLLP.DUKE.5200 (3)        File infector           08/16/99
137.         HLLP.DUKE.5280            File infector           08/16/99
138.         HLLP.DUKE.5280 (2)        File infector           08/16/99
139.         HLLP.DUKE.5280 (3)        File infector           08/16/99
140.         HLLP.HMOK.3783            File infector           08/16/99
141.         HLLP.HMOK.3783 (2)        File infector           08/16/99
142.         HLLP.HMOK.3783 (3)        File infector           08/16/99
143.         HLLP.Mutant.7489          File infector           08/16/99
144.         HLLP.Mutant.7489 (2)      File infector           08/16/99
145.         HLLP.Mutant.7489 (3)      File infector           08/16/99
146.         HLLP.Mutant.7489 (v1)     File infector           08/16/99
147.         HLLP.Mutant.7489 (v2)     File infector           08/16/99
148.         HLLP.Mutant.7489 (v3)     File infector           08/16/99
149.         KE.627                    File infector           08/16/99
150.         Kitana.114                Boot infector           08/16/99
151.         Linux.Bliss.b             File infector           08/09/99
152.         Mahon.1364                File infector           08/16/99
153.         MUZE.1796                 File infector           08/30/99
154.         MUZE.1796 (x)             File infector           08/30/99
155.         NOBODY.374                File infector           08/02/99
156.         Nutc.Ab2.2000/3000        File infector           08/16/99
157.         Nutcracker Family         File infector           08/16/99
158.         Nutcracker Family (2)     File infector           08/16/99
159.         Nutcracker Family (3)     File infector           08/16/99
160.         Nutcracker Family (4)     File infector           08/16/99
161.         Nutcracker.6000/7000      File infector           08/16/99
162.         Nutcracker.Bhd            File infector           08/16/99
163.         PROH.1454                 File infector           08/02/99
164.         PROH.1454 (x)             File infector           08/02/99
165.         Prosiak.Trojan            File infector           08/30/99
166.         PWSteal.4564              File infector           08/09/99
167.         PWSteal.4564 (2)          File infector           08/09/99
168.         Rul.336                   File infector           08/16/99
169.         Silly.Bat                 File infector           08/30/99
170.         Termite.6585              File infector           08/02/99
171.         Termite.6810              File infector           08/30/99
172.         Termite.7800              File infector           08/19/99
173.         Termite.7800 (2)          File infector           08/19/99
174.         Termite.7800 (ini)        File infector           08/30/99
175.         Termite.7800.B            File infector           08/30/99
176.         Termite.7800.B (2)        File infector           08/30/99
177.         Ternop.Worm               File infector           08/30/99
178.         TRIVIAL.27.H              File infector           08/02/99
179.         TRIVIAL.NOX.255           File infector           08/16/99
180.         Trivial.ow.60             File infector           08/30/99
181.         Trojan.KillAV             File infector           08/09/99
182.         Trojan.KillAV (2)         File infector           08/09/99
183.         Trojan.KillAV (3)         File infector           08/09/99
184.         Trojan.KillAV (4)         File infector           08/09/99
185.         Trojan.Shutdown           File infector           08/09/99
186.         Trojan.Shutdown (2)       File infector           08/09/99
187.         Trojan.Shutdown (3)       File infector           08/09/99
188.         Typer.704                 File infector           08/19/99
189.         VBS.Monopoly              File infector           08/09/99
190.         VCS Generated             File infector           08/30/99
191.         VCS Generated (2)         File infector           08/30/99
192.         VCS Virus (Gen1)          File infector           08/30/99
193.         W32.Bolzano               File infector           08/09/99
194.         W32.Bolzano.D             File infector           08/16/99
195.         W32.Bolzano.E             File infector           08/30/99
196.         W32.Bolzano.F             File infector           08/30/99
197.         W32.Bolzano.G/J           File infector           08/30/99
198.         W32.Bolzano.H/I           File infector           08/30/99
199.         W32.CTX                   File infector           09/07/99
200.         W32.Heathen               File infector           08/30/99
201.         W32.Highway.B             File infector           08/16/99
202.         W32.HLLO.12355            File infector           08/30/99
203.         W32.HLLO.28471            File infector           08/30/99
204.         W32.HLLW.Randir           File infector           08/30/99
205.         W32.Inrar                 File infector           08/30/99
206.         W32.Kriz.3740             File infector           08/16/99
207.         W32.Savior.1680           File infector           08/16/99
208.         W32.Savior.1904           File infector           08/16/99
209.         W32.Slow.8192             File infector           08/16/99
210.         W95.Altar                 File infector           08/30/99
211.         W95.Bumble.1738           File infector           08/16/99
212.         W95.Evyl                  File infector           08/30/99
213.         W95.Evyl.Intended         File infector           09/07/99
214.         W95.Fabi.B                File infector           08/16/99
215.         W95.Gara                  File infector           08/30/99
216.         W95.HLLC.Nan              File infector           08/30/99
217.         W95.Hllp.Mtv              File infector           08/16/99
218.         W95.Iced.1412             File infector           08/16/99
219.         W95.Iced.1617             File infector           08/16/99
220.         W95.Iced.2112             File infector           08/16/99
221.         W95.Lud.Jadis.B           File infector           08/16/99
222.         W95.Mad.2806              File infector           08/16/99
223.         W95.Orez                  File infector           08/09/99
224.         W95.SAB                   File infector           08/30/99
225.         W95.Sab.512               File infector           08/09/99
226.         W95.Vip                   File infector           08/30/99
227.         W95.Weird.Dropper         File infector           08/19/99
228.         W95.Werther               File infector           08/19/99
229.         W97M.Akuma.A              File infector           08/16/99
230.         W97M.AntiSocial.E         File infector           08/30/99
231.         W97M.Automat.A            File infector           08/02/99
232.         W97M.Automat.B            File infector           08/02/99
233.         W97M.Automat.H            File infector           08/09/99
234.         W97M.Automat.I            File infector           08/09/99
235.         W97M.Automat.K            File infector           08/16/99
236.         W97M.Automat.L            File infector           08/19/99
237.         W97M.Automat.N            File infector           08/19/99
238.         W97M.Fabi.B               File infector           08/16/99
239.         W97M.Fabi.Dropper         File infector           08/16/99
240.         W97M.IRCJack.B            File infector           08/02/99
241.         W97M.Locale.B             File infector           08/16/99
242.         W97M.Snrml                File infector           08/19/99
243.         W97M.VMPCK1.BM            File infector           08/02/99
244.         W97M.VMPCK1.BN            File infector           08/02/99
245.         W97M.Wazzu.FR             File infector           08/09/99
246.         WIN95.YOUD.1388           File infector           08/16/99
247.         Worm.DmSetup.E            File infector           08/30/99
248.         X97M.Automat.F            File infector           08/09/99
249.         X97M.Automat.M            File infector           08/19/99
250.         X97M.VCX.F                File infector           08/16/99
251.         X97M.Xlscan.b             File infector           08/09/99
252.         XM.Automat.C              File infector           08/02/99
253.         XM.Automat.D              File infector           08/09/99
254.         XM.Automat.G              File infector           08/09/99
255.         XM.Automat.O              File infector           08/30/99
256.         XM.Laroux.CE.var          File infector           08/02/99
257.         XM.Laroux.ES              File infector           08/02/99
258.         XM.Laroux.ET              File infector           08/09/99
259.         XM.Laroux.JH              File infector           08/02/99
260.         XM.VCX.F                  File infector           08/30/99
261.         ZORM.1120                 File infector           08/16/99
262.         ZORM.1120 (2)             File infector           08/16/99
263.         ZORM.1120 (x)             File infector           08/16/99
264.         ZORM.1412                 File infector           08/30/99
265.         ZORM.1412(x)              File infector           08/30/99
266.         ZORM.1863                 File infector           08/30/99
267.  
268. Name Changes:
269.  
270.         Old Virus Name            New Virus Name          Date changed
271.         --------------            --------------          ------------
272.         Blankey.STCN           to Bloodhound.Unknown      08/09/99
273.         Termite                to Termite.5000.A          08/02/99
274.         W32.Kriz.3740          to W32.Kriz                08/19/99
275.         W97M.Automat.A         to W97M.Desikrat.A         08/30/99
276.         W97M.Automat.B         to W97M.Locale.A           08/09/99
277.         W97M.Automat.I         to W97M.AntiSocial.D       08/30/99
278.         W97M.Automat.K         to W97M.Thus.A             08/30/99
279.         W97M.Automat.N         to W97M.VDNight.A          08/30/99
280.         W97M.Automat.H         to W97M.Cont               08/19/99
281.         X97M.VCX.E             to XM.VCX.E (2)            08/30/99
282.         X97M.XLSCAN.A          to X97M.VCX.E              08/30/99
283.         X97M.Xlscan.b          to X97M.VCX.G              08/30/99
284.         XM.Laroux.ET           to XM.Laroux.JI            08/30/99
285.  
286. Deletions:
287.  
288.         Virus Name                Infection Type          Date removed
289.         ----------                --------------          ------------
290.         Olivia.GR.Dropper         File infector           08/02/99
291.         Termite.C                 File infector           08/02/99
292.         VCS Generated             File infector           08/30/99
293.         VCS Virus (Gen1)          File infector           08/30/99
294.  
295. **********************************************************************
296. **    Enabling/Disabling PowerPoint Scanning                            **
297. **********************************************************************
298. PowerPoint Scanning is now enabled by default and can be optionally
299. disabled.  However, you may want to verify that files with
300. PowerPoint extensions will be scanned by making sure that your
301. NAV options have both ".PPT" and ".POT" in the list of extensions
302. to scan.
303.  
304. To disable PowerPoint scanning in NAV for Windows 95/NT
305. version 4.x or NAV for OS/2, a text file named NAVEX15.INF should
306. be placed in the directory where NAV 4.x or NAV 5.x is installed
307. (i.e., C:\Program Files\Norton AntiVirus).
308.  
309. To disable PowerPoint scanning in NAV for Netware version 4.x, a text
310. file named NAVEX15.INF should be placed in the directory where NAV
311. 4.x is installed (i.e., sys:system\navnlm).
312.  
313. To disable PowerPoint scanning in NAV for Windows 95/NT version 2.0,
314. NAV 4.x for Windows 3.1/DOS, NAVIEG 1.x, or NAVFW 1.x a text file
315. named NAVEX.INF should be placed in the directory where NAV is
316. installed (i.e., C:\NAV).
317.  
318. The contents of the text file, NAVEX15.INF or NAVEX.INF, determine
319. which components of NAV have PowerPoint scanning disabled.
320.  
321. To disable PowerPoint scanning for a particular component, use the
322. following table to determine the lines to add to the text file.
323. PowerPoint scanning can be disabled for more than one component if
324. needed by adding the required lines for the desired components.
325.  
326. +---------------------+--------------------------+--------------------+
327. |Windows 95/NT scanner|Windows 95/NT auto-protect|DOS scanner         |
328. +---------------------+--------------------------+--------------------+
329. |[NAVW32]             |[NAVAP]                   |[NAVDX]             |
330. |PowerPointScanning=0 |PowerPointScanning=0      |PowerPointScanning=0|
331. +---------------------+--------------------------+--------------------+
332.  
333. +----------------------+--------------------+--------------------+
334. |Windows 3.1 scanner/AP|Netware scanner         |OS/2 scanner/AP |
335. +----------------------+--------------------+--------------------+
336. |[NAVWIN]              |[NAVNLM]            |[NAVOS2]            |
337. |PowerPointScanning=0  |PowerPointScanning=0|PowerPointScanning=0|
338. +----------------------+--------------------+--------------------+
339.  
340. To enable PowerPoint scanning for a component, delete the lines
341. added for that component from the NAVEX15.INF or NAVEX.INF file.
342.  
343. **********************************************************************
344. **    Additional Information                                            **
345. **********************************************************************
346. SARC has equipped Norton AntiVirus with a new feature called
347. "Infestation Mode."  If a large number of new or unknown viruses
348. is found on the system during a scan, Norton AntiVirus will
349. automatically enable its highest level of detection.  This gives
350. users the most comprehensive protection in cases where a viral
351. infestation may have been detected.  If you would like to disable
352. this feature, you can do so by following these instructions:
353.  
354. 1. Create a text File called NAVEX15.INF in your Norton AntiVirus
355.    directory,e.g., C:\Program Files\Norton AntiVirus. If this file
356.    already exist go to step two.
357.  
358. 2. Place the following lines in this File on the left-hand margin:
359.  
360. [NAVW32]
361. infestmode=0
362.  
363. [NAVDX]
364. infestmode=0
365.  
366. 3. Save the File.
367.  
368.  
369. Additional information regarding this virus definitions update can be
370. found in UPDATE.TXT and TECHNOTE.TXT.
371.