home *** CD-ROM | disk | FTP | other *** search
/ PC World Plus! (NZ) 2001 September / PCW0901.iso / Utilitiy / NortonUtilities / nu50_tb_IN.exe / NU / VIRUSDEF / WHATSNEW.TXT < prev    next >
Text File  |  2000-04-13  |  18KB  |  324 lines

  1. **********************************************************************
  2. **                                                                  **
  3. **  What's New in the NAV Virus Definitions Files      WHATSNEW.TXT **
  4. **                                                                  **
  5. **  Symantec AntiVirus Research Center (SARC)        April 13 ,2000 **
  6. **                                                                  **
  7. **********************************************************************
  8. This document contains the following topics:
  9.  
  10.  * Virus Alerts
  11.  * New Technologies
  12.  * Changes Incorporated Into This Update
  13.  * Enabling Scanning Features
  14.  * Additional Information
  15.  
  16. **********************************************************************
  17. ** Virus Alerts                                                     **
  18. **********************************************************************
  19. The ten most commonly reported viruses, worldwide:
  20.  
  21.     1  W97M.Class
  22.     2  XM.Laroux
  23.     3  O97M.Tristate
  24.     4  W95.CIH
  25.     5  Happy99.Worm
  26.     6  WM.Cap
  27.     7  W97M.ColdApe
  28.     8  W97M.Ethan
  29.     9  W97M.Melissa
  30.    10  Worm.ExploreZip
  31.  
  32. **********************************************************************
  33. ** New Technologies                                                 **
  34. **********************************************************************
  35.  
  36. DATE         Technologies Added
  37. ----         ------------------
  38. 8/19/98    * Excel heuristics which detect and repair new and unknown
  39.              macro viruses in Excel 95 & 97 documents.
  40.  
  41. 9/16/98    * Added repair for encrypted Excel 97 documents.
  42.  
  43. 10/21/98   * Heuristics to detect AOL Password Stealer Trojans.
  44.            * WORD Heuristics improvement to increase detection rate.
  45.  
  46. 12/17/98   * Macro Exclusion Engine to speed up the scanning for Word
  47.              and Excel documents.
  48.            * PowerPoint engine to scan PowerPoint related viruses.
  49.              To enable this technology please read "Enabling/Disabling
  50.              PowerPoint Scanning" section later in this document.
  51.  
  52. 02/18/99   * Detection and repair of macro viruses in Word and Excel
  53.              2000 documents.
  54.  
  55. 05/12/99   * Added repair for PowerPoint viruses.
  56.            * Improved heuristics to detect more WORD 97 related
  57.              viruses.
  58.  
  59. 06/10/99   * Menu repair technology for WORD macro viruses that change
  60.              command bar customizations in NORMAL.DOT.
  61.  
  62. 07/12/99   * Added support for scanning of Ichitaro 8/9 documents.
  63.              (Ichitaro is a Japanese word processing program).
  64.  
  65. 08/19/99   * Added detection and repair for embedded documents inside
  66.              PowerPoint 97.
  67.  
  68. 11/22/99   * Added detection and repair for Trojans embedded in OLE
  69.              files, such as Windows scrap files and MS Office
  70.              documents.
  71.            * Added detection for viruses which infect Microsoft
  72.              Project documents (P98M.Corner.A, for example).
  73.  
  74. 02/10/00   * Added support for scanning of UNIX executables.
  75.            * Added detection for infected Visio documents.
  76.  
  77. **********************************************************************
  78. ** Changes Incorporated Into This Virus Definitions Update          **
  79. **********************************************************************
  80. New virus definitions:
  81.  
  82.         Virus Name                Infection Type          Week added
  83.         ----------                --------------          ----------
  84.         Backdoor.BladeRunner      File infector           03/27/00
  85.         Backdoor.DonaldDick       File infector           04/10/00
  86.         Backdoor.Grab             File infector           03/27/00
  87.         Backdoor.HackTack.120     File infector           04/03/00
  88.         Backdoor.Komut            File infector           03/17/00
  89.         Backdoor.Krass            File infector           03/27/00
  90.         Backdoor.Ping.B           File infector           04/13/00
  91.         Backdoor.Psychward.b      File infector           04/03/00
  92.         Backdoor.Senna            File infector           03/27/00
  93.         Backdoor.SubSeven22       File infector           03/31/00
  94.         BAT.Chode.Worm            File infector           03/31/00
  95.         DonaldD.Trojan.B          File infector           04/10/00
  96.         Giggles.Trojan            File infector           03/27/00
  97.         Infector.Trojan           File infector           03/17/00
  98.         Irok.Trojan.Worm          File infector           04/03/00
  99.         Irok.Trojan.Worm(G1)      File infector           04/13/00
  100.         Irok.Trojan.Worm(G2)      File infector           04/13/00
  101.         Irok.Trojan.Worm.B        File infector           04/10/00
  102.         Linux.Backdoor.IN         File infector           03/17/00
  103.         Linux.Bliss.A             File infector           03/17/00
  104.         Linux.Bliss.B             File infector           03/17/00
  105.         Linux.Dies.969            File infector           04/13/00
  106.         Linux.Silv5444            File infector           03/17/00
  107.         Movie.Pif.Worm            File infector           03/17/00
  108.         O97M.Exceller.A           File infector           03/27/00
  109.         PHX.823 (x)               File infector           04/10/00
  110.         PWSTEAL.Trojan.C          File infector           04/13/00
  111.         Scap.855                  File infector           04/13/00
  112.         Shifter.1295              File infector           03/27/00
  113.         Shifter.1295 (x)          File infector           03/27/00
  114.         Solaris.DoS.stacheld.s    File infector           03/17/00
  115.         Trojan.Bat.HDKill         File infector           03/27/00
  116.         Trojan.Bat.Winuck         File infector           04/13/00
  117.         Unix.Bash                 File infector           03/17/00
  118.         Unix.Dumb.A               File infector           03/17/00
  119.         Unix.Dumb.B               File infector           03/17/00
  120.         Unix.Gift                 File infector           03/17/00
  121.         Unix.Jaded                File infector           03/17/00
  122.         Unix.ls                   File infector           03/17/00
  123.         Unix.Penguin              File infector           03/17/00
  124.         Unix.PSite                File infector           03/17/00
  125.         VBS.Freelove.A            File infector           04/10/00
  126.         VBS.IROK                  File infector           04/03/00
  127.         VBS.Network.B             File infector           04/10/00
  128.         VBS.Network.C             File infector           04/10/00
  129.         VBS.Orochi                File infector           03/17/00
  130.         W32.AOC.3676              File infector           03/27/00
  131.         W32.ASpam.Trojan          File infector           04/03/00
  132.         W32.ASpam.Trojan.B        File infector           04/03/00
  133.         W32.Bolzano.T             File infector           04/10/00
  134.         W32.Cholera.B.Worm        File infector           03/27/00
  135.         W32.Cholera.C.Worm        File infector           03/27/00
  136.         W32.Gift.32768.B          File infector           04/10/00
  137.         W32.Gift.34304            File infector           04/10/00
  138.         W32.Gift.40960            File infector           04/10/00
  139.         W32.HLLP.Bora.11264       File infector           03/27/00
  140.         W32.HLLP.Bora.Mirc        File infector           03/27/00
  141.         W32.Inrar.B               File infector           03/27/00
  142.         W32.KMKY.24576            File infector           04/13/00
  143.         W32.Kriz.4270.G1          File infector           04/13/00
  144.         W32.Orochi.5420           File infector           03/27/00
  145.         W32.Orochi.5420 (mIRC)    File infector           03/17/00
  146.         W32.Poison.B.Worm         File infector           04/10/00
  147.         W32.Poison.Worm           File infector           04/10/00
  148.         W32.PrettyPark.J.Worm     File infector           04/10/00
  149.         W32.PrettyPark.K.Worm     File infector           04/10/00
  150.         W32.Refer.2939            File infector           03/27/00
  151.         W32.Spit.B                File infector           03/27/00
  152.         W32.Weird (gen1)          File infector           04/03/00
  153.         W32.Weird (gen1_2)        File infector           04/03/00
  154.         W32.Weird (gen1_3)        File infector           04/03/00
  155.         W32.Weird (gen1_4)        File infector           04/03/00
  156.         W95.Boza.2220.Int         File infector           03/27/00
  157.         W95.CIH.1363              File infector           04/10/00
  158.         W95.Fabi.G1               File infector           04/13/00
  159.         W95.Lud.Jez.682           File infector           04/13/00
  160.         W95.Matrix.3597           File infector           03/27/00
  161.         W95.Matrix.3597.TR        File infector           03/27/00
  162.         W95.Matrix.3597.TR (2)    File infector           03/27/00
  163.         W95.Powerful.1592.Int     File infector           04/10/00
  164.         W95.Powerful.7186.Int     File and Boot infector  04/10/00
  165.         W95.Priest.1454           File infector           03/27/00
  166.         W95.Priest.1486           File infector           03/27/00
  167.         W95.Priest.1495           File infector           03/27/00
  168.         W95.Psig                  File infector           04/13/00
  169.         W95.SAB.C                 File infector           04/10/00
  170.         W95.SGWW.2264             File infector           04/13/00
  171.         W95.SK (com)              File infector           03/27/00
  172.         W95.Tecata.1761           File infector           03/27/00
  173.         W95.VIP.4309.B            File infector           03/27/00
  174.         W95.Weird.C               File infector           03/27/00
  175.         W95.Weird.C.Backdoor      File infector           03/27/00
  176.         W95.Ylang.1536.A          File infector           03/27/00
  177.         W97M.Aleja.Family         File infector           04/10/00
  178.         W97M.Alina.A              File infector           04/13/00
  179.         W97M.Astia.L              File infector           04/10/00
  180.         W97M.Bablas.G             File infector           03/27/00
  181.         W97M.Bablas.K             File infector           04/03/00
  182.         W97M.Bablas.N             File infector           03/27/00
  183.         W97M.Bablas.T             File infector           04/03/00
  184.         W97M.Bablas.U             File infector           04/03/00
  185.         W97M.Bablas.V             File infector           04/03/00
  186.         W97M.Bogor.A              File infector           04/10/00
  187.         W97M.Buendia              File infector           04/03/00
  188.         W97M.Cat.A                File infector           04/10/00
  189.         W97M.Ciao.A               File infector           03/27/00
  190.         W97M.Class.EJ             File infector           03/27/00
  191.         W97M.Claudio              File infector           03/17/00
  192.         W97M.CViper               File infector           04/03/00
  193.         W97M.Eight941.F           File infector           04/10/00
  194.         W97M.Ferie.A              File infector           04/10/00
  195.         W97M.FS.B.Ru              File infector           03/17/00
  196.         W97M.IIS.U                File infector           04/13/00
  197.         W97M.IJK                  File infector           03/17/00
  198.         W97M.IJK.B                File infector           04/03/00
  199.         W97M.Johnny               File infector           04/13/00
  200.         W97M.KAPSYAW              File infector           03/27/00
  201.         W97M.Lenni.A              File infector           03/27/00
  202.         W97M.Marker.BW            File infector           03/27/00
  203.         W97M.MXFile.C             File infector           04/03/00
  204.         W97M.Opey.P               File infector           03/27/00
  205.         W97M.Proverb.A            File infector           04/03/00
  206.         W97M.Service              File infector           04/03/00
  207.         W97M.Stun                 File infector           03/17/00
  208.         W97M.Thus.Q               File infector           03/27/00
  209.         W97M.Thus.R               File infector           04/03/00
  210.         W97M.Titch.C              File infector           04/10/00
  211.         W97M.Titch.E              File infector           03/27/00
  212.         W97M.Verlor.E             File infector           03/27/00
  213.         W97M.Verlor.Family        File infector           04/10/00
  214.         W97M.Wrench.E             File infector           03/27/00
  215.         W97M.Wrench.Family        File infector           04/03/00
  216.         Win.Non.31995             File infector           04/13/00
  217.         Win.Non.31995 dropper     File infector           04/13/00
  218.         Win32.Weird.Dropped       File infector           04/03/00
  219.         X97M.Automat.AE           File infector           03/17/00
  220.         X97M.Automat.AF           File infector           04/13/00
  221.         X97M.DIVI.E               File infector           03/17/00
  222.         X97M.Looksn               File infector           04/03/00
  223.         X97M.Tegrat.A             File infector           03/27/00
  224.  
  225.  
  226. Name Changes:
  227.  
  228.         Old Virus Name            New Virus Name          Date changed
  229.         --------------            --------------          ------------
  230.         BAT.Chode.Worm         to BAT911.Worm             04/10/00
  231.         W32.AOC.3650           to W32.AOC.3649            03/17/00
  232.         W32.PrettyPark.G.Worm  to W32.PrettyPark.Curr     04/10/00
  233.         W95.Fosoforo.Int       to W95.Fosforo.Int         04/10/00
  234.         W95.Ylang.1536         to W95.Ylang.1536.B        03/17/00
  235.         W97M.Class.EJ          to W97M.Class.EL           04/10/00
  236.         W97M.Claudio           to W97M.Claud.A            04/10/00
  237.         W97M.Cobra.L           to W97M.Cobra.O            04/10/00
  238.         W97M.CViper            to W97M.Viper.A            04/10/00
  239.         W97M.Marker.CG         to W97M.Marker.CQ          04/10/00
  240.         W97M.Overlord          to W97M.Verlor.A           04/10/00
  241.         X97M.Base.A            to X97M.Divi.A/B           04/10/00
  242.         X97M.Base.B            to X97M.Divi.F             04/10/00
  243.         X97M.DIVI.D            to X97M.Divi.C             04/10/00
  244.         X97M.Tegrat.A          to X97M.Tracker            04/03/00
  245.         X97M.Tracker           to X97M.Divi.D             04/10/00
  246.  
  247. Deletions:
  248.  
  249.         Virus Name                Infection Type          Date removed
  250.         ----------                --------------          ------------
  251.         X97M.Automat.AE           File infector           04/10/00
  252.  
  253. **********************************************************************
  254. **  Enabling Scanning Features                                      **
  255. **********************************************************************
  256.  
  257. Several scanning features can be enabled through the use of an INF 
  258. configuration file.  For NAV for Windows 95/NT version 4.x and later, 
  259. or NAV for OS/2, this configuration file should be called NAVEX15.INF
  260. and should be placed in the directory where NAV is installed (i.e.,
  261. C:\Program Files\Norton AntiVirus).  For NAV for Netware version 4.x,
  262. the file should be called NAVEX15.INF and should be placed in the 
  263. directory where NAV 4.x is installed (i.e., sys:system\navnlm). For
  264. NAV for Windows 95/NT version 2.0, NAV 4.x for Windows 3.1/DOS,
  265. NAVIEG 1.x, or NAVFW 1.x, the file should be named NAVEX.INF and
  266. should be placed in the directory where NAV is installed (i.e., C:\NAV).
  267. If this configuration file does not exist, create one in the appropriate
  268. directory if you want to change the default settings.
  269.  
  270. To enable a scanning feature for a particular component, one or more 
  271. entries need to be added to the configuration file under the correct
  272. section.  For each platform there is a corresponding section that is used 
  273. in the INF file.  Below is a table of section names and platforms.
  274.  
  275. Section Name    Platform
  276. ------------    --------
  277. NAVW32          Windows 95/98/NT
  278. NAVAP           Windows 95/98/NT Auto-Protect
  279. NAVDX           DOS
  280. NAVNLM          Netware
  281. NAVWIN          Windows 3.1
  282. NAVOS2          OS/2
  283. NAVAIX          AIX
  284. NAVSOL          Solaris
  285.  
  286. Entries are case insensitive.  Below is a description of possible 
  287. entries.
  288.  
  289. 1. Files can be excluded from scans by the NAVEX engine.  To exclude a
  290. specific file from the NAVEX engine scan, add an entry with the full
  291. path and file name.  This is case insensitive.  No wildcards are allowed.
  292. To exclude multiple files, add a separate entry for each file.  To exclude
  293. a file, add an entry like the one below where <PATH> is the full path
  294. and file name.
  295.         ExcludeFile = <PATH>
  296.  
  297. 2. Files within a directory can be excluded from scans by the NAVEX engine.
  298. To exclude all files within a directory, add an entry with the full 
  299. directory path.  This is case insensitive.  No wildcards are allowed.  This
  300. does not exclude files located in subdirectories of the specified 
  301. directory.  To exclude multiple directories, add a separate entry for each
  302. directory. To exclude a directory, add an entry like the one below where
  303. <DIRECTORY> is the full path.
  304.         ExcludeDirectory = <DIRECTORY>
  305.  
  306. The following example of an INF configuration file excludes two files, 
  307. NOSCAN.EXE and BIGFILE.DOC, from NAVEX scans for the Windows 95/98/NT 
  308. scanner.  It excludes the D:\PRIVATE directory from Windows 95/98/NT 
  309. Auto-Protect.
  310.  
  311. [NAVW32]
  312. ExcludeFile = C:\PROGRAM FILES\NOSCAN.EXE
  313. ExcludeFile = C:\TEMP\BIGFILE.DOC
  314.  
  315. [NAVAP]
  316. ExcludeDirectory = D:\PRIVATE
  317.  
  318. **********************************************************************
  319. **    Additional Information                                        **
  320. **********************************************************************
  321.  
  322. Additional information regarding this virus definitions update can be
  323. found in UPDATE.TXT and TECHNOTE.TXT.
  324.