home *** CD-ROM | disk | FTP | other *** search

---

/ Revista CD Expert 8 / Revista CD Expert nº 08 CD1.iso / Update_nav5 / sarci32.exe / WHATSNEW.TXT

< prev

next >

Wrap

Text File  |  1999-06-24  |  26KB  |  433 lines

---

1. **********************************************************************
2. **                                                                  **
3. **  What's New in the NAV Virus Definitions Files      WHATSNEW.TXT **
4. **                                                                  **
5. **  Symantec AntiVirus Research Center (SARC)         June 21, 1999 **
6. **                                                                  **
7. **********************************************************************
8. This document contains the following topics:
9.  
10.  * Virus Alerts
11.  * New Technologies
12.  * Changes Incorporated Into This Update
13.  * Enabling/Disabling PowerPoint Scanning
14.  * Additional Information
15.  
16. **********************************************************************
17. ** Virus Alerts                                                     **
18. **********************************************************************
19. The ten most commonly reported viruses, worldwide:
20.  
21.     1  W97M.Class
22.     2  XM.Laroux
23.     3  O97M.Tristate
24.     4  W95.CIH
25.     5  Happy99.Worm
26.     6  WM.Cap
27.     7  W97M.ColdApe
28.     8  W97M.Ethan
29.     9  W97M.Melissa
30.    10  Worm.ExploreZip
31.  
32. **********************************************************************
33. ** New Technologies                                                 **
34. **********************************************************************
35.  
36. DATE         Technologies Added
37. ----         ------------------
38. 8/19/98    * Excel heuristics which detect and repair new and unknown
39.              macro viruses in Excel 95 & 97 documents.
40.  
41. 9/16/98    * Added repair for encrypted Excel 97 documents.
42.  
43. 10/21/98   * Heuristics to detect AOL Password Stealer Trojans.
44.            * WORD Heuristics improvement to increase detection rate.
45.  
46. 12/17/98   * Macro Exclusion Engine to speed up the scanning for Word
47.              and Excel documents.
48.            * PowerPoint engine to scan PowerPoint related viruses.
49.              To enable this technology please read "Enabling/Disabling
50.              PowerPoint Scanning" section later in this document.
51.  
52. 02/18/99   * Detection and repair of macro viruses in Word and Excel
53.              2000 documents.
54.  
55. 05/12/99   * Added repair for PowerPoint viruses.
56.            * Improved heuristics to detect more WORD 97 related
57.              viruses.
58.  
59. 06/10/99   * Menu repair technology for WORD macro viruses that change
60.              command bar customizations in NORMAL.DOT.
61.  
62. **********************************************************************
63. ** Changes Incorporated Into This Virus Definitions Update            **
64. **********************************************************************
65. New virus definitions:
66.  
67.         Virus Name                Infection Type          Week added
68.         ----------                --------------          ----------
69.         Abbas.1100                File infector           06/10/99
70.         AOD.385                   File infector           06/10/99
71.         AOD.385 (2)               File infector           06/10/99
72.         AOL Trojan 1              File infector           06/07/99
73.         AOL Trojan 2              File infector           06/07/99
74.         AOL Trojan 3              File infector           06/07/99
75.         AOL Trojan 4              File infector           06/07/99
76.         AOL Trojan 5              File infector           06/07/99
77.         AOL Trojan 6              File infector           06/07/99
78.         AOL Trojan 7              File infector           06/07/99
79.         AOL Trojan 8              File infector           06/07/99
80.         AOL Trojan 9              File infector           06/07/99
81.         AOL Trojan Buddy          File infector           06/07/99
82.         AOL Trojan Buddy 2        File infector           06/07/99
83.         AOL Trojan Buddy 3        File infector           06/07/99
84.         AOL Trojan Winsyst        File infector           06/07/99
85.         AOL Trojan Winsyst 2      File infector           06/07/99
86.         AOL Trojan Winsyst 3      File infector           06/07/99
87.         Appender.1210             File infector           06/21/99
88.         Backdoor.SubSeven         File infector           06/07/99
89.         BackdoorG-DLL.Trojan      File infector           06/07/99
90.         BAT.Bingo.1963            File infector           05/12/99
91.         BAT.Combat.736            File infector           05/12/99
92.         BAT.Combat.737            File infector           05/12/99
93.         BAT.FRET.1023             File infector           05/12/99
94.         BAT.GRUNCH.1189           File infector           05/12/99
95.         BAT.HIGHJAQ.1400          File infector           05/12/99
96.         BAT.HOLOCAST.1362         File infector           05/12/99
97.         BAT.HOLOCAST.1655         File infector           05/12/99
98.         BAT.MDMA.990              File infector           05/12/99
99.         Beast.B.Trojan            File infector           06/21/99
100.         BIOS.Password.Trojan      File infector           06/21/99
101.         Bloodhound.Hybrid         File infector           05/12/99
102.         Boza.D                    File infector           05/12/99
103.         Burglar.1150 (Gen1)       File infector           06/21/99
104.         Burglar.1150 (Gen1) 2     File infector           06/21/99
105.         Companion.Friendb.330     File infector           06/01/99
106.         CS.Galadriel              File infector           05/12/99
107.         CS.Galadriel (2)          File infector           05/12/99
108.         CS.Galadriel (3)          File infector           05/12/99
109.         DBO-3 (b)                 Boot infector           06/01/99
110.         Derwolf.2219              File infector           06/01/99
111.         Derwolf.2219 (2)          File infector           06/01/99
112.         Devcon.8824               File infector           05/12/99
113.         Djifx.2372                File infector           05/24/99
114.         Elsa.857                  File infector           05/24/99
115.         Emperor                   File and Boot infector  06/01/99
116.         EXEHDR.BANE.256.C         File infector           05/12/99
117.         EXEHDR.CLUST.384.C        File infector           05/12/99
118.         EXEHDR.EM.250             File infector           05/12/99
119.         Fake Server Trojan        File infector           06/21/99
120.         Fake Server Trojan 2      File infector           06/21/99
121.         Fake Server Trojan 3      File infector           06/21/99
122.         Fake Server Trojan 4      File infector           06/21/99
123.         FCL.2044                  File infector           06/07/99
124.         FCL.2044 (2)              File infector           06/07/99
125.         FCL.2044 (3)              File infector           06/07/99
126.         Gene.454                  File infector           06/10/99
127.         Goma.1002                 File infector           06/01/99
128.         Goma.743                  File infector           06/01/99
129.         Hack Server Trojan        File infector           06/21/99
130.         Hack Server Trojan 2      File infector           06/21/99
131.         Hack Server Trojan 3      File infector           06/21/99
132.         Hack Server Trojan 4      File infector           06/21/99
133.         Hack v1.12 Trojan         File infector           06/21/99
134.         Hack v1.12 Trojan 2       File infector           06/21/99
135.         Hack v1.12 Trojan 3       File infector           06/21/99
136.         Hack v1.12 Trojan 4       File infector           06/21/99
137.         Hack'a'Tack Trojan        File infector           06/21/99
138.         Hack'a'Tack Trojan 2      File infector           06/21/99
139.         Hack'a'Tack Trojan 3      File infector           06/21/99
140.         Hack'a'Tack Trojan 4      File infector           06/21/99
141.         Hal-Com.2862              File infector           06/10/99
142.         HBR.135                   File infector           06/10/99
143.         Heathen.12288(DLL)        File infector           06/21/99
144.         HLLC.4480                 File infector           05/24/99
145.         HLLC.4480 (2)             File infector           05/24/99
146.         HLLC.4528                 File infector           06/07/99
147.         HLLC.4528(2)              File infector           06/07/99
148.         HLLC.4544                 File infector           05/24/99
149.         HLLC.4544 (2)             File infector           05/24/99
150.         HLLO.4317.B               File infector           05/12/99
151.         HLLO.C-VIRUS.4601         File infector           05/12/99
152.         HLLO.C-VIRUS.5924         File infector           05/12/99
153.         HLLO.Maniac.5946          File infector           06/01/99
154.         HLLO.Maniac.5946 (2)      File infector           06/01/99
155.         HLLP.5192                 File infector           06/07/99
156.         HLLP.5192(2)              File infector           06/07/99
157.         HLLP.9700                 File infector           05/24/99
158.         HLLP.9700 (2)             File infector           05/24/99
159.         HLLP.9700 (3)             File infector           05/24/99
160.         HLLP.DThought.13120       File infector           05/24/99
161.         HLLP.DThought.13120.B     File infector           05/24/99
162.         HLLP.GROSSER              File infector           05/24/99
163.         HLLP.GROSSER (2)          File infector           05/24/99
164.         HLLP.Krile.5017           File infector           05/24/99
165.         HLLT.Krile.5017           File infector           05/24/99
166.         HLLW.8560                 File infector           06/07/99
167.         HLLW.8560(2)              File infector           06/07/99
168.         Istanbul.1385             File infector           06/01/99
169.         Istanbul.1385 (x)         File infector           06/01/99
170.         Jackie2.5743              File infector           06/21/99
171.         Jackie2.5743 (2)          File infector           06/21/99
172.         Jacklyn.12301             File infector           06/21/99
173.         Jacklyn.12301 (2)         File infector           06/21/99
174.         Jags.394                  File infector           06/01/99
175.         JAP_HAL (b)               Boot infector           06/01/99
176.         JDC.1165                  File infector           06/10/99
177.         JDC.1165 (2)              File infector           06/10/99
178.         JDC.1165 (3)              File infector           06/10/99
179.         Jessica.1261              File infector           06/10/99
180.         Jessica.1261 (x)          File infector           06/10/99
181.         K2PS.Trojan               File infector           05/12/99
182.         KID.256                   File infector           05/12/99
183.         KuSuMah.3967              File infector           06/01/99
184.         KuSuMah.4268 (x)          File infector           06/01/99
185.         Lazarus.2222              File infector           06/01/99
186.         Lilith(2)                 Boot infector           05/12/99
187.         Lucky.487                 File infector           05/24/99
188.         Magichole.512             File infector           06/01/99
189.         Mahon.1372                File infector           06/01/99
190.         Moloch(2)                 Boot infector           05/12/99
191.         Nelson.226                File infector           06/10/99
192.         Nephew.3758               File infector           06/01/99
193.         Nephew.3758 (2)           File infector           06/01/99
194.         Nephew.3758 (x)           File infector           06/01/99
195.         Nephew.3758 (x2)          File infector           06/01/99
196.         Netbus 2.01 Trojan 1      File infector           06/07/99
197.         Netbus 2.01 Trojan 10     File infector           06/07/99
198.         Netbus 2.01 Trojan 11     File infector           06/07/99
199.         Netbus 2.01 Trojan 12     File infector           06/07/99
200.         Netbus 2.01 Trojan 13     File infector           06/07/99
201.         Netbus 2.01 Trojan 14     File infector           06/07/99
202.         Netbus 2.01 Trojan 15     File infector           06/07/99
203.         Netbus 2.01 Trojan 2      File infector           06/07/99
204.         Netbus 2.01 Trojan 3      File infector           06/07/99
205.         Netbus 2.01 Trojan 4      File infector           06/07/99
206.         Netbus 2.01 Trojan 5      File infector           06/07/99
207.         Netbus 2.01 Trojan 6      File infector           06/07/99
208.         Netbus 2.01 Trojan 7      File infector           06/07/99
209.         Netbus 2.01 Trojan 8      File infector           06/07/99
210.         Netbus 2.01 Trojan 9      File infector           06/07/99
211.         Nipple.823                File infector           06/01/99
212.         Nipple.823 (2)            File infector           06/01/99
213.         Nomad.1022                File infector           06/10/99
214.         Onkelz.527.c              File infector           06/10/99
215.         PM Trojan                 File infector           06/21/99
216.         PM Trojan (2)             File infector           06/21/99
217.         PM Trojan (3)             File infector           06/21/99
218.         PM Trojan (4)             File infector           06/21/99
219.         PM Trojan (DLL)           File infector           06/21/99
220.         PM Trojan (DLL) (2)       File infector           06/21/99
221.         PM Trojan (DLL) (3)       File infector           06/21/99
222.         PM Trojan (DLL) (4)       File infector           06/21/99
223.         PM Trojan (OCX)           File infector           06/21/99
224.         PM Trojan (OCX) (2)       File infector           06/21/99
225.         PM Trojan (OCX) (3)       File infector           06/21/99
226.         PM Trojan (TIM)           File infector           06/21/99
227.         PM Trojan (TIM) (2)       File infector           06/21/99
228.         PM Trojan (TIM) (3)       File infector           06/21/99
229.         PrettyPark.Worm           File infector           06/07/99
230.         PS-MPC.Mudshark           File infector           06/07/99
231.         PVW (Gen1)                File infector           05/24/99
232.         Reizfaktor (Bat)          File infector           06/01/99
233.         Reizfaktor (inf)          File infector           06/01/99
234.         Reizfaktor (inf2)         File infector           06/01/99
235.         Restive.543               File infector           06/10/99
236.         Retro.852                 File infector           05/24/99
237.         Retro.974                 File infector           06/01/99
238.         Retro.974 (2)             File infector           06/01/99
239.         Retro.974 (3)             File infector           06/01/99
240.         Saboteur.1391             File infector           06/10/99
241.         SillyC.315                File infector           05/24/99
242.         SillyC.352                File infector           05/24/99
243.         SillyC.999                File infector           05/24/99
244.         SillyC.999 (Gen1)         File infector           05/24/99
245.         SILLYOC.106.A             File infector           05/12/99
246.         SILLYOC.186.B2            File infector           05/12/99
247.         SillyOE.Scorn             File infector           05/24/99
248.         Snake.787                 File infector           06/10/99
249.         Snake.787 (2)             File infector           06/10/99
250.         Snake.787 (3)             File infector           06/10/99
251.         SP1 Basic.Trojan          File infector           06/01/99
252.         SP1 Basic.Trojan (2)      File infector           06/01/99
253.         Termite.5000.B            File infector           06/21/99
254.         Termite.C                 File infector           06/21/99
255.         Tosha.3314                File infector           06/10/99
256.         Trivial.123.b             File infector           05/24/99
257.         Trivial.52.b              File infector           06/21/99
258.         Trivial.53.f              File infector           06/21/99
259.         Trivial.54.c              File infector           06/10/99
260.         Trivial.55.d              File infector           06/21/99
261.         Trivial.56.b              File infector           06/10/99
262.         Trivial.56.c              File infector           06/10/99
263.         Trivial.57                File infector           06/10/99
264.         Trivial.58                File infector           06/21/99
265.         Trivial.59.b              File infector           06/21/99
266.         Trivial.60.E              File infector           05/24/99
267.         Trivial.60.F              File infector           05/24/99
268.         Trivial.84.b              File infector           05/24/99
269.         Troi.926                  File infector           06/07/99
270.         Troi.926 (2)              File infector           06/07/99
271.         Ugly.4893                 File infector           05/12/99
272.         V.1906                    File infector           06/21/99
273.         VCL.156                   File infector           06/10/99
274.         VirDem.824                File infector           06/07/99
275.         Viva.752                  File infector           06/01/99
276.         Vojager.512               File infector           05/24/99
277.         W95.Enumiacs              File infector           05/12/99
278.         W95.Enumiacs (EXE)        File infector           05/12/99
279.         W95.Enumiacs (EXE) 2      File infector           05/12/99
280.         W95.Enumiacs (EXE) 3      File infector           05/12/99
281.         W95.Highway               File infector           05/12/99
282.         W95.Highway (DLL)         File infector           05/12/99
283.         W95.Highway (DLL) 2       File infector           05/12/99
284.         W95.Highway (DLL) 3       File infector           05/12/99
285.         W95.Niko                  File infector           05/12/99
286.         W95.Obsolete              File infector           05/12/99
287.         W95.Ruff                  File infector           05/12/99
288.         W95.Savior                File infector           05/12/99
289.         W95.Zombie.B              File infector           05/24/99
290.         W97M.Class.DN             File infector           06/21/99
291.         W97M.CopyTemp.intd        File infector           06/01/99
292.         W97M.Daydream.A           File infector           06/01/99
293.         W97M.Heathen.12288.A      File infector           06/21/99
294.         W97M.IIS.I                File infector           06/10/99
295.         W97M.IRCJack.A            File infector           06/21/99
296.         W97M.Jedi.G               File infector           05/24/99
297.         W97M.KillGood.Trojan      File infector           06/21/99
298.         W97M.MAMM.A               File infector           05/12/99
299.         W97M.MDMA.BV              File infector           05/12/99
300.         W97M.Melissa.I            File infector           06/21/99
301.         W97M.MFV                  File infector           06/21/99
302.         W97M.Mimir.A              File infector           05/12/99
303.         W97M.Nail.A               File infector           06/10/99
304.         W97M.No_va.D              File infector           06/01/99
305.         W97M.Reizfaktor           File infector           06/01/99
306.         W97M.Steak.A              File infector           06/21/99
307.         W97M.Steak.B              File infector           06/21/99
308.         W97M.VMAN.A               File infector           06/10/99
309.         WM.Automat.H              File infector           05/12/99
310.         WM.Automat.Q              File infector           05/24/99
311.         WM.CBA.B                  File infector           06/10/99
312.         WM.Mentes.E               File infector           06/07/99
313.         Worm.ExploreZip           File infector           06/07/99
314.         WuChing.Boot.Dropper      Boot infector           06/01/99
315.         X97M.Flyaway.A            File infector           06/10/99
316.         X97M.Laroux.JF            File infector           05/24/99
317.         X97M.PTH                  File infector           05/24/99
318.         XM.Cpot.intd              File infector           05/24/99
319.         XM.Friend.B               File infector           06/07/99
320.         XM.Laroux.C               File infector           06/10/99
321.         XM.Laroux.HQ              File infector           06/01/99
322.         XM.Laroux.HR              File infector           06/07/99
323.         XM.Trasher.Cobra          File infector           06/10/99
324.         XM.Trasher.Enigma         File infector           06/10/99
325.         XM.Trasher.Freezer        File infector           06/10/99
326.         Zohr.4160                 File infector           06/01/99
327.         Zorm.265                  File infector           05/24/99
328.         Zorm.573                  File infector           06/01/99
329.  
330. Name Changes:
331.  
332.         Old Virus Name            New Virus Name          Date changed
333.         --------------            --------------          ------------
334.         Explore666.59932       to Explore666.59392        06/07/99
335.         Explore666.59932(2)    to Explore666.59392(2)     06/07/99
336.  
337. Deletions:
338.  
339.         Virus Name                Infection Type          Date removed
340.         ----------                --------------          ------------
341.         AOL Trojan Buddy          File infector           06/21/99
342.         AOL Trojan Buddy 2        File infector           06/21/99
343.         AOL Trojan Buddy 3        File infector           06/21/99
344.         Bupt.1279                 File infector           06/01/99
345.         Djifx.2372                File infector           05/12/99
346.         FCL.2044                  File infector           06/07/99
347.         FCL.2044 (2)              File infector           06/07/99
348.         FCL.2044 (3)              File infector           06/07/99
349.         JAP_HAL (b)               Boot infector           06/07/99
350.         Laufwerk                  File infector           06/21/99
351.         November 17.768.B (x)     File infector           06/07/99
352.         PS-MPC.Mudshark           File infector           06/01/99
353.         PVW (Gen1)                File infector           05/12/99
354.         VirDem.824                File infector           06/01/99
355.         WM.Automat.H              File infector           05/24/99
356.  
357. **********************************************************************
358. **    Enabling/Disabling PowerPoint Scanning                            **
359. **********************************************************************
360. PowerPoint Scanning is now enabled by default and can be optionally
361. disabled.  However, you may want to verify that files with
362. PowerPoint extensions will be scanned by making sure that your
363. NAV options have both ".PPT" and ".POT" in the list of extensions
364. to scan.
365.  
366. To disable PowerPoint scanning in NAV for Windows 95/NT
367. version 4.x or NAV for OS/2, a text file named NAVEX15.INF should
368. be placed in the directory where NAV 4.x or NAV 5.x is installed
369. (i.e., C:\Program Files\Norton AntiVirus).
370.  
371. To disable PowerPoint scanning in NAV for Netware version 4.x, a text
372. file named NAVEX15.INF should be placed in the directory where NAV
373. 4.x is installed (i.e., sys:system\navnlm).
374.  
375. To disable PowerPoint scanning in NAV for Windows 95/NT version 2.0,
376. NAV 4.x for Windows 3.1/DOS, NAVIEG 1.x, or NAVFW 1.x a text file
377. named NAVEX.INF should be placed in the directory where NAV is
378. installed (i.e., C:\NAV).
379.  
380. The contents of the text file, NAVEX15.INF or NAVEX.INF, determine
381. which components of NAV have PowerPoint scanning disabled.
382.  
383. To disable PowerPoint scanning for a particular component, use the
384. following table to determine the lines to add to the text file.
385. PowerPoint scanning can be disabled for more than one component if
386. needed by adding the required lines for the desired components.
387.  
388. +---------------------+--------------------------+--------------------+
389. |Windows 95/NT scanner|Windows 95/NT auto-protect|DOS scanner         |
390. +---------------------+--------------------------+--------------------+
391. |[NAVW32]             |[NAVAP]                   |[NAVDX]             |
392. |PowerPointScanning=0 |PowerPointScanning=0      |PowerPointScanning=0|
393. +---------------------+--------------------------+--------------------+
394.  
395. +----------------------+--------------------+--------------------+
396. |Windows 3.1 scanner/AP|Netware scanner         |OS/2 scanner/AP |
397. +----------------------+--------------------+--------------------+
398. |[NAVWIN]              |[NAVNLM]            |[NAVOS2]            |
399. |PowerPointScanning=0  |PowerPointScanning=0|PowerPointScanning=0|
400. +----------------------+--------------------+--------------------+
401.  
402. To enable PowerPoint scanning for a component, delete the lines
403. added for that component from the NAVEX15.INF or NAVEX.INF file.
404.  
405. **********************************************************************
406. **    Additional Information                                            **
407. **********************************************************************
408. SARC has equipped Norton AntiVirus with a new feature called
409. "Infestation Mode."  If a large number of new or unknown viruses
410. is found on the system during a scan, Norton AntiVirus will
411. automatically enable its highest level of detection.  This gives
412. users the most comprehensive protection in cases where a viral
413. infestation may have been detected.  If you would like to disable
414. this feature, you can do so by following these instructions:
415.  
416. 1. Create a text File called NAVEX15.INF in your Norton AntiVirus
417.    directory,e.g., C:\Program Files\Norton AntiVirus. If this file
418.    already exist go to step two.
419.  
420. 2. Place the following lines in this File on the left-hand margin:
421.  
422. [NAVW32]
423. infestmode=0
424.  
425. [NAVDX]
426. infestmode=0
427.  
428. 3. Save the File.
429.  
430.  
431. Additional information regarding this virus definitions update can be
432. found in UPDATE.TXT and TECHNOTE.TXT.
433.