PCMania 1

home *** CD-ROM | disk | FTP | other *** search

/ PCMania 1 / PCM1.ISO / Norton_utilities / setup.exe / NAVSDK / WHATSNEW.TXT < prev next >

Wrap

Text File | 1999-02-02 | 27.8 KB | 476 lines

********************************************************************** ** ** ** What's New in the NAV Virus Definitions Files WHATSNEW.TXT ** ** ** ** Symantec AntiVirus Research Center (SARC) January 11, 1999 ** ** ** ********************************************************************** This document contains the following topics: * Virus Alerts * New Technologies * Changes Incorporated Into This Update * Enabling/Disabling PowerPoint Scanning * Additional Information ********************************************************************** ** Virus Alerts ** ********************************************************************** The fifteen most commonly reported viruses, worldwide: 1 XM.Laroux 2 WM.Concept 3 XM.Extra 4 WM.Cap 5 W97M.Class 6 WM.CopyCap 7 NYB 8 AntiCMOS.A 9 Stealth_Boot.B 10 W95.CIH 11 XF.Paix 12 Stoned.Empire.Monk 13 AntiExe 14 Form.A 15 WM.Wazzu ********************************************************************** ** New Technologies ** ********************************************************************** DATE Technologies Added ---- ------------------ 8/19/98 * Excel heuristics which detect and repair new and unknown macro viruses in Excel 95 & 97 documents. 9/16/98 * Added repair for encrypted Excel 97 documents. 10/21/98 * Heuristics to detect AOL Password Stealer Trojans. * WORD Heuristics improvement to increase detection rate. 12/17/98 * Macro Exclusion Engine to speed up the scanning for Word and Excel documents. * PowerPoint engine to scan PowerPoint related viruses. To enable this technology please read "Enabling/Disabling PowerPoint Scanning" section later in this document. ********************************************************************** ** Changes Incorporated Into This Virus Definitions Update ** ********************************************************************** New virus definitions: Virus Name Infection Type Week added ---------- -------------- ---------- A97M.Amg.Trojan File infector 01/05/99 Alar.4265 File and Boot infector 01/11/99 Andris (b) Boot infector 12/07/98 Aslf (b) Boot infector 12/07/98 Atmosphere.1070 File infector 12/28/98 Avispa.2048.a File infector 12/28/98 Avispa.2048.b File infector 12/28/98 Avispa.2048.d File infector 12/28/98 Azboo (b) Boot infector 01/05/99 Azusa Boot infector 12/14/98 Backform.2000(x) File infector 12/28/98 Bauh.974 File infector 12/28/98 Berlin.434b File infector 12/28/98 Blagg.624 File infector 01/05/99 Bleah.d (b) Boot infector 12/07/98 BoringBat.441 File infector 01/05/99 Butterfly (x) File infector 12/28/98 BYE.641 File infector 01/05/99 BYE.641(2) File infector 01/05/99 BYE.641(3) File infector 01/05/99 BZZ-Based.522 File infector 12/28/98 Carriers.6582 File infector 12/28/98 Carriers.6589 File infector 01/11/99 Catal.660 File infector 12/28/98 Coca.509 File infector 12/28/98 Crazypunk.500 File infector 12/28/98 Crazypunk.500(2) File infector 12/28/98 Crazypunk.500(3) File infector 12/28/98 Crazypunk.500(4) File infector 12/28/98 Creeper.472d File infector 01/05/99 CRUNCHER.2092 File infector 12/28/98 DarkMatter.744 File infector 12/28/98 dboo_1 (b) Boot infector 12/07/98 dboo_2 (b) Boot infector 12/07/98 DeepThroat.Trojan File infector 12/17/98 Die.490 File infector 01/05/99 Dre.756 File infector 12/28/98 DreamSpace.mp (b) Boot infector 12/07/98 Drepo.2470 File infector 12/07/98 DuBug.3999 (1) File infector 12/17/98 DuBug.3999 (2) File infector 12/17/98 Energy (b) Boot infector 12/17/98 Ermua (b) Boot infector 12/17/98 EVC.Gr.u File infector 12/28/98 Flame Boot infector 12/14/98 GCAE.SPHINX.2578 File infector 12/28/98 GeeZee.464 File infector 01/11/99 Ghost (b) Boot infector 12/07/98 Gonzal.60 File infector 01/11/99 GreenDay (b) Boot infector 12/07/98 GW.1000 File infector 12/28/98 HH&H (b) Boot infector 12/07/98 HLL.14042 File infector 12/14/98 HLL.14042(2) File infector 12/14/98 HLLC.12896 File infector 12/14/98 HLLC.12896(2) File infector 12/14/98 HLLC.17690 File infector 12/07/98 HLLC.8210 File infector 12/14/98 HLLC.8210(2) File infector 12/14/98 HLLC.Godsquad File infector 12/28/98 HLLC.Godsquad(2) File infector 12/28/98 HLLC.Godsquad(3) File infector 12/28/98 HLLO.6726 File infector 12/28/98 HLLO.6726(2) File infector 12/28/98 HLLO.6726(3) File infector 12/28/98 HLLO.9856 File infector 12/28/98 HLLO.9856(2) File infector 12/28/98 HLLO.9856(3) File infector 12/28/98 HLLO.Honi.52480 File infector 12/07/98 HLLo.Invader.4751(2) File infector 12/28/98 HLLO.Invader.7451 File infector 12/28/98 HLLP.16196 File infector 12/28/98 HLLP.16196(2) File infector 12/28/98 HLLP.16196(3) File infector 12/28/98 HLLP.16196(4) File infector 12/28/98 HLLP.4109 File infector 12/28/98 HLLP.4109(2) File infector 12/28/98 HLLP.5952 File infector 12/28/98 HLLP.5952 (2) File infector 12/28/98 HLLP.5952 (3) File infector 12/28/98 HLLP.7299 File infector 12/28/98 HLLP.7299(2) File infector 12/28/98 HLLP.Eek.9652 File infector 12/28/98 HLLP.Kremlin.5055 File infector 12/07/98 HLLP.Kremlin.5055 (2) File infector 12/07/98 HLLP.Kremlin.5055 (3) File infector 12/07/98 HLLP.Matrix.5549 File infector 12/07/98 HLLP.Matrix.5549 (2) File infector 12/07/98 HLLP.Matrix.5549 (3) File infector 12/07/98 HLLT.5236 File infector 12/28/98 HLLT.5326(2) File infector 12/28/98 HLLT.5326(3) File infector 12/28/98 House.397 (1) File infector 01/05/99 HTML.Enel.3787 File infector 12/07/98 HTML.Enel.3787 (2) File infector 12/07/98 HTML.NoWarn.1921 File infector 12/07/98 HTML.NoWarn.1921 (2) File infector 12/07/98 HTML.Offline.1152 File infector 12/07/98 HTML.Redir.1152 File infector 12/07/98 HTML.Tipsy.1969 File infector 12/07/98 ICQ.Revenge.Trojan File infector 12/17/98 Idie.3520 File and Boot infector 01/05/99 Idie.3520 (2) File and Boot infector 01/05/99 Idie.3520 (b) Boot infector 01/05/99 Immense.3252 File infector 12/07/98 Implant.mp.6128.a File and Boot infector 12/17/98 Implant.mp.6144 (b) Boot infector 12/07/98 Intended.Ontario (b) Boot infector 12/28/98 Intended.Tbyte File infector 01/05/99 Intended.Tbyte (2) File infector 01/05/99 Iris.567 File infector 12/28/98 IVP.608 File infector 01/05/99 Jilt.667 File infector 12/28/98 Jindra (b) Boot infector 12/17/98 Jonny5.486 File infector 12/28/98 Jorgito.GR File infector 12/28/98 JS.Bunny.1455 File infector 12/07/98 JS.Bunny.1455 (2) File infector 12/07/98 Kampi.4181 File infector 12/17/98 Kampi.4181 (1) File infector 12/28/98 Kampi.4181 (2) File infector 12/17/98 Kampi.4181(2) File infector 12/28/98 Kampi.4181(3) File infector 12/28/98 Kampi.4181(4) File infector 12/28/98 KARA.739 File infector 01/05/99 KARA.739(2) File infector 01/05/99 KARA.739(3) File infector 01/05/99 KARA.739(4) File infector 01/05/99 Keypress.1232 (x) File infector 12/17/98 Khizhnjak.406 File infector 01/05/99 Khizhnjak.406(2) File infector 01/05/99 Khizhnjak.406(3) File infector 01/05/99 Khizhnjak.406(4) File infector 01/05/99 Kl.c (b) Boot infector 12/17/98 Kotos.870 File infector 12/28/98 Kusps.658 File infector 01/05/99 Kusps.658(x) File infector 01/05/99 Lame.1632 (1) File infector 12/07/98 Lamerman.b File infector 12/28/98 Lamerman.b (2) File infector 12/28/98 Lamerman.b (b) Boot infector 12/28/98 LEO.293 File infector 01/05/99 LEO.293(2) File infector 01/05/99 LEO.293(3) File infector 01/05/99 LEO.293(4) File infector 01/05/99 Lexotran File infector 12/07/98 Lexotran (2) File infector 12/07/98 LLP.791 File infector 12/28/98 LLP.791 (1) File infector 01/05/99 LLP.791 (2) File infector 12/28/98 LLP.791(2) File infector 01/05/99 LLP.791(3) File infector 01/05/99 Locust.1456 File infector 12/28/98 Locust.1456 (2) File infector 12/28/98 MAINMAIN.200(3) File infector 01/05/99 MAINMAN.200 File infector 01/05/99 MAINMAN.200(2) File infector 01/05/99 Mammoth.mp.4893.a (b) Boot infector 12/07/98 Mammoth.mp.4893.b (b) Boot infector 12/07/98 Maverick.3584 File infector 01/11/99 Memor (b) Boot infector 12/07/98 Mercury.831 File infector 12/28/98 Mogollon (b) Boot infector 12/17/98 MOSKAU.846 File infector 12/28/98 MPCd.727 File infector 12/28/98 MPCe.283 File infector 12/28/98 MPCe.284 File infector 12/28/98 Mr.Schu.490 File infector 12/28/98 Nauru.444 File infector 01/05/99 Nemo.848 File infector 12/28/98 Netspy.Trojan File infector 12/17/98 NSD.300 File infector 12/28/98 Odessa.727 (1) File infector 01/05/99 Olivia.GR File infector 12/14/98 Olivia.GR (X) File infector 12/14/98 P97M.Vic.A File infector 12/17/98 Paraguay.2750 File infector 01/11/99 Pebble (b) Boot infector 12/07/98 Peru (b) Boot infector 12/17/98 PH33R.1262 File infector 01/05/99 Phil.4096.mp (b) Boot infector 12/07/98 Phoenix.2000 (4) File infector 12/17/98 Phoenix.2000b File infector 12/07/98 Phoenix.2000b (2) File infector 12/07/98 PIZ.1176 File infector 12/28/98 Plaque.BAT File infector 12/07/98 Predator.1055 File infector 01/05/99 Predator.1055(2) File infector 01/05/99 Printscreen.b (b) Boot infector 12/28/98 QNPC.Thief.Trojan File infector 12/17/98 Radyum.427 File infector 01/05/99 RagDoll.945 File infector 12/07/98 RDA.KeyB File infector 01/11/99 Redarc.343 File infector 12/28/98 Redarc.343(2) File infector 12/28/98 Revenge.2816 File infector 01/05/99 Rhubarb (b) Boot infector 12/17/98 Riverco.2959 File infector 12/07/98 Rubbit.681 File infector 12/07/98 Rusti.225 File infector 12/28/98 Serg.424b File infector 12/07/98 SGWW.Bomber.1371 File infector 01/11/99 SillyOC-52 File infector 01/05/99 SillyOC-52 (2) File infector 01/05/99 SillyORC.144 File infector 01/05/99 SillyORC.144 (2) File infector 01/05/99 Skopal.1599 (m) File infector 12/17/98 Smun (b) Boot infector 12/07/98 Spanska.4270 File infector 12/28/98 Spanska_II.427 File infector 01/05/99 Stoned.AntiExe Boot infector 01/11/99 Stoned.Elythnia (b) Boot infector 12/28/98 Stoned.WXYC (b) Boot infector 12/28/98 Taek.1847 File infector 12/07/98 Termite File infector 12/07/98 Terror.1085 File infector 12/07/98 Tesv.232 File infector 01/05/99 TMC.B File infector 12/17/98 Tolkien (b) Boot infector 12/07/98 Trivial.c.ow (1) File infector 01/05/99 Trivial.Renegade (2) File infector 12/28/98 Trivial.Renegade (3) File infector 12/28/98 Trivial.Renegade.1842 File infector 12/28/98 TrivialMut.80 File infector 12/28/98 TrivialMut.80(2) File infector 12/28/98 TrivialMut.80(3) File infector 12/28/98 TSM.5536 File infector 12/17/98 Tula.1997 File infector 12/28/98 Tved.test.770 File infector 01/11/99 Uniform (b) Boot infector 12/07/98 Vanq.688 File infector 01/05/99 VCCb.436 File infector 12/28/98 VCL.Lamp.558 File infector 12/07/98 VCL.Timothy.641 File infector 01/05/99 Vini.793 File infector 12/28/98 Virogen.Pinworm.b File infector 12/17/98 Vrn.2276 File infector 12/07/98 Vrn.2276 (2) File infector 12/07/98 Vulcan.227 File infector 12/28/98 Vulcan.294 File infector 12/28/98 Vulcan.307 File infector 12/28/98 Vulcan.480 File infector 12/28/98 Vulcan.480(x) File infector 12/28/98 Vulcan.484 File infector 12/28/98 W32.RemExp.Corrupt File infector 12/28/98 W32.RemExp.Corrupt(2) File infector 12/28/98 W32.RemoteExplore File Infector 12/22/98 W95.K32 File infector 12/17/98 W95.Padania (Gen1) File infector 12/07/98 W95.Parvo File infector 12/07/98 W97M.Bauer.Trojan File infector 12/07/98 W97M.Carrier.D File infector 12/07/98 W97M.Chack.Variant File infector 12/07/98 W97M.ColdApe.C File infector 12/28/98 W97M.Footprint File infector 12/07/98 W97M.Nottice.K File infector 12/17/98 W97M.Passbox.C File infector 12/07/98 W97M.Steroid.Variant File infector 12/07/98 W97M.VMPCK1.BE File infector 12/17/98 W97M.VMPCK1.BF File infector 12/17/98 W97M.ZMK.O File infector 12/07/98 Wind.1026.b File infector 12/07/98 WinNuke.Trojan File infector 12/28/98 WM.Imposter.G File infector 12/17/98 WM.MDMA.BK File infector 12/17/98 WM.Mentes.C File infector 12/17/98 WM.Niceday.AA File infector 01/05/99 WM.Schumann.AA File infector 12/17/98 WM.Setmd.D File infector 12/07/98 WM.Stall.C File infector 12/07/98 WM.Twno.AR File infector 12/17/98 WM.Wazzu.FQ File infector 12/17/98 WWPE.RSA.4819 File infector 01/11/99 X97M.Laroux.FG File infector 12/28/98 X97M.Laroux.HK File infector 01/11/99 Xany.314 File infector 12/28/98 XM.2401 File infector 01/11/99 XM.Laroux.FA File infector 12/07/98 XM.Laroux.GG File infector 12/07/98 XRF.3730 File infector 12/28/98 Yeast.702 File infector 12/28/98 Yosha.b (b) Boot infector 12/17/98 Yosha.Zadig.1276 File infector 01/11/99 Yowler (1) File infector 12/28/98 Yowler (2) File infector 12/28/98 Zany.129 File infector 12/28/98 Zany.160e File infector 01/05/99 Zany.181b File infector 12/28/98 Zany.218b File infector 12/28/98 Zombie.ZCME.8192 File infector 12/07/98 Name Changes: Old Virus Name New Virus Name Date changed -------------- -------------- ------------ Beware.1643 to Dual_GTM.1643 (x) 12/28/98 Dark Elf.3692 to Dr Demon.mp.4634 12/07/98 HLLP.4109 to HLLP.4109 (1) 12/28/98 HLLP.4109(2) to HLLP.4109 (2) 12/28/98 Trojan.APS to PWsteal.Trojan.4409 10/12/98 Trojan.BOD to BOD.Trojan 10/12/98 Trojan.Bruces.GF (1) to Bruces.GF.Trojan 10/12/98 Trojan.Bruces.GF (2) to Bruces.GF(2).Trojan 10/12/98 Trojan.Bruces.GF (3) to Bruces.GF.Trojan(3) 10/12/98 Trojan.Candy to Candy.Trojan 10/12/98 Trojan.DMSetup2 to DMSetup2.IRC.Trojan 10/12/98 Trojan.Hacked to Hacked.Trojan 10/12/98 Trojan.HaltYou to HaltYou.Trojan 10/12/98 Trojan.ICKiller to ICKiller.Trojan 10/12/98 Trojan.Orchid to Orchid.Trojan 10/12/98 Trojan.Plimo to Plimo.Trojan 10/12/98 Trojan.Typhoon to Typhoon.Trojan 10/12/98 Trojan.ViperX to ViperX.Trojan 10/12/98 Trojan.W95.Netbus to Netbus.W95.Trojan 10/12/98 Trojan.W95.Netbus.160 to Netbus.160.W95.Trojan 10/12/98 Trojan.Win.Dontt to Dontt.Win.Trojan 10/12/98 Trojan.Win.FY to FY.Win.Trojan 10/12/98 Trojan.Win.Taskkill to Taskkill.Win.Trojan 10/12/98 Trojan.Win95.Jerk to Jerk.Win95.Trojan 10/12/98 Trojan_4283 to Trojan_4283.Trojan 10/12/98 WM.Concept.CN to WM.Leveler.A 10/12/98 XM.Laroux.DR to XM.Laroux.DX 10/12/98 XM.Laroux.DW to XM.Laroux.EI 01/11/99 XM.Laroux.DX to XM.Laroux.DZ 10/12/98 XM.Laroux.FW to XM.Forecast 01/11/99 Deletions: Virus Name Infection Type Date removed ---------- -------------- ------------ Avispa File infector 12/17/98 Azusa (z) Boot infector 12/14/98 DuBug.3999 (1) File infector 12/17/98 DuBug.3999 (2) File infector 12/17/98 Flame (z) Boot infector 12/14/98 HLLO.4742 File infector 12/07/98 HLLP.4983 (1) File infector 12/14/98 HLLP.4983 (2) File infector 12/14/98 HLLP.4983 (3) File infector 12/14/98 PS-MPC (4) File infector 12/07/98 TMC.B File infector 01/11/99 Virogen.Pinworm (1) File infector 12/17/98 Virogen.Pinworm (2) File infector 12/17/98 Virogen.Pinworm (3) File infector 12/17/98 ********************************************************************** ** Enabling/Disabling PowerPoint Scanning ** ********************************************************************** To enable PowerPoint scanning in NAV for Windows 95/NT version 4.0 or greater, a text file named NAVEX15.INF should be placed in the directory where NAV 4.0 is installed (i.e., C:\Program Files\Norton AntiVirus). To enable PowerPoint scanning in NAV for Windows 95/NT version 2.0, NAV 4.0 for Windows 3.1/DOS, NAVIEG 1.0, or NAVFW 1.0 a text file named NAVEX.INF should be placed in the directory where NAV is installed (i.e., C:\NAV). The contents of the text file, NAVEX15.INF or NAVEX.INF, determine which components of NAV have PowerPoint scanning enabled. To enable PowerPoint scanning for a particular component, use the following table to determine the lines to add to the text file. PowerPoint scanning can be enabled for more than one component if needed by adding the required lines for the desired components. +---------------------+--------------------------+--------------------+ |Windows 95/NT scanner|Windows 95/NT auto-protect|DOS scanner | +---------------------+--------------------------+--------------------+ |[NAVW32] |[NAVAP] |[NAVDX] | |PowerPointScanning=1 |PowerPointScanning=1 |PowerPointScanning=1| +---------------------+--------------------------+--------------------+ +----------------------+ |Windows 3.1 scanner/AP| +----------------------+ |[NAVWIN] | |PowerPointScanning=1 | +----------------------+ To disable PowerPoint scanning for a component, delete the lines added for that component from the NAVEX15.INF or NAVEX.INF file. ********************************************************************** ** Additional Information ** ********************************************************************** SARC has equipped Norton AntiVirus with a new feature called "Infestation Mode." If a large number of new or unknown viruses is found on the system during a scan, Norton AntiVirus will automatically enable its highest level of detection. This gives users the most comprehensive protection in cases where a viral infestation may have been detected. If you would like to disable this feature, you can do so by following these instructions: 1. Create a text File called NAVEX15.INF in your Norton AntiVirus directory,e.g., C:\Program Files\Norton AntiVirus. If this file already exist go to step two. 2. Place the following lines in this File on the left-hand margin: [NAVW32] infestmode=0 [NAVDX] infestmode=0 3. Save the File. Additional information regarding this virus definitions update can be found in UPDATE.TXT and TECHNOTE.TXT.