home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
CD-ROM Magazine 23
/
CDRmag23-0.iso
/
INDISP
/
Tbav
/
tbdos707
/
WHATSNEW.707
< prev
Wrap
Text File
|
1997-01-10
|
23KB
|
525 lines
Update report of Thunderbyte Anti-Virus utilities.
Prefixes:
'-' indicates a change that does not require user attention.
'->' indicates a modification that requires user attention, such as a
change in program invocation, etc.
7.07 Product update
-------------------
TbScan:
- Small bugfix with scanning very small COM files
- The 'FatCheck' option now works correctly on drives with very
big cluster sizes.
- TbScan no longer reports clusters which are marked bad as "lost
clusters", but reports them now correctly as "bad marked clusters".
- TbScan now makes use of 32bit instructions. The main reason for this
is to be able to decrypt viruses which make use of 32bit instructions.
In the future, this also allows us to utilize the memory better, and
to speed up some processes. In order to maintain compatibility with
non-32bit processors there are now two versions of TbScan, one for
the 16bit processors (TBSCAN16.EXE) and one for 32bit processors
(TBSCAN32.EXE). TbScan.Exe itself is now a program which determines
the processor type and invokes the correct TbScan version.
-> TbGenSig.Exe is no longer part of the TBAV package. The newer
generation of viruses require much more complex signatures, and
to create these signatures is no longer a do-it-yourself job.
The idea to enable the end user to create signatures comes from the
time when the distribution of virus samples between Anti-Virus
developers, independant researchers, universities, government
agencies, etc. was not organised at all. These days, we are able
to respond to a new outbreak in a couple of hours. It is far easier
for you, the end user, to download a new signature file from us than
to try to create a signature for a polymorphic virus, or to locate a
word macro virus (and thus a signature) in a huge document file.
A second reason for the omission of TbGenSig is that we are in the
process of revising our existing signature structures, and that we
are working on automated signature construction. This gives us a
leading edge in the future when the amount of viruses keeps growing,
and ensures more reliable signatures and a higher response time from
us on new viruses. The tools required to generate these signatures
are very complex and not suitable for the users at all.
Viruses:
- The next viruses had a change of name only:
From: To:
================================================================
_302 MDS.302
_514 Osel.514
_524 Quell.524
_573 Ludwig.573
_586 Exemplary.586
_613 Uncomplete.613
_641 Ush.641
_699 Ever_Willing.699
_768 Dandelion.768
_789 Dayton.789
_1097 Elementary.1097
_1315 Zibbert.1315
_1320 Undesirable.1320
_1391 Quantrain.1391
_1689 Quiff.1689
10_past_3 10_past_3.748/789
2-up 2-up.6000
3_Month Three_Months.509
3Y 3Y.853
4res 4res.1049
4_Seasons.1514 4_Seasons.1514/1534
5lo 5lo.1025
5_volt 5_volt.2659
A&A A&A.506
Abal Abal.758
Abba Carzy.9894
Abraxas.1171 Abraxas.1170-1214 (1170/1171/1214)
Abraxas.1508 Abraxas.1508/1518
Accept Accept.3619/3773
Ache Ache.338/352
Acvt Acvt.1243
Ada Ada.2600
Adin Adin.1488/3026
Admiral.334 Yam.334
Adolf Adolf.475
AEP AEP.626
Agena Agena.723
Ahav Ahav.336-383
Aids.872 Quod.872
Akuku Akuku.891
Alabama Alabama.1560
Albania Albania.429-606 (429/506/575/606)
Albanian Albanian.1991
Alfo.1536 Alfons.1536
Alien Alien.1976
Alien.1364 Alien.1356
AlphaStrike AlphaStrike.2000
Am.1281 Aman.1281
Aman Aman.10716
Amazone_Queen.468/479 Amazone_Queen.467-479
Ambulance Ambulance.795/796
Amoeba Amoeba.1089/1392
Amt Amt.3000/4000
Andreev Andreew.805/851
Andromeda.1536 Andromeda.1536.B
Andromeda.1024 Andromeda.1024.B/C
Angarsk Angarsk.238
Angel Angel.1000
Annihilator.809 VCS.809
AntiCMOS.726 Anti-C.726
AntiGus AntiGus.1570
Antimon Antimon.1450
Anti-SabaDos Anti-SabaDos.815
Antitrace.1334 Antitrace.1334/2122
AntiWin.933 AntiWin.633
AOS AOS.581-863 (581/736/744/752/758
/833/847/854/863)
Apocalipse Apocalipse.1685
Apparition Apparition.700
Appelscha Appelscha.2161
Arab Arab.834
Aragorn Aragorn.1522
Arale Arale.1526
Arara Arara.1054/1735
Arcv.Zaphod Zaphod.399
Areopag Areopag.480
ARJworm ARJworm.5164
Arriba Arriba.1590
Arusiek Arusiek.692/817
Ash Ash.270-743 (270/280/302/441/449/
451/704/708/712/737/743)
Atas_II Atas_II.3215-3321 (3215/3233/3321)
Axe Andromeda.1024.A
Aztech.1200 Sybille.1200
Beech Beech.439
Black_Peter Old_Yankee.1835
BoxBox.1750 BoxBox.1591/1750
COD COD.572
Coib Coib.702
Com2S Com2S.1798
Cosenza Cosenza.2027-3222 (2027/2034/3205/3222)
Cuidado.391 Bell.391
Cybertech.419 Nightbird.419
Czech_Happy Czech.1687
Dash-em Dash-em.1876
Delight Delight.935
Digi_Poll Pollute.823
Disk_Plus_1 Disk_Plus_1.1385
Disk_Spoiler Disk_Spoiler.1308
Dodg.825 Dodger.825
Drug Drug.985
Ear Ear.1024/1026
Ear.Quake-o Ear.960
Ear.Suicide Ear.2048
Earle Earle.1244
Eight_Tunes Eight_Tunes.1971
Fonx.1958 Fonx.1958/1867
Frajer Frajer.649
Gemand Andromeda.1536.A
Grune.1241 Grune.1241
Ha!.1224 Zmiana.1224.B
HBT HBT.394
Heur_message Heur_message.1150-1329
(1150/1328/1329)
HLLC.Christman HLLC.15264
HLLC.Christman (diet-packed) HLLC.15264 (diet-packed)
HLLO.Zalman HLLO.5520
Hopefull Hopefull.484
Inquis Inquis.2653
Japanese_Xmas Japanese_Xmas.600-722 (600/653/722)
Jerusalem.1448 Jerusalem.1446/1448
Kolumna2 Kolumna.1100/2048
Komar Arusiek.691
Kubik.1968 Kubik.912/1968
Lastyear Lastyear.604/743
LeapFrog LeapFrog.516
Leprosy.Spam Leprosy.1306
Leprosy.Xabaras Leprosy.1972
Lines Lines.1792
Listopadu Velvet.1400
Lost.604 Div0.604
Maffy_II Maffy_II.491
Malaga Malaga.A
Mange_Tout Mange_Tout.1099
Milan.Vivisex Milan.683
Month_4-6 Month_4-6.1536
MP1024 Quiz.1024
My_Breed Ass.4834
Neuville Jumper
News Quinine.343
NRLG.1096 Xuxa.1096
Nuts Ear.308
Old_Yankee Old_Yankee.1624-2051
(1624/1641/1755/1961/2051)
Omud Omud.512
Page Vlad.1221
Pottie Leprosy.880
Qdris Jack.416/436
Quartz Quartz.1345
Quicky Quicky.1376
Reklama Reklama.2723
Reset.352 WVP.352/382
Roost WXYC
Russian_Anarchy.2048 Grob.2048
Senorita Senorita.885
Seventh_Son Seventh_Son.284-473
(284/332/334/350/426/428/473)
Shizu Careful.568
Silent_Night Silent_Night.1111/1827
Specified Specified.2048
Stupid Stupid.583/919/1355
Syslock Syslock.2232-3551 (2232/2764/3551)
Teleco Vico.1000
Thanksgiving Thanksgiving.1253
Thirteen_minutes Thirteen_minutes.699
Thirty-Three Thirty-Three.525
Three_Tunes Three_Tunes.1784
Tib Tib.713
Traveller_Jack Traveller_Jack.812/979/980.A/982
Traveller_Jack.854 Traveller_Jack.854/868/883
Traveller_Jack.1008 Traveller_Jack.980B/1008
Trelew Trelew.232
Uddy Uddy.2617
Udm.559 Wart.559
Ufa Ufa.1201
Ugur Ugur.1297/1320
Unlce Unc.1377/1410
Unerase.329 MDS.329
UnEXE UnEXE.425
UnGame UnGame.766/770
Unhandled Unhandled.424
Unite VS.3900
Unskip.1908 Unskip.1908/1909
Urphin.317 Urfin.317
Uruguay.1 Uruguay.2379
Uruguay.2 Uruguay.2313
Uruguay Uruguay.2456-6396
(2456/2623/4268/4879/6344/
6262/4906/6396)
USSR.414 Quail.414
Uvst Uvst.5700
Uzzy Uzzy.548
V-388 MDS.388
V.670 UTA.670
V-756 Peep.756
V3000 Quango.3000
Valentine Valentine.2332
Vampiro Vampiro.1492-1623
(1492/1542/1619/1621/1623)
Vampirus Vampirus.1499
Vandor Vandor.1024
VComm VComm.633-637 (633/636/637)
VCS VCS.1077
VCL.ABX VCLO.508
Vdead Is_Dead.2308
Velvet Velvet.2000
Vengence Vengence.252-613
(252/390/453/613/639/659)
Vico.1000 Vico.500/1000
Victor Victor.2442
Vindicator Vindicator.734
Violetta Violetta.1024/3840
Viros11.429 Viros.429
VirTrap Vidmess.934
Virus.286 Bell.286
VirusC.496 Quaver.496
Vivat Vivat.9382
VME VME.966-2261 (966/1699/1703/2261)
Voice Voice.1495
Voronezh.600 Voronezh.370/600
Vote Vote.1000
VP VP.909
Vriest Vriest.1280
Vrn Voronezh.1536/1584
Walker Walker.3846
Wally Wally.1029
Wanderer.411/484 Wanderer.400-484 (400/403/411/484)
Warrior Warrior.1024
Wasp Wasp.623/903
Wasp.1655 Wasp.1647
Wave Wave.373/454
Weak Weak.1253
We're_Here We're_Here.836
Wharps Wharps.572.A
Wilbur Wilbur.512.A-C (A/B/C)
Wilbur.D Wilbur.512.D
Wildfire Wildfire.2222/2371
Wildy Wildy.354
Willow Willow.1870/2013
Witcode Witcode.966
Wizard Wizard.268/312
Wolfman Wolfman.2064
WZ WZ.499
XAM XAM.797
Xeram Xeram.1664
XTAC XTAC.1564
Yafo Yafo.328
Yam Yam.3596/3599
Yammath Yam.1136
Yog-Sothoth Yog.794
Youth Youth.580-991 (580/640/968/970/991)
ZeroHunter.411-422 ZeroHunter.411-422 (411/415/422)
Ziuck Ziuck.1279/1372
Zmiana.1224 Zmiana.1224.A
Zol Zol.316/799
Zombie Zombie.747
Zulu Zulu.1390
- The next viruses had the indicated changes:
Name Changes
================================================================
Ammit770b Removed
Anti_MIT.764 New signature
Anti_MIT.770.A Removed
Anti_MIT.770.B Removed
Antimit.770.b Removed
Anarchy.6503 New signature
Arg.1206 New signature
Armagedon -> Name change and variant detection
Armagedon.1065-1079
(1065/1066/1074/1079)
Beer -> Beer.645-3612 (0645/ Name change and variant detection
2473/2620/2794/2850/
2920/2984/3164/3192/
3307/3399/3434/3441/
3490/3552/3612)
Democracy -> Name change and new signature
Democracy.3806/3959
InDos -> InDos.522 Name change and new signature
Klubb Removed
Michael.1458 New signature
NoPM.494 New signature
Ox.475 New signature
Satan -> Satan.512-612 Name change and variant detection
(512/599/602/612)
SillyC.190.A New signature
Skew.458 New signature
Stardot.1100 New signature
Stardot.unknown Removed
Sum.1441 New signature
UESTC.888 New signature
USSR-707 -> Quartile.706/707 Name change and variant detection
UU.1200 -> Prodigy.1200 Name change and new signature
V-475 Removed
V.1441 Removed
Vector.441 New signature
Veronika -> Veronika.1549 Name change and variant detection
Zarm.2322 -> Zarm.2322/2389 Variant detection
Zipper -> Zipper.2778/2779 Variant detection
- Added trojan signatures:
Nukex
- Added bootsector signatures:
15_Years.C
3-Devils.A
3-Devils.B
Den_Zuk.3
Malaga.B
Quiz.1024 {mbr}
Redeye
Stoned.Ypm
Thanksgiving.1253 {mbr}
Triple_X
Ufro
Varna.1536 {mbr}
Zaboot
- Added file virus signatures:
ACE.1872
AGA.3000
Akuku.1111
AllFools.659
Andris.843
Angel.662
Angry.393
ANSIbomb.881
Antitrace.1864
AntiWin.2330
Apparition.7035
Asch.794
Asmodeus.1160
Asmodeus.1343
Asmodeus.1437
Asmodeus.1450
Asmodeus.1829
Asmodeus.1833
Assignation.653
AWME:Demo
AWME related
Burglar.777-833 (777/820/824/833)
Burglar.877
Burglar.1004
Burglar.1029
Burglar.1050
Burglar.1365
BW.815
Change.663
Cialocin.807
CLL.947
Corea.926
Corea.941
Corea.998
Corea.1036
Eddy.1039
Eddy.1316
Eddy.1326
Eddy.1333
Eddy.1422-1567 (1422/1444/1457/1463/1478/1482/1542/1551/1567)
Eventide.1061
Jerusalem.Wanderer.1455-1768 (1455/1570/1589/1591/1768)
Jerusalem.Wanderer.1598
Kiwi.550/1000
KOV.1403
KOV.1592
KOV.1712/1722
KOV.1785/1798
KsTro.1029
KsTro.1087
KsTro.1332
Malatinec.2367
MDS.703
Miny.218
Miny.256
Miny.300-444 (300/321/333/444)
Miny.500
Miny.543-666 (543/566/666)
Miny.651
Miny.845/850
Orion.262/365
Overnopped.895
Peel.334
QAWO.719
Quadfive.625
Quibble.948
Quintessence.992
Rosebud.912
Rotator.864
Serre.337
Skvernuk.594
Sluknov.873
Smile.1113
Spaghetti.1259
Stupid.1024
Tai-Pan.513
Tenerife.1550
TSB.1121
Ufo.1469
Umbrella.3173
Unfo.9594
Unhandled.495
Uniq.308/309
Unkempt.1342
Unlucky.2008
UnSpeed.920
Unwanted.550
Urodyne.773
Vampiro.1000
Varna.1536
VCM.493
VCS2.799
Vesna.1614
Viaggio.1051
Video.109
Vienna.1164
Viktoria.480
Viktoria.550
Vorbis.155/166
Vortex.1584-1608 (1584/1588/1592/1596/1600/1604/1608)
Vota.591
VSoft.655
VXT.550
Wadim.531
Walhala.1283
Wanderer.1757/1783
Wanderer.1811-1884 (1811/1845/1852/1862/1884)
Warsaw.850
Wasp.1313
Weekday.1614
WG.728
Wharps.572.B
Whiskey.372/382
White_Lion.942
Wildy.399
Wildy.402
Wildy.421
Wittering.974
WMA.424
WMA.448/451
WSI.853
WSur.1730
WW.658
WZ.436
X-Ray.2050
XGH.1906
Xinix.533 (Garbage)
Xute.1182
Xuxa.1037
Xuxa.1045/1088
Xuxa.2058
Yosha.761
Yosha.975
Youth.577
Zamoy.587
Zarina.509
Zibbert.1268
Zub.792
Zver.512
ZYX.5685 {1}
ZYX.5685 {2}
- Added macro virus signatures and removal for:
ExcelMacro/Sofa
WordMacro/ShowOff
WordMacro/Chandi
