home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Cream of the Crop 26
/
Cream of the Crop 26.iso
/
virus
/
scn_303e.zip
/
WHATSNEW.TXT
< prev
Wrap
Text File
|
1997-07-15
|
22KB
|
873 lines
What's New in VirusScan for DOS v3.0.3 (3007)
Copyright 1994-1997 by McAfee, Inc.
All Rights Reserved.
Thank you for using McAfee's VirusScan for DOS.
This What's New file contains important information
regarding the current version of this product.
It is highly recommended that you read the
entire document.
McAfee welcomes your comments and suggestions.
Please use the information provided in this file
to contact us.
___________________
WHAT'S IN THIS FILE
- New Features
- Known Issues
- Installation
- Documentation
- Frequently Asked Questions
- Contact McAfee
____________
NEW FEATURES
1. VirusScan now features a new command-line option,
/LONGYEAR. When this option is used in a VirusScan
command, dates will be reported in the on-screen
display and in any generated reports with four-digit
years (i.e. 1997). When the /LONGYEAR option is not
used, years will appear in two-digit format (i.e. 97).
*ENHANCEMENTS*
VirusScan for DOS v3.0.2 (or later), in conjunction with
the 3007 DAT files, has the ability to detect and remove
viruses from Word document files infected by viruses that
password protect documents. When VirusScan detects an
infection of this type, it not only can clean the virus,
but also remove the password protection.
We are very proud to provide this detection and removal
capability beyond the abilities of competing products.
Only password protection put in place by viruses are
removed from files. Thus a file that was password
protected by the user, if infected by virus, will not
have its password removed. In such cases, you must
remove the password before VirusScan can remove the
virus. VirusScan will, of course, still detect and inform
you of the infection.
Though VirusScan could have the ability to remove all
passwords, it has been designed with the best possible
compromise between functionality and security. This was
the design preferred by respondents to an internet poll
conducted by McAfee.
* NEW VIRUSES DETECTED *
This DAT file detects the following 174 new viruses.
Locations that have experienced particular problems
with specific viruses are also identified.
ALIEN.F
ALLIANCE.B
ANT.B:TW
APPDER.F (Singapore)
ASBV
BALROG.A
BANDUNG.AP
BANDUNG.AQ
BANDUNG.AR
BEEPER.A
BEEPER.B
BISMARK.E
BOX.D:TW
CALENDAR.A
CAP.B
CAP.C
CAP.G
CAP.H
CAP.N
CAP.O
CAP.Q
CAP.R
CAP.S
CAP.T
CAP.V
CAP.W
CEBU.A
CLOCK.I:DE
CMD.A
COLORS.BC
COLORS.BD
COLORS.BE
COLORS.BF
COLORS.BG
COLORS.BH
COLORS.BI
COLORS.BJ
COLORS.BK
CONCEPT.AT
CONCEPT.AU
CONCEPT.AV
CRASH.A
CVCK1:KIT
DANCE.A
DIR-II.1536.G
DOGGIE.E
DRACULA.A
DZT.E (US)
DZT.F
ERASER.M:TW (INTENDED)
ERASER.N:TW (INTENDED)
ERASER.O:TW
ERASER.P:TW (TROJAN)
ETERNITY.599
FUZZY.A
GOLDFISH.C
HELPER.D
HELPER.E
HLLO.6736
HLLP.7072
HLLP.8832
HOOTERS.5000
HYBRID.E
HYBRID.F
IMMORTAL.2174
IMPOSTER.C
IRISH.Q
JERUSALEM-1813-DROPPPER (FRI 13TH)
JM.710
JOHNNY.N
JOHNNY.N1
KILLOK.A
KILLOK.B
KILLOK.C
KOMPU.D
LAHYANI.1356
LEMON.B
LITHI.4113
LUNCH.D
MARK:TW
MDMA.H
MDMA.S
MDMA.U
MERCY1B.575
MINIMAL.P
NICEDAY.K
NICEDAY.L
NICEDAY.M
NICEDAY.N
NJ-DLK1.I (INTENDED)
NJ-WMDLK1.H
NOPRINT.A
NPAD.BK
NPAD.BQ
NPAD.BR
NPAD.BS
NPAD.BT
NPAD.BU
NPAD.BV
NPAD.BW
NPAD.BX
NPAD.BY
NPAD.BZ
NPAD.CA
NPAD.CB
NPAD.CC
NPAD.CD
NUCLEAR.N
PAYCHECK.D
PG
PIG.C:TW
PS-MPC.702
QUICK.A
RAPI.AJ2
RED.A:DE
REHENES.A
SAFWAN.A
SCHUMANN.A
SHOWOFF.BD
SHOWOFF.BE
SHOWOFF.BF
SHOWOFF.BG
SHOWOFF.BH
SHOWOFF.BI
SHOWOFF.BJ
SHOWOFF.BK
SHOWOFF.BL
SHOWOFF.BM
SHOWOFF.BN
SHOWOFF.BO
SHOWOFF.BP
SHOWOFF.BQ
SHOWOFF.BR
SHOWOFF.BS
SMILEY.C:DE
SPANSKA.1120.B (Internet)
SPARKLE.A
SWLABS.C
TALON.K
TEMPLE.B
TRAP.A:TW
TRAP.B:TW
TRAP.C:TW
TRAP.D:TW
TRIVIAL.170
TWNO.Z:TW
TWOLINES.J
TWOLINES.J1
TWOLINES.K
TWOLINES.K1
TWOLINES.L
TWOLINES.L1
TWOLINES.M
TWOLINES.M1
TWOLINES.N1
TWOLINES.O
TWOLINES.O1
TWOLINES.P
TWOLINES.P1
UNCOMPLETED.613
UNDERGRO.A
VAMPIRE.A:TW
VAMPIRE.B:TW
VARMINT.A:TW
VICINITY.A:DE (Austria)
WAZZU.CE
WAZZU.CF
WAZZU.CG
WAZZU.CH
WAZZU.CI
WMVH1.KIT:TW (TROJAN)
XM/LAROUX.D (Europe)
XM/LAROUX.E (Hong Kong)
ZASHIB.A
* NEW VIRUSES CLEANED *
This DAT file cleans the following 154 new viruses.
Locations that have experienced particular problems
with specific viruses are also identified.
ALIEN.F
ALLIANCE.B
ANT.B:TW
APPDER.F (Singapore)
ASBV
BALROG.A
BANDUNG.AP
BANDUNG.AQ
BANDUNG.AR
BOX.D:TW
CALENDAR.A
CAP.B
CAP.C
CAP.G
CAP.H
CAP.N
CAP.O
CAP.Q
CAP.R
CAP.S
CAP.T
CAP.V
CAP.W
CEBU.A
CLOCK.I:DE
COLORS.BC
COLORS.BD
COLORS.BE
COLORS.BF
COLORS.BG
COLORS.BH
COLORS.BI
COLORS.BJ
COLORS.BK
CONCEPT.AT
CONCEPT.AU
CONCEPT.AV
CRASH.A
CVCK1:KIT
DANCE.A
DIR-II.1536.G
DRACULA.A
DZT.E (US)
DZT.F
ERASER.M:TW (INTENDED)
ERASER.N:TW (INTENDED)
ERASER.O:TW
ERASER.P:TW (TROJAN)
ETERNITY.599
FUZZY.A
GOLDFISH.C
HYBRID.E
HYBRID.F
IMMORTAL.2174
IMPOSTER.C
IRISH.Q
JM.710
JOHNNY.N
JOHNNY.N1
KILLOK.A
KILLOK.B
KOMPU.D
LAHYANI.1356
LEMON.B
LITHI.4113
LUNCH.D
MDMA.S
MDMA.U
MERCY1B.575
MINIMAL.P
NICEDAY.K
NICEDAY.L
NICEDAY.M
NICEDAY.N
NOPRINT.A
NPAD.BQ
NPAD.BR
NPAD.BS
NPAD.BT
NPAD.BU
NPAD.BV
NPAD.BW
NPAD.BX
NPAD.BY
NPAD.BZ
NPAD.CA
NPAD.CB
NPAD.CC
NPAD.CD
NUCLEAR.N
PAYCHECK.D
PG
PIG.C:TW
PS-MPC.702
QUICK.A
RAPI.AJ2
RED.A:DE
REHENES.A
SAFWAN.A
SCHUMANN.A
SHOWOFF.BD
SHOWOFF.BE
SHOWOFF.BF
SHOWOFF.BG
SHOWOFF.BH
SHOWOFF.BI
SHOWOFF.BJ
SHOWOFF.BK
SHOWOFF.BL
SHOWOFF.BM
SHOWOFF.BN
SHOWOFF.BO
SHOWOFF.BP
SHOWOFF.BQ
SHOWOFF.BR
SHOWOFF.BS
SMILEY.C:DE
SPANSKA.1120.B (Internet)
SPARKLE.A
SWLABS.C
TEMPLE.B
TRAP.A:TW
TRAP.B:TW
TRAP.C:TW
TRAP.D:TW
TRIVIAL.170
TWNO.Z:TW
TWOLINES.J
TWOLINES.J1
TWOLINES.K
TWOLINES.K1
TWOLINES.L
TWOLINES.L1
TWOLINES.M
TWOLINES.M1
TWOLINES.N1
TWOLINES.O
TWOLINES.O1
TWOLINES.P
TWOLINES.P1
UNCOMPLETED.613
UNDERGRO.A
VAMPIRE.A:TW
VAMPIRE.B:TW
VICINITY.A:DE (Austria)
WAZZU.CE
WAZZU.CF
WAZZU.CG
WAZZU.CH
WAZZU.CI
WMVH1.KIT:TW (TROJAN)
XM/LAROUX.D (Europe)
XM/LAROUX.E (Hong Kong)
ZASHIB.A
____________
KNOWN ISSUES
1. Legitimate programs which write to the Master
Boot Record of a disk, such as some disk security
programs, may be identified by VirusScan as a
"probable unknown boot sector virus." If this
problem is encountered, use the /NODDA command-line
switch. This prevents VirusScan from scanning the
Master Boot Record of the disk.
2. This DAT file, 3007, is compatible with VirusScan's
v3.x engines only. This DAT file is not intended for
use with the VirusScan v2.5.x series.
3. If a CD-ROM is present in the CD-ROM drive, the /ADL
command-line option will not result in a scan of the
CD-ROM, but using the /ADN option will. The VirusScan
User's Guide incorrectly states that using the /ADL
option will result in a scan of the CD-ROM drive.
4. SCAN.LOG, the log file created by VirusScan when using
the /LOG command-line option, is created in the root
directory of the drive that is being scanned. The
VirusScan User's Guide incorrectly states that the log
file is created in the root of the current drive.
____________
INSTALLATION
* INSTALLING THE PRODUCT *
Perform one of the following installation procedures
depending on which version of VirusScan for DOS you
want to install.
1. For the installable version of VirusScan for DOS,
take the following steps:
a. Execute the INSTALL.BAT program.
b. Follow the on-screen instructions.
By default, McAfee's installation program makes
a directory on the hard disk drive named
C:\MCAFEE\VIRUSCAN and copies the program files
to that directory.
The installation script adds the directory
to the path statement in your AUTOEXEC.BAT file
and adds two lines that reference the VShield
program to provide on-access virus prevention.
For the most complete virus protection, McAfee
recommends using the /ANYACCESS switch.
or
2. For the non-installable version of VirusScan for
DOS, take the following steps:
a. Make a directory on your hard disk drive.
b. Copy the files to that directory.
c. Add that directory to the path statement in
your AUTOEXEC.BAT file.
* PRIMARY PROGRAM FILES FOR VIRUSSCAN FOR DOS *
Files located in the Install directory:
=======================================
SCAN.EXE = VirusScan for DOS program
README.1ST = McAfee information
PACKING.LST = Packing list
VALIDATE.EXE = Authenticity validation program
SCAN.DAT = Virus scan definition data
NAMES.DAT = Virus names definition data
CLEAN.DAT = Virus clean definition data
WHATSNEW.TXT = What's New document
RESELLER.TXT = McAfee authorized resellers
* TESTING YOUR INSTALLATION *
The Eicar Standard AntiVirus Test File is a combined effort
by anti-virus vendors throughout the world to come up
with one standard by which customers can verify their
anti-virus installations.
To test your installation, copy the following line into its
own file and name it EICAR.COM.
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
When done, you will have a 69- or 70-byte file.
When VirusScan is applied to this file, SCAN will report
finding the EICAR-STANDARD-AV-TEST-FILE virus.
It is important to know that THIS IS NOT A VIRUS. However,
users often have the need to test that their installations
function correctly. The anti-virus industry, through the
European Institute for Computer Antivirus Research, has
adopted this standard to facilitate this need.
Please delete the file when installation testing is
completed so unsuspecting users are not unnecessarily
alarmed.
* UNINSTALLING THE PRODUCT *
Follow the instructions outlined below to uninstall the
installable version of VirusScan for DOS.
1. Execute VSHIELD/REMOVE to remove VShield from
memory, then remove the files from your hard
drive and remove any lines in your AUTOEXEC.BAT
file that call VShield. If an error message is
displayed indicating that VShield could not be
removed from memory, take the following step.
2. Edit your AUTOEXEC.BAT file and remove all lines
that call VShield, then reboot your system. On
restarting your system, VShield will not be loaded
into memory and you can remove the files from your
hard drive.
Note: If the files are removed from your hard drive
prior to removing VShield from memory, an error
message will be displayed until you remove
VShield from memory or restart your system.
_____________
DOCUMENTATION
For more information, refer to the VirusScan User's Guide,
included on the CD-ROM versions of this program or
available from McAfee's BBS and FTP site. McAfee Document-
ation files are in Adobe Acrobat Portable Document Format
(.PDF) and can be viewed using Adobe Acrobat Reader. This
form of electronic documentation includes hypertext links
and easy navigation to assist you in finding answers to
questions about your McAfee product.
Adobe Acrobat Reader is available on CD-ROM in the ACROREAD
subdirectory. Adobe Acrobat Reader also can be downloaded
from the World Wide Web at:
http://www.adobe.com/Acrobat/readstep.html
VirusScan documentation can be downloaded from McAfee's BBS
or the World Wide Web at:
http://www.McAfee.com
For more information on viruses and virus prevention,
see the McAfee Virus Information Library, included on the
CD-ROM version of this product or available from McAfee's
BBS and FTP site. A ViaGrafix Interactive Anti-virus
Training program also is available on the CD-ROM version,
or can be purchased from the McAfee Web Site.
__________________________
FREQUENTLY ASKED QUESTIONS
Regularly updated lists of frequently asked questions
about McAfee products also are available on McAfee's
BBS, website, and CompuServe and AOL forums.
Q: How do I enable McAfee's Centralized Alerting and
Reporting option?
A: VirusScan now supports Centralized Alerting and
Reporting to a remote NetWare or Windows NT servers
running NetShield for Windows NT v2.5.3 and later
or NetShield for NetWare v2.3.3 and later. To
configure this option on your VirusScan client,
use the /ALERTPATH <directory> option, where the
<directory> is the path to the remote NetWare
volume or NT directory. From this directory,
NetShield can broadcast or compile the alerts
and reports
according to its established configuration.
NOTE: The client must have write access to this
<directory> location and the directory must contain
the NetShield-supplied CENTALRT.TXT file.
To send a complete alerting file identifying the
system and user, establish the following environment
variables or add them to the AUTOEXEC.BAT file.
Set COMPUTERNAME=<name of computer>
Set USERNAME=<user name>
The alert file sent to the server is an .alr text
file. Upon receipt of the alert file, NetShield NT
or NetShield for NetWare sends an alert message to
an adminisrator and/or appropriate personnel.
Q: What can I do to scan my zip drive when VirusScan is
unable to access it?
A: If you are experiencing problems accessing your zip
drive, go to the VirusScan directory, and type
SCAN X: /NODDA (where X is the letter of your zip
drive). Using this switch will allow you to access
and scan your zip drive.
Q: I have created my own Emergency diskette, how
can I optimize it's performance?
A: For optimal performance, create a CONFIG.SYS file on
the boot diskette and add the following lines:
[CONFIG.SYS]
DEVICE=HIMEM.SYS
DOS=HIGH
Also, add the HIMEM.SYS file from the DOS directory
to the boot diskette.
Note: For detailed instructions on creating an Emergency
diskette, refer to the instructions outlined in your
online documentation or see FaxBack Document #214.
Q: What does McAfee recommend for systems that have
low conventional memory?
A: McAfee recommends using ScanPM for low memory environ-
ments. ScanPM is a command-line scanner with a reduced
conventional memory footprint, that operates in
protected mode command-line environments.
ScanPM is available for a free evaluation and can be
downloaded from the online services listed below.
Q: What is the difference between the VShield DOS TSR
and VirusScan for DOS?
A: #1 VShield installs itself in memory and stays
resident in memory to monitor your system for
viral activity. If an infected program is
executed or an infected boot sector is accessed,
VShield will display a warning that a virus
is present.
A: #2 VirusScan for DOS is an on-demand scanner that
allows you to perform a complete or partial
scan of your computer, floppies, and CD's at
any time. VirusScan for DOS can run customized
scans through a large set of command line
switches.
Q: How can I run VirusScan for DOS from a Netware login
script without running out of memory?
A: If you are having memory problems when trying to
run VirusScan for DOS from a NetWare login script,
take these steps to resolve the issue:
1. Rename LOGIN.EXE to LOGIN1.EXE and remove
any references to VirusScan.
2. Create a batch file named LOGIN.BAT.
3. On the first line of the batch file, run your
scan with whatever switches you want to include.
4. On the second line of the batch file, run
LOGIN1.EXE.
By taking these steps, you eliminate the problem
of having LOGIN.EXE and SCAN.EXE in memory at the
same time. This allows VirusScan for DOS to run
prior to accessing the network and allows your login
script to be processed without complications.
Q: Can I clean the Master Boot Record (MBR) of a
Windows NT file system (NTFS) formatted hard drive?
A: Yes. Take these steps to clean the MBR. Boot the
Windows NT computer from a virus-free DOS bootable
(system) diskette. Then run VirusScan for DOS;
SCAN C: /BOOT /CLEAN from a known virus-free floppy.
This will clean the NTFS Master Boot Sector and allow
Windows NT to successfully reboot from the hard disk
drive. However, VirusScan for DOS will not be able to
read the rest of the NTFS partition.
After starting Windows NT, execute VirusScan for
Windows NT to detect and clean Windows NT file
infections.
Q: Can I update VirusScan's data files to detect
new viruses?
A: Yes. If you have Internet access, you can download
updated VirusScan data files from the McAfee Web
Site, BBS, or other online resources. To download
from the McAfee Web Site, follow these steps:
1. Go to the McAfee Web Site (http://www.mcafee.com).
2. Select Update DAT File in the left hand column
or frame.
3. Scroll down, and click Update Your DAT Files to
update your virus definition files.
4. Data file updates are stored in a compressed form
to reduce transmission time. Unzip the files into
a temporary directory, then copy the files to the
appropriate directory, replacing your old files.
5. Before performing any scans, shut down your
computer, wait a few seconds, and turn it on again.
If you need additional assistance with downloading,
contact McAfee Download Support at (408) 988-3832.
______________
CONTACT McAFEE
Contact McAfee's Customer Care department:
1. Corporate-licensed customers, call (408) 988-3832
Monday-Friday, 6:00 A.M. - 6:00 P.M. Pacific time
Retail-licensed customers, call (972) 278-6100
Monday-Friday, 6:00 A.M. - 6:00 P.M. Pacific time
2. Fax (408) 970-9727
24-hour, Group III fax
3. Fax-back automated response system (408) 988-3034
24-hour fax
Send correspondence to any of the following McAfee
locations.
McAfee Corporate Headquarters
2805 Bowers Avenue
Santa Clara, CA 95051-0963
McAfee East Coast Office
Jerral Center West
766 Shrewsbury Avenue
Tinton Falls, NJ 07724-3298
McAfee Central Office
4099 McEwen
Suites 500 and 700
Dallas, TX 75244
McAfee Canada
139 Main Street
Suite 201
Unionville, Ontario
Canada L3R2G6
McAfee Europe B.V.
Gatwickstraat 25
1043 GL Amsterdam
The Netherlands
McAfee (UK) Ltd.
Hayley House, London Road
Bracknell, Berkshire RG12 2TH
United Kingdom
McAfee France S.A.
50 rue de Londres
75008 Paris
France
McAfee Deutschland GmbH
Industriestrasse 1
D-82110 Germering
Germany
McAfee Japan KK
4F Toranomon Mori bldg. 33
3-8-21 Toranomon
Minato-Ku
Tokyo, 105
Japan
Or, you can receive online assistance through any of the
following resources:
1. Bulletin Board System: (408) 988-4004
24-hour US Robotics HST DS
2. Internet e-mail: support@mcafee.com
3. Internet FTP: ftp.mcafee.com
4. World Wide Web: http://www.mcafee.com
5. America Online: keyword MCAFEE
6. CompuServe: GO MCAFEE
7. The Microsoft Network: GO MCAFEE
Before contacting McAfee, please make note of the
following information. When sending correspondence,
please include the same details.
- Program name and version number
- Operating system type and version
- Contents of your AUTOEXEC.BAT, CONFIG.SYS, and
system LOGIN script
- Network name, operating system, and version
- Type and brand of your computer, hard drive, and any
peripherals
- Microsoft service pack, where applicable
- Network card installed, where applicable
- Modem manufacturer, model, and baud, where
applicable
- Relevant browsers/applications and version number,
where applicable
- Issue encountered
- Specific scenario where problem occurs
- Conditions required to reproduce problem
- Statement of whether problem is reproducible on demand
- Your contact information: voice, fax, and e-mail
Other general feedback is also appreciated.
Documentation feedback is welcome. Send e-mail to
documentation@cc.mcafee.com.
* FOR ON-SITE TRAINING INFORMATION *
Contact McAfee Customer Service at (800) 338-8754.
* FOR PRODUCT UPGRADES *
To make it easier for you to receive and use McAfee's
products, we have established a Resellers program to
provide service, sales, and support for our products
worldwide. For a listing of resellers, see the file
RESELLER.TXT, where applicable, or contact McAfee
Customer Service for resellers near you.
* MCAFEE BETA SITE *
Get pre-release software, including DAT files, through
http://beta.mcafee.com/public/datafiles. You will have
access to Public Beta and External Test Areas. Your
feedback will make a difference.
t