Errata for VirusScan Version 2.2.7 (9511) Copyright 1994, 1995 by McAfee, Inc. All Rights Reserved. These release notes cover what is new in VirusScan 2.2.7 and the November DAT release (9511) of VirusScan for DOS, VirusScan for Windows, VirusScan for OS/2 and VShield. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! ! NOTE: OS/2 users. IF YOUR OS/2 SYSTEM IS CONNECTED TO OS/2 ! ! LANMANAGER, DO NOT RUN OS/2 SCAN FROM STARTUP.CMD. DOING SO ! ! COULD RESULT IN LOST DESKTOP OR OTHER UNDESIRABLE RESULTS. ! ! ! ! McAfee is working with IBM and with several large ! ! organizations, which rely heavily on OS/2, to alleviate the ! ! corruption problem. ! ! ! ! The temporary solution is to put VirusScan in a start up ! ! group. Not in the log in script or in the start up command ! ! file. ! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Note for NT users: You must add the following line in your DEFAULT.CFG and PROFILE1.PRF file (or any other profile you have chosen to use), residing in the same directory as WSCAN.EXE. /NODDA If you are not familiar with profiles, please refer to VSCAN22.PDF or your printed manual. ------------------------------------------------------------------------ Vshield 2.2.8 This month we have changed Vshield. Vshield now performs a two pass Memory Scan. This was done to provide our customers with maximum security against viral infection. ------------------------------------------------------------------------ About VirusScan Documentation The VirusScan documentation is now available online. In addition to being environmentally friendly, the online documentation is easy to use and puts the information you need at your fingertips. It will be necessary to download the Acrobat Reader that you prefer for DOS (ACRODOS.ZIP) or for Windows (ACROWIN.ZIP) and the Manual itself (VS22DOC.ZIP). The following features help you access information quickly: - The hypertext links take you directly to the topic you want to see. When the cursor changes to a pointing hand, just click on the link to display the related topic. - The navigation features on the Acrobat Reader toolbar let you move around within the document. Use the following procedure to view your electronic documentation: 1. Unzip the downloaded files into a working drive on your PC. 2. Run the self-extracting Adobe Acrobat Reader program, ACROREAD.EXE for Windows. In DOS, type ACRODOS and hit [ENTER] while in the directory where you unzipped the files. 3. In DOS Run the Install program and follow the Acrobat installation instructions. 4. Launch the Adobe Acrobat Reader from the installation directory. The Open dialog box is displayed. 5. Locate the manual file, VSCAN22.PDF, in the directory where you unzipped the VirusScan files. 6. Choose OK. ------------------------------------------------------------------------ About Macro viruses... Included in this ZIP file is a self-extracting archive, MVTOOL10.EXE, being distributed by Microsoft. It is a way to protect yourself against the Concept virus, as well as to warn you against document files that contain macros without your knowledge. To make use of it, execute the program: MVTOOL10.EXE 40732 bytes It will create these files: README.DOC 36864 10-02-95 1:08p SCANPROT.DOT 49152 10-02-95 3:44p Enter Word and read the README.DOC to see if the package is suitable for your environment. ------------------------------------------------------ Detectors added or updated in the 9511 DAT file (640): _205 _439 _535 _639 _727 _814 _935 _978 _1000 _1106 _1567 2 UP 4ON 60 BOOTS AB ACHE.338 ACV.1342 AIDS.872 AIRTON AJ.391 ALEX&SOLO ALEX.599 ALGERIAN.1336 ALGERIAN.1400 ALIEN.1976 AM II AMAZON.468 AMAZON.479 AMAZON.500 AMT.3000 AMT.4000 AMZ.682 ANNIHILATOR.272 ANNIHILATOR.304 ANNIHILATOR.357 ANNIHILATOR.379 ANNIHILATOR.390 ANNIHILATOR.412 ANNIHILATOR.711 ANSTON.2169 ANTIBASE ANTICHECK ANTICMOS.D ARCV.COMP ARIANNA.2864 ARIANNA.3426 ASMODEOUS.1160 ASSASSIN ASTERISK ASTRA.927.B ATAS II.1268 AUSTRALIAN PARASITE.213 AUSTRALIAN PARASITE.217 AUSTRALIAN PARASITE.221 AUSTRALIAN PARASITE.229 AUSTRALIAN PARASITE.312 AUSTRALIAN PARASITE.423 AUSTRALIAN PARASITE.424 AUSTRALIAN PARASITE.673 AUSTRALIAN PARASITE.1024 AUSTRALIAN PARASITE.AMSV.443 AVALANCHE.2818 AVALON BABA.356 BANDERSNATCH BEDA.883 BEETLE BENGAL.863 BENITO BILL.836 BILLY BISHOP.SCACCHI BITADDICT.512.A BITADDICT.512.B BLACK JEC.247.E BLUE_NINE.A BOBAS BOBO.427 BOLEK BOMB.1492 BOOTEXE.394 BRASIL BREAKING.A BUFFEATER BURGER.382.C BURMA.442.D BW-BASED.754 BW-BASED.811 BW.372 BW.512 BW.556 BW.609 BW.756 CACA CAFFEINE.366 CANNAB-E CANTANDO CATHOLIC CATSCRATCH CAZ.1024 CCBB 2 CHARLIE CHOLERA.A CHUKC.554 CHUKC.838 CHUKCHA.554 CIVIL IV.586 CIVIL WAR.281 CIVILWAR.503 CIVIL_DEFENSE CK.777 COFFEESHOP COMMANDO.421/498 CORPORATION CREEPER.475 CROATIA CRUCIFIX.2914/2916 CSF.240 CYBERCIDE CYBERLOARD DANISH TINY.308 DARNOK DARV DATAFIRE DBCE.3403 DBF.990 DEAD.1601 DEATHBOY.640 DEI.1792 DEI.1948 DEICIDE DEMAND.666.B DEV X DIE.385 DIE.666 DIGDEATH.963 DILLINGER DIR II.2048 DIRD.1686 DIS.1024 DKILLER DODGER DRAG DRAGON DREAM.A DREAM.B DRUG DRY DREAM.1090 DRY DREAM.1091 DSME.A DSME.B E-MORPH EAR.JOB ELAINE.1127 EMMIE.2604 EMMIE.2620 ENTERPRISE ERROR_INC.393 ESTE.303 ESTONIA.400 ETERNITY.410 ETERNITY.562 ETERNITY.599 EXE.252 EXEBUG EXEHEADER.324 EXILE.255 EXPLORER EXTERMINATOR FAERIE.286 FASOLO.149 FASOLO.176 FATHER CHRISTMAS.268A/456 FATHER_MAC.289 FATHER MAC.789 FATHER MAC.836 FATHER_MAC.1445 FATHER MAC.1470 FATHER MAC.1495 FATHER MAC.1496 FATHER MAC.1536 FAX FREE.1024.ABSTRACT.A FAX FREE.1024.B FAX-FREE.1024.C FAX_FREE.1536.NEW.A FAX_FREE.PISELLO.1024.B FEWSTER FFFF.432 FFFF.440 FIND.512/BIGX.610 FIND.600 FIND.666 FISTIK.1280 FIVE_DAYS FKILLER FRAUD.666 FREDDY SOFT FRIDA FROLL FUMBLE.801 FUNKED.425 GALEOCERDO GALYA GHH.482 GINGER.945 GINGER.3183 GIPPO.EPIDEMIC.1242 GIPPO.EPIDEMIC.1249 GIRLS GLUPAK GODZILLA GOGA.1 GONDOR GOOD_DOCTOR GOOMBA GROG.495 GROG.547 GROG.926 GROG.1207 GROG.2075 GROG.BRUCHETTO.474 GROG.DANZERINO.1059 GROG.JOE ANTHRO GROG.METAFORA GT SPOOF HALKA.720 HALKA.1000 HAPPYNEWYEAR (COM) HEHEHE.331 HEJA.511 HEJA.623 HELICOPTER.777 HELLO.365 HELLOWEEN.1063 HEMLOCK HERMANOS.2777 HI.802 HIDEOUS.C HIGHLANDER HLL.3677.B HLL.4568 HLL.RUST HLLO.WARM HONEY.1027 HYDRA.1657 HYMN.SVERDLOV.C HZP.512 IERONIM.1492 IMI.1536.G IMI.2304 INFECT.632 INFECT.736 INSERT INT_FF INTRUDER.1336 INTRUDER.1353 INVISIBLE MAN IRONFIST ITTI.99.B IVP.874 IVP.GWYNNED IVP.REPLICO.317 IVP.REPLICO.352 IVP.REPLICO.390 IVP.WILD THING.555 JAAT JAPANESE CHRISTMAS.722 JD.158.L JD.158.O JERUSALEM.1264 JERUSALEM.1808.EXCITER.D JERUSALEM.2465 JERUSALEM.CVEX.5120 JERUSALEM.HK.2513 JERUSALEM.MOROCCAN JERUSALEM.PIPI.1552.A JOLTER K HATE KACZOR.A KAK KAROL KEEPER.CHINA.777 KELA.823 KEYB KEYPRESS.1258 KH61B45 KHAI KHIZHNJAK.515 KHIZHNJAK.632 KHIZHNJAK.642 KHIZHNJAK.711 KHIZHNJAK.752 KHIZHNJAK.846 KHIZHNJAK.962 KHRUSHA KI.962 KILLERWHALE.713 KLOT KLUBB KONKOOR.1844 KONKOOR.1933 KOREA-STRANGER.707 KORST.707 KSV.1144 KUZ KYOKUSHINKAI.2048.A KYOKUSHINKAI.3072 LAME.435 LAME.435 - GENERATION 1 LAME.538 LCT-SATAN.602 LEATH LEGOZZ LENINGRAD II.1499 LEPROSY.189 LEPROSY.208 LEPROSY.551 LEPROSY.573 LEPROSY.5120 LEPROSY.5370.A/B LEPROSY.BADCOMMAND.281 LEPROSY.LOARD LEPROSY.MERCI.308 LEPROSY.YH.880 LETTER_H LIGHT LITTLE.139/B LITTLE.B LOKI.1228 LUBAK.466 LULU LURID M5-VP2 MACGYVER.4480 MAGDA.512 MAGDZIE.1056/1114 MAGIC.239.A MAGIC.239.B MAGIC.254.A MAGNITOGORSK.2560.D MANGO.468 MANOWAR MARZIA MAVERICK.1536A MAVERICK.1536B MEGASTEALTH MEPHISTO.510 MEPHISTO.615 MEPHISTO.654 MEPHISTO.815 MEPHISTO.914 MEPHISTO.914 - GENERATION 1 MEPHISTO.928 MEPHISTO.937 MEPHISTO.938 MEPHISTO.1000 MEPHISTO.1000 - GENERATION 1 MEPHISTO.1242 MICKIE MICRO.B MILAN MILAN.NAZISKIN.270/903 MILAN.NAZISKIN.335 MILAN.WWT.67.C MING.CLME.1952 MINIHHHH.246 MIRAGE.1331 (EXE) MIRAS MIREA.737 MIRROR.4130 MONARCH MONTE CARLO.1541 MOONLIGHT MORBID MORDOR.538 MR GU.545 MR TWISTER.OW MSU 271 MSU4 MURDERER.3670 MUTAGEN MUTAGEN.5011 MWS.788 MZV.333 NEKO.1964 NEKO.1990 NEKO.2690 NEVERONE.442 NG.1036 NIGHTFALL.5765.COMPANION NINETY TWO SIXTY NINE NOKERNEL (BOOT) NOKERNEL.6000 NOPM.494 NOSTAR.2247 NOVEMBER 17TH.900.B NOVEMBER 17TH.1061 NRLG (BOOT) NTZ.397 NUKE.NPOX NYGUS.278 OHL.1960 OHM.777 OK.778 OLEXY OLYA OOPS OOPS.600 OOPS.1087 OTTI OVER1644 OVERDOZE.472 P&C PANIC.1056 PASTA PEASANT PHANTASMAGORIA PHANTOM PHX.1295 PIXEL.1577 PIZ.3599 PLAYGAME.B PLOOSE POLIFEMO.736 POLO.2502 POWERTRIP PREDITOR.2448 PS-MPC.331.B PS-MPC.339.A PS-MPC.343.A/B/C PS-MPC.344.B/D/E PS-MPC.346.A PS-MPC.347 (.A-.I) PS-MPC.348.A/B/C PS-MPC.352 (.A-.J) PS-MPC.353.B PS-MPC.357 PS-MPC.DK.693 PS-MPC.G2.425 PS-MPC.JUSTICE PS-MPC.MEMA.1187 PS-MPC.NUKE5.478 PS-MPC.VIOLITE.1511 PUL.1840 PUPPET.487 PYRAMID RAJAAT.443 RANGER RAVING REALIZE.498 RESCUE RIOT.309 RIOT.441 RIOT.CARPE_DIEM.469 RIOT.ETERNITY.562 RIOT.ETERNITY.565 RIOT.ETERNITY.599 RIOT.KEYB.756 RIOT.KEYB.873 RIOT.MOONLITE.366 RIOT.OVERDOZE.470/472 RIOT.TTT RIP.3241 RTL.805 RUSSIAN TINY.352 VARIANT SABADOS SARAMPO.A SATAN.602 SATYRICON.355 SAURON SCITZO.1285 SCITZO.1337 SCRATCH.374 SEAGULL SEPULTURA SHARK.1661 SHUTDOWN.644 SI859B SI8995 SIA1A 339 SILLYC.124 SILLYC.128 SILLYC.128 (DAMAGED) SILLYC.155 SILLYC.179 SILLYC.190.A SILLYC.190.B SILLYC.207.B SILLYC.331 SILLYC.511 SILLYCER.101 SILLYCER.122 SILLYCER.132 SILLYCER.140 SILLYCER.281 SILLYCER.292 SILLYCER.307 SILLYCER.403 SILLYCER.403 - GENERATION 1 SILLYCR.357 SILLYOR.131 SIMPLEX.507 SISTOR.2605 SKEW.458 SLAVA SLOVAKIA SMALL SMALL_COMP.89 SMARTC SOFIA.432 SOLDIER SPHINX SRC.125 SRC.212 STALKER.310 STAR.486 STARDOT VARIANT STARDOT.979 STERCULIUS.273 STONED.EMPIRE.D.2 STORM.1153.B SUPRISE.1318 SURIV_2 VARIANT SVETA SVIN SVIRUS SWASTI TANKAR.212 TANKAR.476 TASHKENT.490 TEA TEH.647 TEQUILA.2468 TERAZ.4004 THAT THEDRAW TIAWAN TIMERJ.1106 TIMID.290 TRAKIA.653 TRANCE TRIVIAL.27.C TRIVIAL.27.E TRIVIAL.27F TRIVIAL.29.E TRIVIAL.30.H TRIVIAL.30.I TRIVIAL.40.G TRIVIAL.42 TRIVIAL.43.B TRIVIAL.43.C TRIVIAL.43.D/44.E TRIVIAL.82 TRIVIAL.82 (DAMAGED) TRIVIAL.85 TRIVIAL.CIVIL WAR TRIVIAL.DIDDLER TRIVIAL.FTW.192 TRIVIAL.LAME.98 TRIVIAL.LAME.173 TRIVIAL.TOM TRON 754 TU28.535 TVED.OW.780 TWISTED UNC.1039 UNDAMAGED.1314 UNFO.9594 UNION UNIQ.309 UNIQUE.308 USERLIST.1413 USSR.414 V 359 V.573 V.723 V.825 V.935 V.1121 V.1125 V.1320 V.2435 VACSINA VAMPIRO.B VANDOR VARIABLE WORM.913 VBASIC.D VCL.347 VCL.361 VCL.512 VCL 527 VCL.BEHAVIOUR.DEMENTED VCL.MONET.267 VCL.MONET.466 VE.504 VHX.322 VIENNA.486 VIENNA.641 VIENNA.648.O VIENNA.700.C VIENNA.GROG.DANZERINO VIENNA.PARASITE.861 VIENNA.VIOLATOR.803 VIENNA.VIOLATOR.909 VIENNA.W-13.318 VIENNA.W-13.539 VIROS VIRUZ VIV.524 VLAD.DADDY.1093 VLAD.653 VS.612 WALLY.981 WALLY.1029 WARIA WH20 WMA.678 WORM WVP.352 XAM II XANDU XIV XUXA 1037 YAM YANKEE DOODLE.1223 YANKEE DOODLE.2167 YANKEE DOODLE.XPEH.5648 YANKEE DOODLE.XPEH.5808 YANKEE_DOODLE.2895 ZAPPA ZELENTSOV ZERO HUNTER.415.C ZHERKOV ZIELONA.2576 ZOL.316 ZOL.799 ZOL.5372 ZOL.25568 ZORTEC ZULU ---------------------------------------------------- Removers added or updated in the 9511 DAT file (35): _727 60 BOOTS ACHE.338 AIRTON ALEX&SOLO ALGERIAN.1336 ALGERIAN.1400 ALIEN.1976 AMAZON.468 AMT.3000 AMT.4000 ANTICMOS.D AUSTRALIAN PARASITE.217 AUSTRALIAN PARASITE.221 AUSTRALIAN PARASITE.673 AUSTRALIAN PARASITE.1024 AUSTRALIAN PARASITE.AMSV.443 AVALON BABA.356 BARROTES.1463 BENITO BLUE NINE CACA CAPITAL DRY DREAM.1090 FURTIVE.1901 INVISIBLE MAN.2926 LULU PASTA SEPULTURA STONED.EMPIRE.D.2 SVC.2936.C ZOL.25568 ZOL.5372 ZULU ----------------------- False Alarms fixed: HLLO.CVIR.2 ---------------------------------------------------- Top active viruses other than those presented above: AntiCmos (alias: Lixi) Byway (alias: Dir2.Byway) (*) Concept Da'Boys (**) Junkie MonkeyA MonkeyB Natas NYB (alias: B1) Ripper Sampo V-Sign (alias: Cansu) WelcomB (alias: BuptBoot) (*) To remove Byway, boot up with the virus in memory. Copy all executable files to floppy, with a non-executable extension. Copy all the data files off. Format harddisk. Replace files. (**) To remove Da'Boys from a hard disk infection, one needs to boot from a clean corresponding DOS version and execute the command "SYS C:".