aryehg@ozonebbs.UUCP (Aryeh Goretsky) (02/22/91)
VERSION 74-B
Version 74-B fixes a bug which caused the programs misidentify
the Swedish Disaster virus on Syquest 10Mb tape drives and machines
formatted with some versions of Zenith-OEM MS-DOS. The machines in
question were said to have the "Stoned/Swedish Virus" present in the
boot sector of infected hard disks and disk packs.
VIRUSCAN Version 74
Version 74 of VIRUSCAN adds 51 new viruses and over one
hundred new strains of existing viruses, bringing the total number
of known computer viruses to 475. In addition, version 74 improves
the throughput of the scanning algorithm and handling of
nonstandard hard drives, and now provides the option of displaying
all messages in French.
The 1575/1591 virus was sent to us from multiple sites in
Quebec, Canada, Oslo, Norway, and the United States. It is a
memory-resident file infector that attaches to .COM and .EXE files
when a disk is accessed via internal DOS commands.
The 903 virus was sent to us by Djennad Nasser from France.
It is a .COM file infector.
The Holocaust virus was sent to us by David Llamas of
Barcelona, Spain. It is a .COM file infector that uses "stealth"
type techniques.
The BeBe, Kuka, Kuka/Turbo, Lozinsky, MGTU, Nina, Off Stealth,
Polish-532, Sverdlov, Tiny-133, USSR-series, and Voronezh viruses
were discovered in the Soviet Union and Eastern Europe and sent to
us from numerous sources there and in Western Europe. They are not
believed to exist in the West.
The Christmas Violator, F-Word, Parity, Beeper, Best Wish,
Leapfrog Destructor, Happy New Year Hymm, Justice, Label, V961,
Swiss-143, Sentinel, Plague, Monxla-B, Little Pieces, IKC528,
Hybrid, Dir-Vir, Stone90, Saddam, and Iraqui Warrior viruses were
sent to us from various sources around the globe.
For summary information about these viruses, please refer to
the enclosed VIRLIST.TXT file. For a detailed description of all
known viruses, please refer to the Virus Summary Document (VSUM),
copyrighted by Patricia Hoffman and available and most bulletin
boards.
A trojan version of VIRUSCAN, Version 73, appeared on BBSes
in Miami, Florida USA. In order to prevent confusion, we have used
the next version number, Version 74.
CLEAN-UP Verison 74
Version 74 of CLEAN-UP adds removal of the 1575/1591 and the
Music Bug viruses, as well as several new variants of the Jerusalem
virus. For more information about these viruses, please refer to
the enclosed VIRLIST.TXT file.
VSHIELD Version 74
Two new commands have been added to VSHIELD: The /CONTACT
option allows a custom message to be displayed if a virus is found.
The /CERTIFY option provides control over file execution. It will
prevent any program from being executed if it has not been
validated as an authorized program for a given site.
FOREIGN LANGUAGE SUPPORT
Both VIRUSCAN and CLEAN-UP can now display messages in French.
When the /FR option is specified, all messages will be displayed
in French instead of English.
VIRLIST.TXT ENTRY FOR 1575/1591 VIRUS
Version 74 went out without an entry in the VIRLIST.TXT file
for the 1575/1591 virus. The correct entry should be:
1575/1591 [15xx] Clean-Up . . x x x x . . . . vary O,P,L
Sorry 'bout that, folks.
Aryeh Goretsky
+----------------------------------------------------------------+
| Aryeh Goretsky, Tech Support vox (408) 988-3832 |
| McAfee Associates fax (408) 970-9727 |
| 4423 Cheeney Street bbs (408) 988-4004 |
| Santa Clara, California 95054-0253 // |
| Internet: netcom!nusjecs!ozonebbs!aryehg@apple.com // |
| UUCP: apple!netcom!nusjecs!ozonebbs!aryehg \X/ |
| "Opinions expressed are my own and do not neccessarily reflect |
| those of my employer."--universal disclaimer applied herein. |
+----------------------------------------------------------------+