aryehg@ozonebbs.UUCP (Aryeh Goretsky) (12/18/90)
Here is a summary of the new features of Version 72 of McAfee Associates VIRUSCAN and CLEAN-UP programs (all holds true for NETSCAN and VSHIELD as well): VIRUSCAN Version 72 of VIRUSCAN adds four new viruses and improves the external virus data handling capabilities. The ZeroHunt virus was uploaded to Homebase BBS by Paul Ferguson of Washington, D.C., USA. It is a memory-resident infector that attaches itself to the stack space in .COM files. Since the virus is attaching itself inside a file, as opposed to adding itself to the beginning or end, the size of the file will not change. The Bloody! virus has been reported in Massachusetts, USA as well as Taiwan and Europe. It infects the boot sector of a floppy disk and the partition table of the hard disk. After approximately 128 reboots, the virus displays the message "Bloody! Jun. 4, 1989" which is the date of the Tiananmen Square Massacre in Beijing, China. The Jeff virus is a .COM file infector that destroys data by writing garbage to the hard disk. It contains the text "Jeff is visiting your hard disk." The Music Bug virus has been reported in Woodland Hills, California and Orlando, Florida as well as Taiwan. It infects the boot sector of a a floppy disk and the partition table of the hard disk. The Music Bug plays child nursery tunes after a specified time. It contains the text "MusicBug v1.06. MacroSoft Corp." Viruses added via the External Virus Data option are now scanned for in memory, provided the /M switch is used. CLEAN-UP Version 72 of CLEAN-UP adds the removal of two new viruses, the Liberty virus, widely being reported in Australia and the southeastern United States, and the Plastique virus, which is being reported in the United States, Asia, Australia, and Europe. Additionally, handling of the removal of the Pakistani Brain virus has been improved. AUTHENTICITY VERIFICATION OF .ZIP FILES Beginning with Version 72, all McAfee Associates programs for download are archived with PKWare's PKZIP Authentic File Verification. If you do not see the "-AV" message after every file is unzipped and receive the message "Authentic Files Verified! # NWN405 Zip Source: McAFEE ASSOCIATES" when you unzip the files then do not run them. If your version of PKUNZIP does not have verification ability, then this message may not be displayed. Please contact McAfee Associates if your .ZIP file has been tampered with. That's it. The next release is scheduled for the first week or so of February. Regards Aryeh Goretsky +----------------------------------------------------------------+ | Aryeh Goretsky, Tech Support voice (408) 988-3832 | | McAfee Associates telefax (408) 970-9727 | | 4423 Cheeney Street bbs (408) 988-4004 | | Santa Clara, California 95054-0253 // | | Internet: aryehg@ozonebbs.uucp // | | UUCP: apple!netcom!nusjecs!ozonebbs!aryehg \X/ | | "Opinions expressed are my own and do not neccessarily reflect | | those of my employer."--universal disclaimer applied herein. | | "How is a cat like a meatloaf?" - John R. de Palma, MD | +----------------------------------------------------------------+