aryehg@ozonebbs.UUCP (Aryeh Goretsky) (12/18/90)
Here is a summary of the new features of Version 72 of McAfee
Associates VIRUSCAN and CLEAN-UP programs (all holds true for
NETSCAN and VSHIELD as well):
VIRUSCAN
Version 72 of VIRUSCAN adds four new viruses and improves the
external virus data handling capabilities.
The ZeroHunt virus was uploaded to Homebase BBS by Paul Ferguson
of Washington, D.C., USA. It is a memory-resident infector that
attaches itself to the stack space in .COM files. Since the virus is
attaching itself inside a file, as opposed to adding itself to the
beginning or end, the size of the file will not change.
The Bloody! virus has been reported in Massachusetts, USA as well
as Taiwan and Europe. It infects the boot sector of a floppy disk and
the partition table of the hard disk. After approximately 128
reboots, the virus displays the message "Bloody! Jun. 4, 1989" which
is the date of the Tiananmen Square Massacre in Beijing, China.
The Jeff virus is a .COM file infector that destroys data by
writing garbage to the hard disk. It contains the text "Jeff is
visiting your hard disk."
The Music Bug virus has been reported in Woodland Hills,
California and Orlando, Florida as well as Taiwan. It infects the
boot sector of a a floppy disk and the partition table of the hard
disk. The Music Bug plays child nursery tunes after a specified time.
It contains the text "MusicBug v1.06. MacroSoft Corp."
Viruses added via the External Virus Data option are now
scanned for in memory, provided the /M switch is used.
CLEAN-UP
Version 72 of CLEAN-UP adds the removal of two new viruses, the
Liberty virus, widely being reported in Australia and the southeastern
United States, and the Plastique virus, which is being reported in the
United States, Asia, Australia, and Europe. Additionally, handling of
the removal of the Pakistani Brain virus has been improved.
AUTHENTICITY VERIFICATION OF .ZIP FILES
Beginning with Version 72, all McAfee Associates programs for
download are archived with PKWare's PKZIP Authentic File Verification.
If you do not see the "-AV" message after every file is unzipped and
receive the message "Authentic Files Verified! # NWN405 Zip Source:
McAFEE ASSOCIATES" when you unzip the files then do not run them. If
your version of PKUNZIP does not have verification ability, then this
message may not be displayed. Please contact McAfee Associates if
your .ZIP file has been tampered with.
That's it. The next release is scheduled for the first week or so of
February.
Regards
Aryeh Goretsky
+----------------------------------------------------------------+
| Aryeh Goretsky, Tech Support voice (408) 988-3832 |
| McAfee Associates telefax (408) 970-9727 |
| 4423 Cheeney Street bbs (408) 988-4004 |
| Santa Clara, California 95054-0253 // |
| Internet: aryehg@ozonebbs.uucp // |
| UUCP: apple!netcom!nusjecs!ozonebbs!aryehg \X/ |
| "Opinions expressed are my own and do not neccessarily reflect |
| those of my employer."--universal disclaimer applied herein. |
| "How is a cat like a meatloaf?" - John R. de Palma, MD |
+----------------------------------------------------------------+