© 1995-2000 Symantec Corporation
All rights reserved.
Legal Notices
The Symantec AntiVirus Research Center (SARC) is committed to providing swift, global response to computer virus threats, proactively researching and developing technologies that eliminate such threats, and educating the public on safe computing practices.
| Highlights | Table of Contents |
|---|---|
The Symantec AntiVirus solution
includes the following line-up of currently available
products:
You can get the latest updates to
many of these products through any of the following
online services:
If you don’t have electronic
access, you can contact our Customer Service at (800)
441-7234 and order a disk set for $12 (to cover
shipping and handling only).
At SARC, we like to hear how we are doing from the people who are most important to us: our customers. We want to know what we are doing right, and what you think we could do better. We even created a special e-mail address where you can write to us: Are you looking for a particular type of information? Drop us a line! Is the newsletter too long? Too short? Send us an e-mail! We want to hear it all.... The second virus definition set for December 1997 is available for downloading from the SARC website and other online services. However, if you're using our latest Norton AntiVirus 4.0 products for Windows 95 or Windows NT, you can click the attached file and launch LiveUpdate automatically! Now a standard feature of this newsletter, the attached file is a LiveUpdate e-mail trigger. Although the file is only 38 bytes in size, it can call up your Norton AntiVirus product and activate LiveUpdate. This begins the process of downloading the latest virus definition sets. Keeping your virus definitions current is one of the most important aspects of maintaining a virus-free working environment. Symantec makes it as easy as possible by providing the LiveUpdate e-mail feature in Norton AntiVirus 4.0 for Windows 95, Windows NT Workstation, and Windows NT Server. Symantec has introduced the world's largest collection of online information about computer viruses, with more than 11,000 comprehensive descriptions. The encyclopedia is a valuable resource for corporate MIS departments, small business owners, or anyone who uses the Internet and experiences frequent virus attacks. It is currently available online at http://www.symantec.com/avcenter/vinfodb.html. Norton AntiVirus 4.0 customers can click the "Virus Encyclopedia Online" option in their Windows 95 Start menu to connect directly to the site. "Computer viruses are a big mystery to a large number of people today," says Alex Haddox, product manager for the Symantec AntiVirus Research Center. "The virus encyclopedia, as well as the entire SARC site, provides a vast source of information about computer viruses and ways to combat them. Educating the public on the real threat of computer viruses is a strong component of the SARC charter." In addition to descriptions of individual viruses, the encyclopedia gives detailed overviews of computer viruses in general, the different types of viruses, threats specific to the Macintosh platform, and various virus hoaxes. The encyclopedia also provides a direct connection to SARC, where Norton AntiVirus users can download their free virus definitions. SARC plans to update the encyclopedia every month as definitions and descriptions for new viruses are created. As the virus threat continues to increase at a phenomenal rate, providing virus definition updates only on a monthly basis will soon become insufficient. In a strategic move to give our customers the fastest, safest, and most reliable virus protection possible, the experts at SARC are quadrupling the number of updates each year. In order to ensure the highest possible quality, we are first releasing these updates in beta form, while they are still under development. Beta testing ensures that our latest tools and procedures are properly established to deliver correct, consistent, and high quality products as quickly as possible to our customers. We want your feedback on our beta software, but it is likely to contain bugs, and we don't provide support for products under development. If you would like to be a beta tester, we ask you not to contact Customer Service or Technical Support to report bugs or provide comments. If you are interested in becoming part of the beta program, please visit the Virus Definitions Beta site at: In each issue of the SARC AntiVirus News Update, we profile a few viruses known to be in free distribution among the general public ("in the wild"). However, this month we are covering a new virus hoax which is causing some unnecessary concern. For information on this and other virus hoaxes, see: On Monday, December 8 at 7:00 p.m. PST (-08:00 GMT), hackers broke into the popular Yahoo! Internet search engine site and placed a threatening message on the default page. According to the message, the Yahoo! site had been distributing a computer virus to all visitors for the past month, and unless convicted hacker Kevin Mitnick was released from prison, the virus would wreak havoc on the world. The message was posted to the "no frames" section of the home page, and only for 15 minutes, so exposure to visitors was kept to a minimum. This message is a hoax, meant only to scare people and draw attention to the hackers. No virus was planted on the Yahoo! site or distributed to visitors. The hoax message included the following "warning:" Please ignore any messages regarding this supposed "virus" and do not pass the messages on. Spreading warnings about this hoax serves only to further propagate it. For information about other viruses found in general distribution, see the SARC website at:
Following is a list of the top reported viruses, as published in the Joe Wells Wild List this month: The viruses listed below activate or trigger in the upcoming months. Virus activations/triggers are not necessarily destructive. This information is provided for educational purposes only and is not intended to alarm. Detailed information on all of these viruses can be found on the SARC website. To be added to the subscription mailing list, please fill out the form available on the SARC website at: If you want to be removed from this mailing list, simply send an e-mail to listserv@lserver.symantec.com with the following on a line by itself in the body of the message: Address all correspondence to:
SARC AntiVirus News Update is
published monthly by Symantec Corporation.
Copyright © 1997 Symantec
Corporation. All rights reserved. No
Reprint without Permission in writing, in
advance.
Archives of these newsletters are
available for reading on the SARC WWW site
at:
Current AntiVirus Products
CompuServe:
GO SYMANTEC
America Online:
Keyword: SYMANTEC
Symantec World Wide Web site:
http://www.symantec.com
Symantec FTP:
ftp://ftp.symantec.com
BBS (28.8 baud):
(541) 484-6669 and (541) 984-5366
Feedback on SARC AntiVirus News Update
sarc.news.temp@symantec.com
Keeping Up With SARC
December Virus Update Now Available
Symantec Develops Electronic Encyclopedia of Computer Viruses
Beta Test the Latest Virus Definitions from SARC
http://shop.symantec.com/trialware/dlnavirdef.html (no longer available)
In The Wild
http://www.symantec.com/avcenter/hoax.html
World Domination Hoax
Description:Aliases:
Yahoo!, PANTS/HAGIS, W0rld D0m1n4t10N Infection length:
Hoax Area of infection:
Hoax Likelihood:
Hoax Region Reported:
Hoax Characteristics:
Hoax Target Platform:
Hoax Trigger Date:
Hoax
World Domination is not a virus; it is a complete hoax.
For the past month, anyone who has viewed Yahoo's page & used
their search engine, now has a logic bomb/worm implanted deep
within their computer.
The worm part of this 'virus,' (in layman's terms) spreads
itself across internal networks that the infected machine is
on.
Binary programs are also infected.
On Christmas Day, 1997, the logic bomb part of this 'virus'
will become active, wreaking havoc upon the entire planet's
networks.
The virus can be stopped.
But not by mortals.
An antidote program has been written.
This program is resting somewhere on a computer in the
southeastern hemisphere.
http://www.symantec.com/avcenter/vinfodb.html
Most Frequently Reported Viruses
1. WM.Concept.A
2. Form.A
3. One_Half.3544
4. AntiEXE.A
5. Junkie.1027
6. Empire.Monkey.B
7. AntiCMOS.A
8. Natas.4744
9. Parity_Boot.B
10. WM.Npad.A
11. WM.Wazzu.A
12. NYB
13. Ripper
14. Sampo
15. WM.CAP.A
16. Boot-437
17. Die_Hard
18. Stoned.Angelina.A
19. Stoned.No_INT.A
20. WelcomB
Virus Watch
--------------------------------------------
December
--------------------------------------------
Every Sunday -- Jerusalem.Sunday.A
Any day -- Jerusalem.1500
Any day -- QRry
1st -- WM.MDMA
1st -- Wm.Stryx:De
1st -- Wm.Theatre:Tw
1st -- Wm.Twno.B
1st -- Wm.Twno.C
2nd -- Flip
5th -- Xm.Delta
8th -- Chance
10th -- WM.Helper
13th -- Dr&Et.1710
13th -- WM.Atom.A
15th -- Wm.Theatre:Tw
15th -- Wm.Twno.D
16th -- Little_Red.1465
18th -- Form
20th -- Wm.Outlaw
21st (year 2000) -- Istanbul.1349
22nd -- 10_Past_3
24th -- Npox-963.A
25th -- Cavaco
25th -- Sarampo.1371
25th -- Wm.Twno.D
28th -- Cpw.1527
28th -- Wm.Twno.B
28th -- Wm.Twno.C
--------------------------------------------
January
--------------------------------------------
EVERY SUNDAY -- Jerusalem.Sunday.A
1st -- WM.Friendly:De
1st -- WM.MDMA
1st -- Wm.Theatre:Tw
1st -- Wm.Twno.B
1st -- Wm.Twno.C
2nd -- Flip
5th -- Barrotes
5th -- Joshi
10th -- WM.Helper
13th -- Dr&Et.1710
15th -- WM.BigDaddy
15th -- Wm.Theatre:Tw
15th -- Wm.Twno.D
18th -- Form
20th -- Wm.Outlaw
22nd -- 10_Past_3
24th -- Npox-963.A
25th -- Wm.Twno.D
28th -- Wm.Twno.B
28th -- Wm.Twno.C
Subscribe and Unsubscribe
http://www.symantec.com/avcenter/newsletter.html
SIGNOFF SARC-L
Editor: Alex Haddox, Product Manager,
Symantec AntiVirus Research Center
Symantec Corporation
AntiVirus Research Center
attn.: AntiVirus News Update
2500 Broadway, Suite 200
Santa Monica, CA 90404
USA
http://www.symantec.com/avcenter/refa.html