PureBytes Links
Trading Reference Links
|
In case this hasn't appeared yet, I thought I'd send it on to the group. If
it has, again, I apologize.
Guy
-----Original Message-----
From: owner-SysWorks-Techinfo-l@xxxxxxxxxxxxxxxxxxxx
[mailto:owner-SysWorks-Techinfo-l@xxxxxxxxxxxxxxxxxxxx]On Behalf Of Symantec
News Bulletins
Sent: Tuesday, December 07, 1999 5:31 PM
To: SYSWORKS-TECHINFO-L@xxxxxxxxxxxxxxxxxxxx
Subject: ** VIRUS ALERT! **
The following is a copy of Norton AntiVirus Alert we sent
out earlier today December 7, 1999. It contains urgent virus
information that could be of interest to you.
PLEASE NOTE: This bulletin was posted to the Norton AntiVirus list
and is now being sent to the pcANYWHERE, Norton Utilities and Norton
System Works list. You may receive more than one copy if you are
subscribed to more than one of these list.
=============================================================
** NORTON ANTIVIRUS EMERGENCY NEWS BULLETIN - VIRUS ALERT! **
=============================================================
December 7, 1999
_____________________________
THIS IS A VIRUS ALERT ON W95.BABYLONIA and on W32.HLLP.Soft6.
W95.Babylonia should be considered DANGEROUS!
W32.HLLP.Soft6 is of lesser risk.
Monitor the site
http://www.symantec.com/techsupp/vURL.cgi/nav25
for notice when the virus definitions have been updated and for full
details on W95.Babylonia. Updating for one will protect you from BOTH
viruses!
**** PLEASE NOTE:
SARC anticipates that the rest of 1999 will be rife with new, highly
destructive viruses. Please be aware that Symantec will continue to
post notices of the most destructive viruses so you may better
protect yourself. The best protection is to update your definitions
at least weekly, if not daily. ****
DESCRIPTION OF W95.BABYLONIA
W95.Babylonia was discovered on Dec 6, 1999. The virus was created by
a member of the 29A virus writing group. It was originally posted to
an Internet news group as a Windows Help file named serialz.hlp, and
appeared to be a list of serial numbers for commercial software. When
this Windows help file is launched, it will introduce the virus into
the computer system. Symantec AntiVirus Research Center (SARC) has
received over 20 submissions of this new virus as of Dec 6, and
believes it to be spreading rapidly worldwide.
W95.Babylonia is a very complex virus that propagates mainly to other
computer users via MIRC. MIRC is a text based communication
application used to chat over the Internet. When an infected user
logs onto MIRC, it will automatically send the virus to everyone
within the same MIRC chat room as the infected user. The virus will
be sent as a Y2K bug fix. Once this file (Y2K bug fix) is executed,
it will infect other 32-bit EXE program files as well as Windows Help
files.
The virus will try to modify the system to display the following
message when booting the infected computer:
W95/Babylonia by Vecna (c) 1999
Greetz to RoadKil and VirusBuster
Big thankz to sok4ever webmaster
Abracos pra galera brazuca!!!
---
Eu boto fogo na Babilonia!
The virus will also send an email to babylonia_counter@xxxxxxxxxxx to
track infected computers.
The most interesting part of the virus is the ability to download the
viral components of the virus from the Internet. When the virus is
executed, the virus will wait for an Internet connection. When it
detects that the computer can access the Internet, it will download
several files from a web server in Japan. Because the virus has such
capability, it is possible for the virus writer to update the virus
centrally.
RECOMMENDATIONS/PROTECTION:
* Download new definitions set. This will be available late
December 7, 1999, through Symantec's LiveUpdate feature or from the
Symantec Web site at www.symantec.com/avcenter/download.html.
****
DESCRIPTION OF W32.HLLP.Soft6
W32.HLLP.Soft6 is a Windows NT specific worm that propagates over
Windows NT networks and displays a large message "Hi 2000!" on the
screen. This message is very large and very noticable. SARC believes
this worm probably cannot spread to different corporations quickly
because it only spreads via network and does not spread via email.
Remember, monitor the SARC site for info on W95.Babylonia. When
updates are ready, updating for one protects you from both.
****
1. Year 2000: Is this product Year 2000 compliant?
2. Subscribing and unsubscribing
3. Disclaimer
_____________________________
NOTE:
This is an outgoing email address. Please do not reply to this email
message. If you require assistance installing, configuring, or
troubleshooting a Symantec product, or you have a question for
Symantec Customer Service, please visit the Symantec Service &
Support Web site at the following address:
http://www.symantec.com/techsupp/
Select your product and version and click GO.
To see an HTML version of this newsletter, please visit the following
Internet web site:
http://www.symantec.com/techsupp/vURL.cgi/nav24
_____________________________
1. Year 2000: Is this product Year 2000 compliant?
For more details on this question, point your browser to the
following Internet address:
http://www.symantec.com/y2k/y2k.html
_____________________________
2. Subscribe or unsubscribe
If you would like to subscribe to other Symantec newsletters, please
visit the following web site and follow the appropriate instructions:
http://www.symantec.com/techsupp/bulletin/index.html
If you no longer want to receive this newsletter, let us know by following
these steps:
1. Create a new email addressed to:
listserv@xxxxxxxxxxxxxxxxxxxxx
2. In the Subject line of your email software, type the following:
unsubscribe
3. In the body of the message, type the following:
SIGNOFF NAV-TECHINFO-L
4. Send the message.
If you would like to unsubscribe from other Symantec newsletters, please
visit the following web site and follow the appropriate instructions:
http://www.symantec.com/techsupp/bulletin/index.html
_____________________________
3. Disclaimer
THIS DOCUMENT IS PROVIDED FOR INFORMATIONAL PURPOSES ONLY
This message contains Symantec Corporation's current view of the
topics discussed as of the date of this document. The information
contained in this message is provided "as is" without warranty of any
kind, either expressed or implied, including but not limited to the
implied warranties of merchantability, fitness for a particular
purpose, and freedom from infringement. The user assumes the entire
risk as to the accuracy and the use of this document. This document
may not be distributed for profit.
Symantec and the Symantec logo are U.S. registered trademarks of
Symantec Corporation. LiveAdvisor is a trademark of Symantec
Corporation. Other brands and products are trademarks of their
respective holder(s).
(c) Copyright 1999 Symantec Corporation. All rights reserved.
Materials may not be published in other documents without the
express, written permission of Symantec Corporation.
|