This Friday, July13th… Look Out For Viruses
This Friday, July13th… look out for black cats, don’t walk under ladders and ensure your virus protection is up-to-date!
The Symantec AntiVirus Research Centre (SARC) is advising local administrators and computer users to ensure anti-virus software solutions are up-to-date with the latest definitions as Friday July 13th 2001 approaches.
As this day of superstition approaches, SARC is alerting users to a number of virus threats that have been triggered on either Friday the 13th or the 13th of any month.
According to Richard Batchelar, Country Manager, Symantec New Zealand, “We are not certain that there will be a virus outbreak on Friday the 13th of July this year, however, we are encouraging administrators and computer users to be aware of the possible threats and to be prepared.
“To ensure their systems are protected, users should have an effective anti-virus solution that has been updated with the very latest virus definitions.”
SARC has identified a number of viruses that trigger every Friday the 13th. The SARC website contains the most up-to-date definitions for each of the following:
- Jeruselam.1808;
- INIT M;
- INIT 1984.
In addition, SARC has highlighted the following viruses that trigger on the 13th of any month. Definitions are available on the SARC website for each of these:
- WM.ShowOff;
- Dr&ET 1710.
Jersualem.1808
Jerusalem.1808 is a virus that becomes active every Friday the 13th. Once active, it deletes any program run on that day and thirty minutes after the first deletion, the computer slows down and the screen scrolls up two lines.
For more information visit: http://www.symantec.com/avcenter/venc/data/jerusalem.1808.html
INIT M
Discovered in April 1993 the INIT M virus is destructive and can rename files and folders to random names. It may also change the type and creator information, or clear creation of modification dates of affected files. This virus infects application and system extension (Or INIT) files, replicating only under System 7, the virus doesn’t spread under System 6.
For more information visit: http://www.symantec.com/avcenter/venc/data/initm.html
INIT 1984
First discovered in March 1992, the INIT 1984 virus infects system extensions (INITs) when users start up Macintosh computers. When triggered, it renames and changes the type and creator of files, or even deletes them from disks. Although this virus can reproduce at any given time, the virus only triggers id the user happened to start up the infected Macintosh computer on Friday the 13th.
For more information visit: http://www.symantec.com/avcenter/venc/data/init1984.html
WM.ShowOff
WM.ShowOff is a simple macro virus that is based on WM.Concept. It does not have a malicious payload and does not work in Microsoft Office 97 or later. The payload is triggered on the eleventh and the 13th of the month and simply displays a dialog box titled “Watch This!” with a message “To one of us, peace! HAPPY BIRTHDAY!”
For more information visit: http://www.symantec.com/avcenter/venc/data/wm.showoff.html
Dr&Et.1710
The Dr&Et.1710 virus is a memory-resident, .COM and .EXE file infecting virus that only uses encryption for its virus code, but also contains a code, which allows the virus to change itself during each infection. The payload is triggered randomly on the 13th of any month.
For more information visit: http://www.symantec.com/avcenter/venc/data/dr.et.1710.html
About SARC
SARC is one of the industry’s largest dedicated team of virus experts. With offices located in the United States, Japan, Australia (covering New Zealand) and the Netherlands, the sun never sets on SARC. The centre’s mission is to provide swift, global responses to computer virus threats, proactively research and develop technologies that eliminate such threats and educate the public on safe computing practices. As new computer viruses appear SARC develops identification and detection for these viruses and provides either a repair or delete operation, thus keeping users protected against the latest virus threats.
For further information regarding SARC or details about the latest viruses and virus definitions, please visit http://www.sarc.com/region/reg_ap/avcenter/.