"South African Friday the 13th" virus

 


             *********************************************

             ***   Reports collected and collated by   ***

             ***            PC-Virus Index             ***

             ***      with full acknowledgements       ***

             ***            to the authors             ***

             *********************************************


 

 

 Computer Virus Catalog 1.2: South African Friday 13.  (Sept.20,1989)


Entry...............: "South African Friday the 13th" virus

Alias(es)...........: Virus-B, Miami, Munich

Virus Strain........:

Virus detected when.: 1987

              where.: South Africa

Classification......: .COM file infecting virus/Extending/Direct

Length of Virus.....: 419 bytes


-------------------- Preconditions ---------------------------


Operating System(s).: MS-DOS

Version/Release.....: 2.0 or higher

Computer model(s)...: IBM PC,XT,AT and compatibles


------------------ Attributes ------------------------------------


Easy Identification.: Text "INFECTED" found near start of virus.


Type of infection...: Virus adds itself to end of file and places a

                      three-byte jump at the beginning.


Infection Trigger...: When an infected file is run, it will infect

                      every .COM file in the current directory, with

                      the excep- tion of COMMAND.COM.


Storage media affected:


Interrupts hooked...: ---


Damage..............: Every infected file run on a Friday the 13th

                      will be deleted.


Damage Trigger......: Current date, as reported by DOS.


Particularities.....: ----


Similarities........:  The effect is similar to that of other,

                       unrelated viruses. VIRUS-B is a modified

                       variant of this virus.


--------------------- Agents --------------------------------------


Countermeasures.....: All programs which check for .COM file length

                      changes will detect infections.

                      Simply making all .COM files read-only is

                      effective against this virus.


Countermeasures successful:

                      Detection of infection:

                           F-FCHK (from F.Skulason's F-PROT package)

                           VIRUSCAN

                      Removal:   F-FCHK


Standard means......: Write-protect every .COM file with "attrib +r

*.COM".


-------------------- Acknowledgement -------------------------------


Location............: University of Iceland/Computing Services

Classification by...: Fridrik Skulason  (frisk@rhi.hi.is)

Documentation by....: Fridrik Skulason

Date................: Sept 20, 1989

Information Source..: ---


==================== End of South-African virus ======================



  ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

  ++++++++++++++++++++++++++ end of reports ++++++++++++++++++++++++

  ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



Comments

Post a Comment

Popular posts from this blog

WHAT THE WATCH TOWER BIBLE AND TRACT SOCIETY OF PENNSYLVANIA HAD TO SAY ABOUT WHAT WERE SUPPOSED TO HAVE HAPPENED in 1874

  AWAKEN                                                     Issue #33   1874 - WHAT THE WATCH TOWER BIBLE AND TRACT SOCIETY OF PENNSYLVANIA        HAD TO SAY ABOUT WHAT WERE SUPPOSED TO HAVE HAPPENED THEN.   This issue will comprise mainly of quotes from Watch Tower publications. Present day Jehovah's Witnesses are unlikely to be aware of any of this material. Why ? The Watch Tower had changed it's theology and does not bother to let it's followers know facts about the past especially since the present theology is totally contradictory to what was promoted in the past. Both sets of incompatible conjectures were promoted as being found  and proven in Scriptures. Prior to 1943 if a follower of the Watch Tower questioned any of the Watch Tower's teaching about 1874, that person risked getting kicked out of the group ...
Read more

Uninterruptable Power Source (UPS) FAQ

Article 61549 of news.answers: Xref: freenet.carleton.ca comp.misc:25723 comp.sys.hp.hardware:5708 comp.sys.sun.hardware:24796 comp.sys.sgi.hardware:9261 comp.sys.next.hardware:16000 comp.sys.dec:27561 comp.unix.admin:28511 comp.answers:8765 news.answers:33422 Path: freenet.carleton.ca!cunews!nott!bcarh189.bnr.ca!bcarh8ac.bnr.ca!bnr.co.uk!pipex!howland.reston.ans.net!news.cac.psu.edu!news.pop.psu.edu!hudson.lm.com!netline-fddi.jpl.nasa.gov!phoebe.jpl.nasa.gov!root From: ups@navigator.jpl.nasa.gov Newsgroups: comp.misc,comp.sys.hp.hardware,comp.sys.sun.hardware,comp.sys.sgi.hardware,comp.sys.next.hardware,comp.sys.ibm.hardware,comp.sys.dec,comp.unix.admin,comp.answers,news.answers Subject: Uninterruptible Power Source FAQ Followup-To: comp.misc Date: 10 Dec 1994 13:09:38 GMT Organization: Jet Propulsion Laboratory, Pasadena, CA Lines: 1346 Approved: news-answers-request@MIT.Edu Distribution: world Message-ID: <3cc9ai$fus@phoebe.jpl.nasa.gov> Reply-To: npc@minotaur.j...
Read more

Blade Runner FAQ

Archive-Name: movies/bladerunner-faq Version: 1.4 (May 1993) -------------------------------------------------------------------------------                                  BLADE RUNNER                            Frequently Asked Questions                        Copyright (C) 1993 Murray Chapman ------------------------------------------------------------------------------- Compiled by Murray Chapman (muzzle@cs.uq.oz.au), from sources too numerous to mention.  Thank-you one and all.                                INTRODUCTION                                ------------ The movie "Blade Runner"...
Read more