RADAI1@HBUNOS.BITNET (Y. Radai) (07/10/90)
I suppose most people on this list have managed, by now, to eradi-
cate the "Jerusalem" virus (Israeli Friday-the-13th virus) from their
disks. But this virus is still widespread in some countries (e.g.
Japan), so just in case someone reading this doesn't have software to
remove the virus, I thought I'd post my usual warning: This coming
Friday is a Friday-the-13th, so if you want to be on the safe side,
don't run programs on that day. (BTW, if you boot when the system
date is set to a Friday-the-13th and one of your AUTOEXEC programs is
infected, it'll be too late to try to fool the virus by changing the
date to something else.)
I would also like to take this opportunity to address a question to
John McAfee. According to his statistics, there is one variant of the
Jerusalem which is far more common than all the others combined, and
that's "Jerusalem Virus Version B". Now just what characterizes
this version? When I first saw the name "Version B", I assumed it
referred to what Jim Goodwin called Jerusalem-B, which is the result
of removing the bug which caused multiple infections of EXE files.
But I have files infected with the *original* Jerusalem virus (which
does cause multiple infections), and when I ran SCAN (3.7V64) on them,
they were identified as "Strain B". So if the original virus is
Strain B, what on earth is Strain A?
I don't know if this is an error or the result of a peculiar naming
convention, but if you don't intend to change it, John, then I think
you should describe, here and/or in your program documentation, just
which strain each name (A, B, C, ...) refers to.
Also, when I ran SCAN on files infected with the sURIV 1.01 and
sURIV 2.01 viruses, I was told they contained the same virus, "Suriv
A". Since these are two entirely different viruses, this seems to be
an error.
Another thing I've never been able to figure out is why SCAN and
CLEAN (or is it VIRUSCAN and CLEAN-UP?; the multiplicity of names is
confusing) are two separate programs. If they were combined into one
(with disinfection made optional), this would make their use much more
convenient, not to mention more like other disinfectant programs.
Y. Radai
Hebrew Univ. of Jerusalem, Israel
RADAI1@HBUNOS.BITNET
RADAI@HUJIVMS.BITNET