high
Summary
Summary
Action- More Information
| Affected operating systems | Windows |
|---|---|
| Included in our products from | February 2008 (4.26) |
| Protection available since | 17 December 2007 21:07:17 (GMT) |
| Detected by | All Sophos products |
Action
- Summary
- Action
- More Information
Please follow the instructions for disinfecting PE executables.
More Information
W32/Etap is a highly complicated cross-platform metamorphic virus which infects
both Windows PE executables and Linux/UNIX ELF format executables.
both Windows PE executables and Linux/UNIX ELF format executables.
The virus infects files in all folders and sub-folders on all visible network
drives, with the exception of folders more than 3 levels above the current
folder and folders beginning with the letter 'W' (thus avoiding the Windows
folder).
The virus infects 50% of executables that it finds and does not infect files
with names containing the letter 'V', or beginning with 'PA', 'F-', 'SC', 'DR'
or 'NO'.
When run on the 17th May, or during the months of June, September and December,
the virus may display a message box with the text 'Metaphor 1B By the Mental
Driller/29A'. When run on the 14th May and on Hebrew systems,
the virus displays a message box with the text 'Free Palestine!'.
|
