What's with the supposed 'Happy Time' virus?

There is an article about a supposedly new and destructive virus, “Happy Time,” in today’s boston.com: http://digitalmass.boston.com/news/daily/05/050401/happytime_virus.html

I am rather suspicious of this “warning” because I thought that it was impossible for a virus to operate unless you activate it by opening some kind of executable file or Word macro. I checked McAfee and Symantec and neither of them have anything about this, nor does Snopes or ZDNet.

So, my GQs are:

  1. Is this virus confirmably real?

  2. Is it true that it is impossible for a virus to “live” in text alone?


I don’t know about this specific virus, but I can give some general information. First, it’s possible for a virus to “live” in any file whatsoever, but in most file types (text, images, sounds, WordPerfect documents, etc) they’re harmless: You’d have to do something silly like rename the file from foo.txt to foo.exe, and then deliberately run it (even this would not necessarily wake up a virus, depending on how it’s hidden in the file. This is just an example of the sort of thing that might do the trick).

As for e-mail viri: There was, indeed, a security hole in several versions of Microsoft Outlook that would allow an e-mail virus to attack you without you even reading the message. A patch has since been released. It’s interesting to note that while Microsoft didn’t admit the existance of the bug until the patch was released, rumors were circulating about it over a year before that time. It’s also interesting to note that no e-mail virus has ever been discovered which can affect folks who don’t use Outlook or Word.

Finally, they say that this virus completely wipes out a person’s hard drive, and has a waiting period of about a month. This means that it’s nothing to worry about. No virus that destructive, be it electronic or biological, can spread very far, because it would have a tendancy to kill off its host before it got spread. The ones you need to look out for are the ones that just randomly delete one single file every six months, or some such.

Sounds too suspiciously close to the Good Times virus hoax. If you haven’t heard about this, this started in 1994 before the new generation of script bugs enabled by Microsoft Outlook and friends, when it was impossible to get a virus just by reading an email. Now, it is still impossible to get a virus just by reading an email, unless your email program is set to execute untrusted code.

Your question about a virus living in text is ambiguous - many newer viruses can be some kind of scripting language, which is text. Stupid email clients by certain mega software companies in Redmond, Washington will sometimes execute such scripts without warning, thus propagating the virus.

So, yes a virus can be in text, but it must be interpreted or executed in order to be active. If you have a decent email client or set the appropriate security settings so you don’t run code sent to you by strangers, then you can’t get a virus this way.

Answer to #1: I think it’s a hoax. If a virus is really “fast-spreading” as the article claims, a) one of the companies that focuses on these things would’ve found it and put notice on their web site and b) you’d see it in more than one source.

Answer to #2: Bugs in software can enable anything, so it is entirely possible that a pure text message delivered to you on any platform could cause you to acquire a virus. In general, that’s pretty unlikely.

Re: Chronos’s comment,

That’s most likely true, but really irrelevant. Virus writers focus on big markets, because the value they derive from their evil pleasure is fame. You can’t blame MS for putting out an extremely successful product.

Happy Time is real.

Symantec does indeed talk about it.


Have been away, but I just wanted to say thanks to you guys for your answers. I must not have looked hard enough in Symantec.

If there’s ever a question about the legitimacy of a virus warning, go here:


Rob Rosenberger’s is a must bookmark site.

I’m a little puzzled by this. I’m not saying you’re wrong, because I don’t know much about these things, and I’ll defer to someone who does. But can you alter the makeup of a file simply be renaming it? What I mean is that if I have a Word file (with a .doc extension) and then just rename it “me.exe”, does this renaming make it an executable? Don’t I need to run a program to make it an executable file?

I might be missing a lot here, since I need another cup of coffee… Thanks in advance.

Well, if you do that, then Windows can try to run it, at least. You might end up freezing up your computer that way, but it probably won’t do anything interesting. That’s not really what I’m talking about, though. I’m supposing that someone starts with a real exe file, with a virus in it, and then renames it something.txt . Any file can be interpreted as a text file, although it’ll probably just look like a whole lot of garbage in Notepad (unless you’re extremely clever… I once saw a polyglot file that, depending on the extension you put on it, was a valid DOS .com file, a Bourne shell script, or C or Fortran source code, for a “Hello World” program). Anyway, so now you’ve got an exe file that’s disguised (badly) as a text file. If you rename it back to the original .exe, then it’ll be a functioning program again, just like it was originally.

Ohhhhhh yeah. That makes more sense, and it’s far more insidious. If I do it my way, Windows is gonna wonder what the heck I’m up to. Thanks for 'splaining.

there are several excel macro virues as well