Jam.1295
Description Jam.1295
This is a benign memory resident parasitic virus. Before installing a memory resident, the virus disinfects the host file. It then hooks INT 21h, and writes itself to the end of .EXE files that are terminated (the virus gets the file name from Program Segment Prefix). If the date and month correspond in number(January 1st, February 2nd,all), the virus , depending on the system time, decrypts and displays the following message, beeps through the PC speaker and halts the system:
Terrorystyczna organizacja zwolennikow dzemu
truskawkowego przejela kontrole nad twoim komputerem.
Dzem truskawkowy ponad wszystko.
"Jam" written by Jack Rose. 21 April 97.
The virus also contains encrypted text partly corrupted by program stack:
Przepraszam. Pisanie wirusow traktuje jako wyzwanie intelektualne.
Check other viruses! Be aware! Use Antiviral Software
Macro.Word.Thery
Description Macro.Word.Thery
This virus contains only one macro AutoClose and replicates on closing files. It deletes the macros that are named "virus111". It contains the comments:
VirusMacroWord du Bureau Informatique du SIRPA
Virus Anti Virus du 14 juillet 1997
v0.1b - Sgt THERY - 18/07/97
Macro.Word.Tiny family
Description Macro.Word.Tiny family
These are extremely short Word macro viruses. They contain only one macro AutoOpen (as a result replicate themselves on document opening) that contain one short instruction of virus replication. To copy their code the viruses use a "hot-keys" trick: they pass to Word a set of keys that force Word to copy virus macros.
|