July13 Family
Description July13 Family
These are very dangerous nonmemory resident encrypted parasitic viruses. They search and write themselves to the end of EXE files. They may corrupt the COM files that have .EXE extension. On July, 13th they leave a small memory resident program that hooks INT 8 and displays the running balls (see "Ping-Pong" virus).
Check other viruses! Be aware! Use Antiviral Software
Macro.Word.Map
Description Macro.Word.Map
The virus contains two macros: AutoClose, AutoExit. It infects the system macros area and document on closing (AutoClose). On exiting Word the virus displays the MessageBox:
Nova V tima
Voc foi v tima de MAP0997!
Macro.Word.Mark
Description Macro.Word.Mark
This is an encrypted Chinese Word macro virus. It contains five macros: A, B, AutoExec, AutoOpen, ToolsMacro (stealth). The virus replicates itself when documents are opened (AutoOpen).
Depending on the random counter the virus creates a new document and writes to there a text in Chinese. It also creates the C:X.TXT file and writes to there "0" or "1" also depending on the random counter. On next Word loading (AutoExec), if there is "1" in that file, the virus appends to the C:AUTOEXEC.BAT file the commands that formats the hard drive:
format c:/u/V:MARK>nul
|