Virus Database

PHP.Virdrus

Description PHP.Virdrus

This is one of the few currently known viruses which infect PHP (Hypertext Preprocessor scripting language) script programs.
The virus only operates in systems that have PHP-interpreter installed.
When launched, the virus searches the current directory for PHP files and infects them by writing itself the the beginning of each file.
Before infecting a file, the virus searches it for the text string
VirusQuest
. If it finds this string, it will not re-infect the file.
The virus contains the following text strings:
Virus: VirusQuest
Written by Dr Virus Quest
Created on 08/09/2003

Check other viruses! Be aware! Use Antiviral Software

Macro.Word97.Jim.b

Description Macro.Word97.Jim.b

Upon document closing, the virus checks running applications and if one of the following applications is found: Outlook, Internet Explorer or ICQ, the virus collects information about a computer and tries to send it to one of the FTP servers on the Internet.
The collected information includes:
First found .PWL file on drive C:
User name
Time document infected
Application
Country code
Free disk space
Generation of virus
Processor type
Operating system
The virus also searches for a Pegasus Mail application, and if it find one, it creates a message with an attached infected document.
If the MIRC client is installed on a computer, the virus drops a script that instructs MIRC to send an infected document to every computer joined to the same IRC channel as the infected computer.
The virus has a payload procedure that is triggered on second day of the month. This procedure inserts a text into the active document:
[Mr Jim/SeptiC/TI] - Do you have what it takes to become an international
bussiness man!?
[Mr Jim]/SeptiC/TI '99

Macro.Word97.Jota

Description Macro.Word97.Jota

This macro-virus infects Microsoft Word documents. Upon each document opening, if a document is already infected, the virus starts an internal counter. When the counter exceeds 100, the virus replaces the first 100 commas in documents with a word in Russian, and also deletes 100 randomly-selected words from documents.

Home