Waca.1700
Description Waca.1700
It is a very dangerous memory resident parasitic virus. It hooks INT 21h and writes itself to the end of .COM and .EXE files (except COMMAND.COM and BACKUP.EXE) that are executed or opened. Depending on the system timer the virus deletes files with extensions: DOC, HLP, PAS, ARJ. Depending on its random counter the virus erases data on the hard drive and displays the message:
Satana brings you much pain! You forgot that !
If you want to die DO IT IN MIDNIGHT!
[acaW]
Check other viruses! Be aware! Use Antiviral Software
Macro.Excel.Extras.a
Description Macro.Excel.Extras.a
This virus infects Excel sheets. It contains fiveteen functions in one random named module: Auto_help, Auto_Open, Auto_Close, Auto_Exit and others with random names.
While infecting sheets the virus copies its module with a randomly selected name. While infecting Excel the virus creates an infected sheet in the Excel startup directory. The name of this sheet depends on the installed system:
System File name
------ ---------
Windows 3.xx EXTRAS.XLS
Macintosh Macintosh Extras
Windows 95/NT/all Windows Extras.xls
Depending on the system random counter the virus creates directories with random selected names. Starting from 1999 the virus hides the selected Excel menus randomly.
Macro.Excel.Hidemod
Description Macro.Excel.Hidemod
This virus infects Excel sheets. It contains six macros: Auto_open, Auto_close, ChangeCell, CreatePers, CheckV101, HideModV101 and several functions in one module "ModulV101".
To infect the system the virus creates the infected PERSONAL.XLS file in the ALTSTART directory and declares it as the Alternate Startup directory. To create this file the virus looks for Windows directory and creates it there:
C:WINDOWSALTSTART
C:WIN95ALTSTART
D:WINDOWSALTSTART
D:WIN95ALTSTART
If there is no such directories, the virus creates alternate directory on the C: drive: C:ALTSTART.
To infect other sheets the virus hooks sheets activation procedure. The virus handler also has stealth ability: it does not allow to examine a module with the virus, switching current page to first non-virus found.
The virus also hooks formulas calculation procedure and with probability 30% erases the source formula and replaces it with calculated result (i.e. this cell will be not recalculated).
|
Home
Viruses from A to Z
0-9
A
B
Ñ
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
Bildung Und Wissenschaft
Laptop Ac Adapter
Sms Verschicken
Self Storage Chicago
|