Virus Database

Dead.257

Description Dead.257

These are dangerous memory resident parasitic viruses. They trace and hook INT 21h, then they write themselves to the end of COM- and EXE-files that are executed, created, opened or closed. On execution the viruses search for COMMAND.COM file and hit it. The 256th (100h) generation of these viruses erase the C: disk sectors. The viruses contain ID-word DEADh (in hex) and the internal text strings:
COMSPEC=
07/29/88

Check other viruses! Be aware! Use Antiviral Software

Macro.Office.Jerk.b

Description Macro.Office.Jerk.b

This is a multi-platform macro-virus infecting Office97 components: Word documents and Excel workbooks and sheets. The virus contains two auto-macros in Excel sheets and Word documents: Document_Close in Word documents, and Workbook_Deactivate in case of Excel workbook or Worksheet_Deactivate in case of Excel sheet.
The virus replicates itself in Excel upon deactivating workbooks. In Word, the virus replicates upon document closing. Upon spreading, the virus infects not only "native" objects, but also exports its code to another Office component if it is installed in the system.
The virus turns off the VirusProtection MS Office option.
Each month from June to December on the 14th ,the virus displays the message:
www.all.net
V guvax <UserName> vf n ovt fghcvq wrex!

Macro.Office.Jerk.d

Description Macro.Office.Jerk.d

This is a multi-platform macro-virus infecting Office97 components: Word documents and Excel workbooks and sheets. The virus contains two auto-macros in Excel sheets and Word documents: Document_Close in Word documents, and Workbook_Deactivate in case of Excel workbook or Worksheet_Deactivate in case of Excel sheet.
The virus replicates itself in Excel upon deactivating workbooks. In Word, the virus replicates upon document closing. Upon spreading, the virus infects not only "native" objects, but also exports its code to another Office component if it is installed in the system.
The virus turns off the VirusProtection MS Office option.
Each month from June to December on the 14th ,the virus displays the message:
www.all.net
V guvax <UserName> vf n ovt fghcvq wrex!

Home