DHeart Family
Description DHeart Family
These are not dangerous not memory resident parasitic viruses. They search for executable files (by using internal masks "*.com" or "*.exe") and write themselves to the file end. After infection they display messages.
"DHeart.452" infects EXE-files, it displays double hearts (03h ASCII)
"DHeart.649" hits .COM-files except IBMBIO.COM and IBMDOS.COM. Depending on its internal counter it decrypts and displays the message:
From Russia with love!
Check other viruses! Be aware! Use Antiviral Software
Macro.Word97.Carrier
Description Macro.Word97.Carrier
This virus contains three macros in one class "ThisDocument": Document_Close, Document_New, Document_Open, and two in module "Agent": AutoOpen, FileSaveAs.
The virus replicates on documents opening, closing or creating. The replication routine used Import/Export functions via the C:NORMAL.BAS in case of NORMAL.DOT and C:DOCUMENT.BAS file in case of documents.
The virus has the comment which is used to detect already infected files:
REM WRITTEN BY LORD ARZ
The virus sets the caption for all windows:
Infected by the Carrier virus (a trooper has already landed)
Macro.Word97.Cascade
Description Macro.Word97.Cascade
This virus contains eight macros in one module "Cascade": AutoNew, AutoOpen, FileNew, FileSaveAs, FileTemplates, PayCascade, ToolsMacro, ViewVBCode. It infects the global macros area on opening an infected document (AutoOpen), and spreads itself to other documents on saving them with new name (FileSaveAs).
On creating a new document or file the virus displays one of the MessageBoxes:
Virus Cascade
Une CASCADE de lettre va s'afficher sur votre écranall
Virus Cascade
Je suis de retour...
The virus then manifests itself by video effect: it drops in the Word window random selected letters.
|
Home
Viruses from A to Z
0-9
A
B
Ñ
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
|