Main Menu
Home
Bookmark
Contact Us

Categories
  Adware
  Adware Bundler
  AOL Exploit
  Backdoor
  Browser Hijacker
  Browser Plug-in
  Commercial Key Logger
  Commercial Remote Control
  Cookie
  Dialer
  E-Mail Flooder
  Hostile ActiveX Control
  ICQ Exploit
  Joke Program
  Key Logger
  Loader
  Low Risk Adware
  Misc
  Nuker
  P2P
  Password Hijacker
  Potential Privacy Risk
  Potentially Dangerous Tools
  RAT
  Search Hijacker
  Security Disabler
  Spyware
  Stealth Notifier
  Surveillance
  Toolbar
  Trojan
  Trojan Downloader
  Trojan FTP
  Trojan Telnet
  Viruses
  Worm
 


 
Macro.Word97.Melissa.w (a.k.a .W97M.Pri.Q a.k.a. Viruses Information

Name: Macro.Word97.Melissa.w (a.k.a .W97M.Pri.Q a.k.a.
Category: Viruses
Description: Details
Macro.Word97.Melissa.w (a.k.a .W97M.Pri.Q a.k.a. W

This virus spreads as an ordinary macro-virus and at the same time, it has the ability for spreading via e-mail. The e-mail spreading routine is very similar to that which the Macro.Word97.Melissa virus uses. Each time the virus gains control, it runs an e-mail-spreading routine. This routine attempts to gain access to the MS Outlook application. If the attempt is successful, the routine creates new e-mail messages sent to the first 50 recipients from each address list in the Outlook address book. The virus messages contain:
Subject: Message From
Body: This document is very Important and you've GOT to read this !!!

The messages also contain an attached infected document.
To prevent duplicate messages being sent from the same computer, the virus creates a registry key. Each time before spreading via e-mail, the virus checks this key and if it is present, the virus does not create messages. The registry key is:
"HKCUSoftwareMicrosoftOfficeCyberNET" = "(C)1999 - Indonesia by AnomOke!"

The virus has a payload that triggers on 25 December. On this day, the virus overwrites the "C:AUTOEXEC.BAT" file by putting in commands that attempt to format the C: drive upon the next reboot. The virus then displays the following message:
(C)1999 - CyberNET
VineallVide...Vice...Moslem Power Never End...
You Dare Rise Against Me...The Human Era is Over, The CyberNET Era Has Come !!!

The payload routine also inserts up to 70 different shapes of random colors into the active document.
The virus uses a VAMP-based polymorphic engine that changes variable names in the virus code randomly.



Top Viruses Visited Pages:
Invader. - 239 visits
not-a-virus:RiskWare.Tool.RegPatch. - 72 visits
Worm.P2P.Harex. - 66 visits
not-a-virus:RemoteAdmin.Win32.RAdmin.2 - 60 visits
Small.58. - 56 visits
Coito.64 - 54 visits
I-Worm.Mapson. - 48 visits
Win16.Klon.1177 - 42 visits
Win32.Hidra - 42 visits
Marine.500 - 35 visits

Random Viruses Pages:
Assignation Famil
XPEH Famil
Config_Boot.
YZ.123
Macro.Office.Confuse
Indonga.206
Frankenstei
Email-Worm.Win32.Bagle.c
Moose Famil
Trojan.DOS.Qhost.


 

© 2006-2008 spyware32.com - Privacy Policy