Main Menu
Home
Bookmark
Contact Us

Categories
  Adware
  Adware Bundler
  AOL Exploit
  Backdoor
  Browser Hijacker
  Browser Plug-in
  Commercial Key Logger
  Commercial Remote Control
  Cookie
  Dialer
  E-Mail Flooder
  Hostile ActiveX Control
  ICQ Exploit
  Joke Program
  Key Logger
  Loader
  Low Risk Adware
  Misc
  Nuker
  P2P
  Password Hijacker
  Potential Privacy Risk
  Potentially Dangerous Tools
  RAT
  Search Hijacker
  Security Disabler
  Spyware
  Stealth Notifier
  Surveillance
  Toolbar
  Trojan
  Trojan Downloader
  Trojan FTP
  Trojan Telnet
  Viruses
  Worm
 


 
Macro.Word.Erase Viruses Information

Name: Macro.Word.Erase
Category: Viruses
Description: Details
Macro.Word.Eraser

These are very dangerous encrypted China-Word specific macro viruses. "Eraser.a" contains 8 macros: ERASER, AutoOpen, FileNew, FileOpen, ZlockMacro, Games, ToolsMacro. "Eraser.b" contains 7 macros: CKE, AutoOpen, FileNew, FileOpen, ZlockMacro, ToolsMacro, FileTemplates.
Only one macro (FileOpen) contains the infection routine, other macros contain the trigger routines.
Eraser.b
On FileTemplates call, the virus runs the DOS command "echo y|format c:/u". On ToolsMacro call, the virus beeps three times and drops and launches DOS multipartite virus "Hare.7786" and DOS parasitic virus "Europe.421". Depending on the system date the virus appends to the C:AUTOEXEC.BAT file the command:
FORMAT C:/S/U/V:CKE>NUL

The virus displays MessageBoxes in Chinese with the string:
Chungking Express Macro Virus



Top Viruses Visited Pages:
Invader. - 241 visits
not-a-virus:RiskWare.Tool.RegPatch. - 73 visits
Worm.P2P.Harex. - 67 visits
not-a-virus:RemoteAdmin.Win32.RAdmin.2 - 60 visits
Small.58. - 56 visits
Coito.64 - 54 visits
I-Worm.Mapson. - 48 visits
Win32.Hidra - 43 visits
Win16.Klon.1177 - 42 visits
Marine.500 - 35 visits

Random Viruses Pages:
Scitzo Famil
Macro.Word.Tabulato
Schubert.32
I-Worm.Kitro.
Larry.491.
Sopron.93
GT-Spoof.113
Incubus Famil
Macro.Word.Anti-IV
Magick.41


 

© 2006-2008 spyware32.com - Privacy Policy