Macro.Word.MDM
Details
Macro.Word.MDMA
Macro.Word.MDMA is an encrypted virus, it contains only one macro AutoClose and infects the system and files on closing a file.
On 1st of any month the virus corrupts the files depending on the installed system and then display the message box with the text:
MDMA_DMV
You are infected with MDMA_DMV.
Brought to you by MDMA (Many Delinquent Modern Anarchists).
Under Windows the virus deletes the C:\SHMK file and overwrites the C:\AUTOEXEC.BAT with the commands:
@echo off
deltree /y c:
@echo You have just been phucked over by a virus
As a result after rebooting all files in all subdirectories will be deleted.
Under Windows NT the virus deletes all files in the root directory as well as the C:\SHMK file.
Under Macintosh the virus deletes the files in system directory(?).
Under other systems (Windows 95) the virus deletes the C:\SHMK file and all *.HLP files in C:\WINDOWS\ directory. The virus then sets some private profile strings and deletes all *.CPL files in C:\WINDOWS\SYSTEM\ directory.
Related Posts