Kaspersky Threats

Class

Platform

Description

Technical Details

This is an Excel macro-virus containing eight procedures in the module “A-TDK”:
Save, auto_open, scan, Status, DO_EVERYTHING, DO_SOMETHING, nexts, and check.
The virus infects workbooks upon workbook opening or activating any of its
sheets. The infection procedure creates an infected workbook with the name
“TDK-MAC.XLS” in the Excel StartUp directory, and also infects the active
workbook.

If the value in the “A16384” cell is not the “uedasan” text, the virus starts
its payload procedure. In April, it removes all files with the extension “.SYS” from the C: root directory that also have hidden and system
attributes set (C:IO.SYS, C:MSDOS.SYS). If the month is later than April
and the time hour is less than six a.m., the virus removes all files in the current
directory that have hidden and system attributes set.

Find out the statistics of the threats spreading in your region

Class	Virus
Platform	MSExcel
Description	Technical Details This is an Excel macro-virus containing eight procedures in the module “A-TDK”: Save, auto_open, scan, Status, DO_EVERYTHING, DO_SOMETHING, nexts, and check. The virus infects workbooks upon workbook opening or activating any of its sheets. The infection procedure creates an infected workbook with the name “TDK-MAC.XLS” in the Excel StartUp directory, and also infects the active workbook. If the value in the “A16384” cell is not the “uedasan” text, the virus starts its payload procedure. In April, it removes all files with the extension “.SYS” from the C: root directory that also have hidden and system attributes set (C:IO.SYS, C:MSDOS.SYS). If the month is later than April and the time hour is less than six a.m., the virus removes all files in the current directory that have hidden and system attributes set.
	Find out the statistics of the threats spreading in your region

Virus.MSExcel.Uedasun

Technical Details