Threat Description

AccessiV

Details

Category: Malware
Platform: W32
Aliases: AccessiV, JETDB, AM/AccessiV, A97M/AccessiV, JETDB_ACCESS, Jerk1n, Access virus

Summary


This is a macro virus which infects Microsoft Access database file (*.MDB). It is known by several different names, such as AccessiV or JetDB.



Removal


Automatic action

Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.

More scanning & removal options

More information on scanning or removal options is available in the documentation for your F-Secure security product on the Downloads section of our Home - Global site.

You may also refer to the Knowledge Base on the F-Secure Community site for more information.

Contact Support

For further assistance, F-Secure customers can request support online via the Request support or the Chat forms on our Home - Global site.



Technical Details


Found in March, 1998, JetDB was the first virus to infect Access files. It only replicates under English Access 97.

JetDB is not known to be in the wild.

The virus replaces in databases the Autoexec script ("macro" in Access terms) and copies additional macro ("module" in Access terms) to the database. This macro is called "virus".

When infected database is opened, the Autoexec script is activated. It immediately calls virus function named "AccessiV" which searches for all databases (*.MDB) in the current directory and infects them.

The virus does not manifest itself in any other way. It contains these comments:

Find MS Database File!         Find another MS Database File!  

AM is an abbreviation for AccessMacro, A97M is an abbreviation of Access 97 Macro.

FSAV has been able to detect and disinfect this virus since April 8th, 1998.


Variant:AccessiV.B

This variant is also able to infect MDB files in other directories. AccessiV.B activates on the 3rd of every month, by creating a program through DEBUG script and activating it.

AccessiV.B contains these texts:

I am the AccessiV virus, Strain B         AccessiV was/is the first ever Access Virus!!!         AccessiV - Strain B  

[Eugene Kaspersky and Mikko Hypponen]






SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More