Class | Virus |
Platform | MSWord |
Description |
Technical Details
It infects global macros area on opening or closing an infected document (AutoOpen, FileClose). It infects documents on saving and saving with new name (FileSave, FileSaveAs). While infecting documents the virus stores renames its macros (see above) with random names and saves references to them to document’s variables.
On October 24th the virus creates and spawns the PCGURU4.BAT file that contains the instructions:
|
Find out the statistics of the threats spreading in your region |