Class | Virus |
Platform | MSWord |
Description |
Technical Details
In some cases it sets the password “xenixos” for infected documents, displays the message:
While printing the documents it appends:
On 1st of may the virus writes the string to the AUTOEXEC.BAT file:
This virus also launches “Neurobasher.b” multipartite virus. To do that the virus creates the C:DOSSCRIPT.SCR file, and writes hexadecimal dump of that virus into there. Then the virus creates the C:DOSEXEC.BAT file, and writes the strings into there:
Then the virus executes that file. As the result DEBUG.EXE creates the DEBUGGER.EXE file, and C:AUTOEXEC.BAT has new string at its end:
So, the last command of AUTOEXEC.BAT launches dropper of “Neurobasher.b” virus. |
Find out the statistics of the threats spreading in your region |