macro virus

Sean, i wouldn't think so going by the below:

Name: W97M/Pri
Aliases: Pri,PSD,W97M/Pri.B,W97M/Pri.A
Variants:
Type: Word 97 Macro
Platforms: Microsoft Word
Status: not known to be in the wild
Threat: low

The following has been derived from information provided by Sophos.

Virus Characteristics

W97M/Pri is a polymorphic Word 97 macro virus.

It activates when an infected document is opened. At this point it will check if the global template is already infected, and if not it copies itself and modifies itself during the process.

When the virus has infected the global tempate, it infects all documents when they are closed. Also the "Tools/Macros/Visual Basic Editor" menu is hooked rendering it unusable.

Payload

The virus checks if the hour of the current time and the minutes are equal as a part of infection. If the check passes, the payload will create ten random shapes in random colors in the current document.

Variants

W97M/Pri.B is very similar to W97M/Pri.A but adds code to the hooked "Tools/Macros/Visual Basic Editor" menu that causes Word to quit immendiately without saving any changes. W97M/Pri.B will also create a random number of shapes instead of ten when activated.

Dave

OzGrid Business Applications

Hi again,

Would I have to delete all my WORD files I used, edited and saved during the infection...even though Mcafee, Norton, VET and Quick heal do not find any viruses on those files?

thanks

Dave

Would I have to delete all my WORD files I used, edited and saved during the infection...even though Mcafee, Norton, VET and Quick heal do not find any viruses on those files?

Hi Sean

I'm by no means up to speed with viruses, so I would suggest going to the website of your virus protector.

Dave

OzGrid Business Applications