x
48h OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
SPECIAL OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET A 50% OFF
x
CHRISTMAS OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 40% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 50% OFF
x
BLACKFRIDAY OFFER
Buy the best antivirus
at the best price
TODAY ONLY UP TO 70% OFF
x
CYBERMONDAY OFFER
Buy the best antivirus
at the best price
(Only for homeusers)
TODAY ONLY UP TO 70% OFF
Active Scan. Scan your PC free
Panda Protection

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Gruel.E

Threat LevelHigh threatDamageSevereDistributionNot widespread
Common name:Gruel.E
Technical name:W32/Gruel.E
Threat level:Medium
Type:Worm
Effects:  

It deletes key files that Windows needs to work correctly, hides the C: drive, disables the Taskbar and certain options in the Start menu. It spreads via email or through the P2P program KaZaA.

Affected platforms:

Windows XP/2000/NT/ME/98/95

Detection updated on:April 27, 2009
StatisticsNo

Brief Description 

    

Gruel.E is a worm that deletes many key files of the Windows system directory. Additionally, it opens several windows in the Control Panel, opens and closes the CD-ROM tray, disables the Taskbar, hides the C: drive, displays messages on screen, etc.

Gruel.E uses two different means to spread:

  • Via email in a message with the attached file OFFICEXPTRIAL.EXE.
  • Through the peer-to-peer file sharing program (P2P) KaZaA. Gruel.E copies itself in the shared directory under the name MATRIX RELOADED 2 AVI.EXE.

Visible Symptoms 

    

Gruel.E is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.

However, when #nombrevirus # spreads via email, it reaches the computer in a message with the attached file OFFICEXPTRIAL.EXE.

When Gruel.E is run, it displays the following message on screen, which is a fake Windows error message:

In order to consult the routine followed by Gruel.E, click here.