Welcome to the Virus Encyclopedia of Panda Security.
The virus prevents users from editing macros through the Visual Basic Editor. When users attempt to access this option the following dialog box is displayed.
This dialog box containing the "Word Basic Err = 7" message is displayed as a result of the execution of the following three macros: Sub ToolMacro(), Sub FileTemplate() and Sub ViewVBCode().Similarly, W97M/Broken.A displays a dialog box with another error message when users attempt to access the About option in the Help menu in Word. This action will occur once infection has taken place or when the infected documents are in use.
This dialog box appears due to action of another macro defined in the virus. This macro is called as follows: Sub HelpAbout().The last of the ten macros that make up the virus is called: Sub FileSaveAs(). This macro enables the display of the "wdDialogFileSaveAs" dialog box, which leads to the execution of the next macro called CAPut (). This is the macro that actually contains the viral code.Besides these on-screen messages, the virus also carries out the following actions:
It disables the macro virus protection in Word. This means that the dialog box that allows users to enable or disable the macros defined in Word documents will not be displayed.
The virus prevents users from saving the changes made to the NORMAL.DOT global template.
W97M/Broken.A attempts to convert the format of a file.
The virus also modifies the properties of the infected document. More exactly, the following text string will be inserted in the Comments field: "JU$t bEEn CAPuted!".W97M/Broken.A also replaces the text in the current documents. In this sense, the virus replaces the "19" strings found in the current document with the following text string: "CAPut!".
ARE YOU FACING ANY PC OR INTERNET RELATED PROBLEMS? FREE SUPPORT INCLUDED. CALL US 24/7
powered by Anytech365