Summary

This Word 97 virus contains two functions (AutoOpen and AutoExit) a in single module called Jedi_Magic. While infecting the global macros area the virus resets these system variables:

  UserName = "O.B.1. Canobi"
  UserInitials = "OBC"
  UserAddress = "BOOGZI BARBERS ... Food Buster!!!"

Additional Details

The virus detects already infected documents by the checking for the "Force" variable in which it saves the text: "567374-Joseph.A.D.G.". On exiting Word the virus resets its module's attributes:

  VB_Description="Macro created 03/12/98 by Membership & Registry Division"
  VB_ProcData.VB_Invoke_Func = "Normal.Jedi_Magic.AutoExit"

[Eugene Kaspersky]