The WordMacro/Strezz virus consist of three encrypted macros: AutoOpen,
FilePrint and FileSaveAs. Each of them contains the following comments:
Virus : STREZZ.WinWord
Author : Dark Love & Lady Love
When the virus infects the global template, it removes the following menus
from Word, making it impossible to view the macros of the virus:
Strezz activates when files are printed. At this time it removes the
Edit/Undo menu and prints the following text before the original
Special for my love by
The Free Hackers
Viroright (C) 1997 Internation Virus Research
If you have bugs, please call me and don't stress for it!
I will back laler!
The above extra lines can easily go undetected by the user if he's
using a fax driver to fax the document directly from Word.
However, after the printing (or faxing) has finished, the virus displays
the following text:
You are STREZZ now, I'm sorry for it!
[IVR] - Internation Virus Research
[Analysis: Peter Szor, F-Secure, 1997]