Virus Database

HLLP.Tomsk.8506

Description HLLP.Tomsk.8506

This is a relatively harmless, non-memory resident parasitic virus written in Pascal. It searches for EXE files in all directories on the current drive, then writes itself to the beginning of the file. To return control to the host program, the virus temporarily disinfects and executes the host file.
The virus also checks write-protect for the current drive. If the current drive is write-protected, the virus displays the following message:
Runtime Error: Disk fool or write protect

and terminates.
On October 20th, the virus displays a message in Russian and waits for a keystroke.
If the command line contains the /? argument, the virus displays its "About" message:
ã====================================-
ƒ Virus 3.14Zdec V 2.0 ƒ
ƒ------------------------------------ƒ
ƒ Target *.EXE ƒ
ƒ Stealth No ƒ
ƒ TSR No ƒ
ƒ Attac speed Slow ƒ
ƒ Danger 0 ƒ
ƒ Effects Yes ƒ
ƒ Length KingSize= ƒ
ƒ Language Turbo Pascal ƒ
ƒ OS Dos, Windows ƒ
ƒRussia, Tomsk, 20/11/1999 ƒ
L====================================-

Check other viruses! Be aware! Use Antiviral Software

Elf.2647

Description Elf.2647

This is a harmless memory resident parasitic polymorphic Poly virus. It hooks INT 21h, and writes itself to the end of COM and EXE files that are executed or opened. While infecting a file, the virus encrypts a block in the file middle that makes a disinfection procedure a little bit complex.
The virus checks file names and does not infect several anti-virus programs: AIDSTEST, DRWEB, ADINF, AVP, NDD, SCAN.
The virus contains the following text strings:
[ELF V-3D]

Elite.191

Description Elite.191

These are harmless nonmemory resident parasitic viruses of quite short length. They search for .COM files in the current directory, then write themselves to the end of the file. The viruses do not manifest themselves in any way.

Home