Virus Database

Urfin.317

Description Urfin.317

It's a harmless memory resident parasitic virus. It hooks INT 21h and writes itself to the end of COM-files that are executed. It contains an internal text string in Russian.

Check other viruses! Be aware! Use Antiviral Software

ArjDropper.402

Description ArjDropper.402

It is a harmless nonmemory resident virus-worm 402 bytes of length. When an infected file is executed, the virus searches for ARJ archives and appends its copy to archives that are found. The virus copy in archives is stored in format of ARJ data and has the filename RUNME.COM. This RUNME.COM file contains a copy of the virus, and being extracted from infected archive it may spread the virus code to other archives. The virus contains the text strings:
*.ARJ
ARJDrop by Qark/VLAD
RUNME.COM

ArjRar.2821

Description ArjRar.2821

This is a relatively harmless, non-memory resident virus-worm. It searches for ARJ and RAR archives and appends its copy to archives that are found. The virus copy in archives is stored in the format of ARJ or RAR data and has the filename RUNME.COM in ARJ archives and RUN_ME_.COM in RAR. These "run-me" files contain a copy of the virus, and upon being extracted from an infected archive, they may spread the virus code to other archives.
In August, the virus drops the file PRESENT.COM, and upon being executed, it displays the following texts:
Citat klasika:
K anielovi chrbtom.
Tak zacal som cestou hirechu ist.
K anielovi chrbtom,
len 12 krokov,
a 12 ozvien na ne,
a dosiel som tam,kam som nemal prist
Dedicated to my friends Suzy&PEDRO
[an ANGEL-Sign of immortality]
by Blesk 8^)
Present by Blesk wish You
HAPPY B-DAY
Suzy

The virus also contains the following text strings:
*.ARJ *.RAR
RAR'n'ARJ Dropper by Qark/VLAD.
RAR support included by Blesk

Home