Virus Protection > computer-virus-d-page1 > - darkelf famil

darkelf famil

Webroot Antivirus: The best protection against viruses, spyware data theft and hackers.

Description: Details
DarkElf family

These are harmless memory resident encrypted parasitic viruses, "DarkElf.3691" is a polymorphic virus. They hook INT 21h and write themselves to the end of COM and EXE files that are executed or opened. The viruses do not infect the files: AIDS*.EXE, DRWEB*.EXE, WEB*.EXE, SCAN*.EXE, -*.*, AVP*.*, AVSP*.EXE, TB*.EXE, COMMAND.COM, IBM*.*, WIN*.COM
The viruses use several levels of encryption as well as several anti-debugging tricks. They contain the text strings in Russian and:
"DarkElf.2200":
[Dark Elf] version 2.1 CopyLeft (cl) MSTUdent
18/08/96 03:50:30
AIDS????EXEDRWEB???EXEWEB?????EXESCAN????EXE-??????????AVP????????
AVSP????EXETB??????EXECOMMAND?COMIBM????????WIN?????COM

"DarkElf.3691":
[Dark Elf] version 3.0 CopyLeft (cl) MSTUdent
13/11/96 18:04:13
AIDS????EXEDRWEB???EXEWEB?????EXESCAN????EXE-??????????AVP????????
AVSP????EXETB??????EXECOMMAND?COMIBM????????WIN?????COM
[DEME] Dark Elf Mutation Engine v1.0 CopyLeft (cl) MSTUdent
13/11/96 18:04:13

Updated: 02/24/2006
Copyright @2006 darkelf famil