Selected viruses, spyware, and other threats: sorted alphabetically
Tanpro |
This is a 524 bytes long, resident COM and EXE infector. The virus is installed into memory after executing an infected file. It attacks files only when they are run. The virus distinguishes the type of file being attacked according to its extension. It attacks only files with length less than 64000 bytes, not depending on the file type. The virus temporarily allocates 64 KB of memory and reads in the whole file which is to be infected. It writes its body to the beginning of the file and behind it the whole original contents of the file are added. In this way the EXE files are converted to COM files. Upon executing the infected program a temporary file is created. Into it the uninfected copy of the original file is copied and the virus executes it. The temporary file is subsequently deleted. In the virus body the following text can be seen:
(c)tanpro'94
© 1992-2004 Eset s.r.o. All rights reserved. No part of this Encyclopedia may be reproduced, transmitted or used in any other way in any form or by any means without the prior permission.
