F-Secure Virus Descriptions : Joke.Win32.Russ
| NAME: | Joke.Win32.Russ |
| ALIAS: | Joke.Win32.Jep, Virus game, Russ, Jep, Jep/Russ |
| SIZE: | 916480 |
This is not a virus but a joke program written with Delphi.
Joke.Win32.Russ advertises a 3D action computer game called "VIRUS".
It does this in a very strange manner - imitating all folders deletion
from a hard disk. This is why it is detected - to prevent shocking
of computer users.
When the program is executed it opens a small window with a
yellow smiling face icon and a message:
Please Wait. Initializing...
Then the Explorer window is opened viewing Windows 95 root
folder. Immediately the 'Confirm Folder Delete' dialog is showed
asking:
Are you sure you want to delete 'Win95' folder
and all its contents ?
There's no way the "No" button can be pressed as mouse cursor
evades it. After several seconds the joke imitates deletion of
Windows 95 folder and then all the rest folders on drive C: are
"deleted".
In the end the joke opens the 'Shutdows Windows' dialog with
grayed 'No' button, 'Restart the computer?' and 'Close and log as
a different user?' options. Shortly after that the computer is
'restarted', the screen goes blank.
After a few seconds the following message is printed in big green
letters one by one:
Thank god this is only a game...
Finally a new 3-D computer game advertisment is shown as two
pictures containing its description and distributors addresses.
After pressing a key the joke passes control to the system.
We recommend that this joke is deleted instead of passing it around.
[Analysis: Alexey Podrezov, F-Secure]
|
