Threat Description



Category: Malware
Type: Constructor
Platform: W32
Aliases: IVP, IVP-Based


IVP stands for Instan Virus Producer. This is a virus creating program written by a group called YAM. There are well over 100 different variant created with it in the circulation. Typical viruses created with IVP are simple and buggy COM and EXE infectors.


Automatic action

Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.

More scanning & removal options

More information on scanning or removal options is available in the documentation for your F-Secure security product on the Downloads section of our Home - Global site.

You may also refer to the Knowledge Base on the F-Secure Community site for more information.

Contact Support

For further assistance, F-Secure customers can request support online via the Request support or the Chat forms on our Home - Global site.

Technical Details

One IVP variant, IVP.647.B, become relatively widespread in the summer of 1996, as it was distributed over the internet.

Variant:IVP.848 (Die Hard 2)

This is a direct action infector. It infects COM and EXE files which will increase by 848 bytes in size. The body of the virus is encrypted. The virus activates on 7th of June, every year after 1995. At this time it displays this message:

*** SW DIE HARD 2 (The Return of the Doom) ***   Thanks God for making me alive again!   [IVP]  

After this the virus overwrites 1996 (or 1997, 1998 etc.) sectors from the hard drive.

The virus also contains these texts which are not displayed by the virus:

 Die Hard 2 (The Unbeatable) Sailor Moon  

IVP.868 virus is not related to Die_Hard virus.


Some IVP variants are detected as 'Bubbles' by some antivirus products.

See also: VCL, PS-MPC

Technical Details:Peter Szor, F-Secure, 1996


Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More