Threat Description



Aliases: Qrry, Query, Essex
Category: Malware
Platform: W32


The Qrry virus is a reasonably simple diskette and Master Boot Record infector. It is only able to infect a hard disk when you try to boot the machine from an infected diskette. At this time Qrry infects the Main Boot Record, and after that it will go resident to high DOS memory during every boot-up from the hard disk.

Once Qrry gets resident to memory, it will infect practicly all non-writeprotected diskettes used in the machine.

Qrry contains the text 'QRry'. It doesn't recognize 1.44MB HD correctly, and overwrites one sector in the middle of the data area. This area is cylinder 39, Side 1, Sector 9.

Qrry activates in December, when it overwrites part of the hard disk.


Automatic action

Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.


Detailed instructions for F-Secure security products are available in the documentation found in the Downloads section of our Home - Global site.

You may also refer to the Knowledge Base on the F-Secure Community site for further assistance.


Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More