DelCmos is a typical boot sector virus. It is only able to infect a
hard disk when you try to boot the machine with an infected diskette
in drive A:. At this time the virus infects the Master Boot Record
(MBR) of the hard drive, and after that it will go resident to high
DOS memory during every boot-up from the hard disk. Once the virus
gets resident to memory, it will infect practicly all non-write-
protected diskettes used in the machine.
DelCmos allocates two kilobytes of memory while it is active. This
can be seen as a decrease in the total amount of DOS memory - it drops
from 640kB to 638kB. DelCmos assumes that the machine has full 640kB
of DOS memory. This is not always the case, as some systems reserve
a kilobyte or two for internal BIOS needs. In this case, DelCmos will
just crash the machine every time it's booted after the infection.
DelCmos also assumes the A: drive of the machine to be a 3.5" HD
(1.44MB) drive. If it's a 5.25" drive or a 3.5" DD or ED drive,
floppies may be corrupted during infection. They can be fixed
with the FIXBOOT program.
DelCmos.A contains a routine to overwrite the CMOS SETUP information.
DelCmos.B has this activation routine removed; it does nothing except
spreads.
DelCmos.A is known to be in the wild in the USA. DelCmos.B was reported
to be in the wild in Spain in January 1996.
![](/images/pixel.gif"){kind=tracking}
