S-Bug is a highly polymorphic virus that has been reported to
be in the wild in USA and in several other locations.
Virus stays resident in memory occupying 9 KB's of DOS memory.
It hooks the following INT 21h functions: 3Dh, 4Bh, and 6Ch.
Infected files grow in size between 4k and 5k bytes.
Infected EXE and overlay files may fail to execute correctly.
Virus includes string "Satan Bug virus - Little Loc".
The virus will only become resident if the environment variable
COMSPEC= is set to point to a file called COMMAND.COM.
S-Bug virus also removes validation codes added to files by McAfee
SCAN and CPAV's Immunize function.
![](/images/pixel.gif"){kind=tracking}
