Threat Description

Virus-90

Details

Aliases: Virus-90
Category: Malware
Type: Virus
Platform: W32

Summary



The most interesting fact regarding this virus is that the author of it is known. He uploaded the virus to a number of BBS, saying that the source code was available for around $20. The virus is a simple .COM infector that adds 857 bytes to any file it infects. It will only infect files on drive A: and B: but it would be easy to "fix" that. An infected program will display the message "Infected!" when it is executed, but otherwise the virus does nothing at all. The virus was uploaded for educational purposes, according to the author, but has now been removed.



Removal



Automatic Disinfection

Allow F-Secure Anti-Virus to disinfect the relevant files.

For more general information on disinfection, please see Removal Instructions.



Technical Details




Variant:Virus-101

A "new and improved" version. It infects .EXE files as well as .COM files, and is somewhat variable. Some attempts were made to make it difficult to disassemble or modify the virus, but this "protection" is easily defeated. The virus contains one unusual feature, it infects COMMAND.COM by overwriting it, in the same manner as the Lehigh virus does, so no change in length is visible. Unlike Virus-90, this virus was not made available to the public.






SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More