Xtac stays resident in memory and infects COM and EXE files when they are executed. COMMAND.COM is infected by overwriting an unused area.
Allow F-Secure Anti-Virus to disinfect the relevant files.
For more general information on disinfection, please see Removal Instructions.
Sometimes the virus deletes files with the following extensions:
Xtac contains the following unencrypted internal text:
good news! you have justbeen smitten by XTAC - lyndon siao, usc-tc
Xtac was reported to be in the wild in the USA in January 1996.