The most interesting fact regarding this virus is that the author of it is known. He uploaded the virus to a number of BBS, saying that the source code was available for around $20. The virus is a simple .COM infector that adds 857 bytes to any file it infects. It will only infect files on drive A: and B: but it would be easy to "fix" that. An infected program will display the message "Infected!" when it is executed, but otherwise the virus does nothing at all. The virus was uploaded for educational purposes, according to the author, but has now been removed.
Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.
Detailed instructions for F-Secure security products are available in the documentation found in the Downloads section of our Home - Global site.
You may also refer to the Knowledge Base on the F-Secure Community site for further assistance.
A "new and improved" version. It infects .EXE files as well as .COM files, and is somewhat variable. Some attempts were made to make it difficult to disassemble or modify the virus, but this "protection" is easily defeated. The virus contains one unusual feature, it infects COMMAND.COM by overwriting it, in the same manner as the Lehigh virus does, so no change in length is visible. Unlike Virus-90, this virus was not made available to the public.