The most interesting fact regarding this virus is that the author of it is known. He uploaded the virus to a number of BBS, saying that the source code was available for around $20. The virus is a simple .COM infector that adds 857 bytes to any file it infects. It will only infect files on drive A: and B: but it would be easy to "fix" that. An infected program will display the message "Infected!" when it is executed, but otherwise the virus does nothing at all. The virus was uploaded for educational purposes, according to the author, but has now been removed.


Automatic action

Based on the settings of your F-Secure security product, it will either move the file to the quarantine where it cannot spread or cause harm, or remove it.

Find out more

Knowledge Base

Find the latest advice in our Community Knowledge Base.

User Guide

See the user guide for your product on the Help Center.

Contact Support

Chat with or call an expert for help.

Submit a sample

Submit a file or URL for further analysis.

Technical Details


A "new and improved" version. It infects .EXE files as well as .COM files, and is somewhat variable. Some attempts were made to make it difficult to disassemble or modify the virus, but this "protection" is easily defeated. The virus contains one unusual feature, it infects COMMAND.COM by overwriting it, in the same manner as the Lehigh virus does, so no change in length is visible. Unlike Virus-90, this virus was not made available to the public.

Date Created: -

Date Last Modified: -