Bowl Virus


 Virus Name:  Bowl 
 Aliases:     Bowl.737 
 V Status:    New 
 Discovery:   January, 1996 
 Symptoms:    .COM file growth 
 Origin:      Unknown 
 Eff Length:  737 Bytes 
 Type Code:   PNC - Parasitic Non-Resident .COM Infector 
 Detection Method:  F-Prot, AVTK, IBMAV, ViruScan, NAV, NAVDX, ChAV, 
                    PCScan, 
                    AVTK/N, IBMAV/N, NShld, NAV/N, Innoc 
 Removal Instructions:  Delete infected files 
 
 General Comments: 
       The Bowl virus was received in January, 1996.  Its origin or point 
       of isolation is unknown.  Bowl is a non-resident, direct action 
       infector of .COM files, but not COMMAND.COM. 
 
       When a program infected with the Bow virus is executed, it will 
       infect one .COM file located in the current directory, though this 
       virus does not infect all .COM files.  Infected .COM files will 
       have a file length increase of 737 bytes with the virus being located 
       at the end of the file.  The program's date and time in the DOS 
       disk directory listing will not be altered.  The following text 
       strings are encrypted within the viral code: 
 
           "How DARE YOU try and trace through my code!!!!" 
           "FuQnLaMaH!!!" 
           "Toilet Bowl Virus by The Methyl-Lated Spirit" 
           "This is generation" 
           "of this virus version 1.1 <2nd release>" 
           "Prepare to control your computer as it enters the Toilet Bowl" 
           "+.COM" 
 
       It is unknown what the Bowl virus may do besides replicate.

Show viruses from discovered during that infect .

Main Page