Explosion Virus


 Virus Name:  Explosion 
 Aliases:     Neznamy 
 V Status:    Rare 
 Discovered:  June, 1993 
 Symptoms:    .COM & .EXE growth; 
              decrease in total system & available free memory 
 Origin:      Unknown 
 Eff Length:  1,000 Bytes 
 Type Code:   PRhAK - Parasitic Resident .COM & .EXE Infector 
 Detection Method:  ViruScan, F-Prot, AVTK, IBMAV, Sweep, 
                    NAV, NAVDX, VAlert, PCScan, ChAV, 
                    NShld, AVTK/N, Sweep/N, NProt, Innoc, IBMAV/N, NAV/N, 
                    LProt 
 Removal Instructions:  Delete infected files 
 
 General Comments: 
       The Explosion virus was received in June, 1993.  Its origin or 
       point of isolation is unknown.  Explosion is a memory resident 
       infector of .COM and .EXE programs, including COMMAND.COM. 
 
       When the first Explosion infected program is executed, this virus 
       will install itself memory resident at the top of system memory but 
       below the 640K DOS boundary, not moving interrupt 12's return. 
       Total system and available free memory, as indicated by the DOS 
       CHKDSK program, will have decreased by 1,008 bytes.  Interrupt 21 
       will be hooked by Explosion in memory. 
 
       Once the Explosion virus is memory resident, it will infect .COM 
       and .EXE programs when they are executed.  Infected programs will 
       have a file length increase of 1,000 bytes with the virus being 
       located at the end of the file.  The program's date and time in the 
       DOS disk directory listing will not be altered.  No text strings 
       are visible within the viral code. 
 
       It is unknown what Explosion may do besides replicate.

Show viruses from discovered during that infect .

Main Page