Virus Name: Explode
V Status: Viron
Discovered: May, 1992
Symptoms: .COM files overwritten; program corruption; file date/time
change; message & overwriting of hard disk cylinder 0;
Eff Length: 229 Bytes
Type Code: ONCK - Overwriting Non-Resident .COM Infector
Detection Method: ViruScan, NAV, AVTK, F-Prot, Sweep, IBMAV,
NAVDX, VAlert, PCScan, ChAV,
Sweep/N, NShld, Innoc, NProt, AVTK/N, LProt, IBMAV/N,
Removal Instructions: Delete infected files
The Explode virus was received in May, 1992. Its origin is
unknown. Explode is a non-resident, overwriting virus which is
very destructive when it activates.
When a program infected with the Explode virus is executed, this
virus will overwrite the first 229 bytes of all .COM files located
in the current drive's current directory. It will also access the
C: drive, overwriting cylinder 0 with binary zeros. Once this
process has completed, the following message is displayed and the
system will be hung:
"Your hard drive is about to explode!"
Attempts to then boot from the system hard disk or an infected
diskette will fail. If the system is booted from an uninfected
system diskette, the boot will be successful, but the hard disk
will be unaccessible.
Programs infected with the Explode virus will have the first 229
bytes of the host program overwritten with the Explode viral code.
The file's date and time in the DOS disk directory will have been
updated to the current system date and time when infection
occurred. The following text strings are visible within infected
"*.COM Your hard drive is about to explode!"
"Program too big to fit in memory."
"UABBS -/\-] Ajax [-/\-"