| Alias: | --- |
| Strain: | REVENGE 1.2G Virus Strain |
| detected when: | |
| where: | Australia |
| Classification: | System virus (bootblock), resident |
| Length: | 1. Length on storage medium: 1024 byte 2. Length in RAM : 1024 byte |
Preconditions | |
| Operating System(s): | AMIGA-DOS |
| Version/Release: | 1.2/33.180 |
| Computer model(s): | AMIGA 500, AMIGA 1000, AMIGA 2000A, AMIGA 2000B |
| Caroname: | Revenge_1_2G.Sendarian |
Attributes | |
| Easy identification: | Typical text: 'fuck','off','Sendarian #1! Count' |
Type of Infection: | System infection: RAM resident, reset resident, bootblock |
| Infection Technique: | |
| Infection Trigger: | reset (CONTROL+Left-AMIGA+Right-AMIGA) operation: any disk access |
| Storage Media affected: | only floppy disks (3.5" and 5.25") |
| Interrupts hooked: | Vertical Blank interrupt (IV 5) |
| Stealth: | |
| Tunneling/Selfprot: | |
| Oligo/Polymorphism: | |
| Encoding Method: | |
| Damage: | Permanent damage: overwriting bootblock Transient damage: after infecting a disk and next reset, mouse pointer will look like a penis after one minute. |
| Damage Trigger: | Permanent damage: reset; any disk access Transient damage: infecting a disk followed by reset and 1 minute delay. |
| Particularities: | Resident programs using the CoolCaptureVector are shutdown; virus uses DoIOVector and counts vertical blanks until he will bring up his new pointer; Virus behaves as Antivirus-Virus detecting BYTE BANDIT, SCA and SCA clones. |
| Similarities: | REVENGE 1.2G virus strain |
Agents | |
| Countermeasures: | CHECKVECTORS 2.2,GUARDIAN 1.2,VIRUSX 4.0, own suicide function (see elimination) |
| Standard means: | CHECKVECTORS 2.2 |
Acknowledgements | |
| Location: | Virus Test Center, University Hamburg, Germany |
| Classification by: | Wolfram Schmidt |
| Documentation by: | Wolfram Schmidt |
| Date: | 15-July-1991 |
| Information Source: | --- |
(c) 1996 Virus-Test-Center, University of Hamburg