Amiga Virus Encyclopedia
DataLock 1.01 & 1.02 Virus
Datalock 1.01 and Datalock 1.02 viruses :
Both viruses are VERY agressive and contain very powerfull destructionroutines
Both viruses use direct adress accessing to $7fXXX and do not need the
"trackdisk.device". I have killed two of my harddiscs (one including my WHOLE
VirusWorkshop sources) but I had luckily made a backup 4 days ago. Phew.
DoIo always at $7f858
Kicktag always at $7fade
Very tricky new decoding routine, which will be changed before. Nice...
The viruses killed my RDB on a SCSI-II harddisc and killed some sectors by
overwriting it with some stuff.
The bootblock and another 1024 bytes (V1.02) will be written. At V1.02 there
will be 4 KB written to the bootblock. A very wide destruction.
The V1.01 has an additional destruction routine, which kills the sectors
890-893. At sector 880 there is on normal DD discs the ROOTBLOCK (directory).
It`s therefore possible that very important directory blocks will be killed by
The V1.02 has a different destruction outine. 4 blocks, which will calculated
using a random routine will be killed by overwriting some memorygarbage.
At the end of the virus, you can read (decrypted):
"Datalock 1.1 (C) `94 ALL (?) code by Deathcode."
Test by Markus Schmall Detection tested on 08.02.1994
Ascii of Datalock 1.01 virus:
Ascii of Datalock 1.02 virus: