Revenge v1.2G Virus - Amiga Virus Encyclopedia

VIRUS HELP TEAM



 --------------------------
 Amiga Virus Encyclopedia
 Revenge v1.2G Virus
 --------------------------

       
===== Computer Virus Catalog 1.2: REVENGE 1.2G Virus (5-June-1990) ====
Entry...............: REVENGE 1.2G Virus
Alias(es)...........: ---
Virus Strain........: ---
Virus detected when.: 8th September 1989
              where.: Elmshorn, FRG
Classification......: system virus (bootblock), resident
Length of Virus.....: 1. length on storage medium: 1024 byte
                      2. length in RAM           : 1024 byte
--------------------- Preconditions -----------------------------------
Operating System(s).: AMIGA-DOS
Version/Release.....: 1.2/33.180
Computer model(s)...: AMIGA 500, AMIGA 1000, AMIGA 2000A, AMIGA 2000B
--------------------- Attributes --------------------------------------
Easy Identification.: typical text:'fuck','off','Revenge V1.2G','Count:'
                      virus feature: holding down the joystick button
                         (port 2) during system reboot will shut down
                         the virus (red screen); pressing the joystick
                         button and the mouse button (port 1) will
                         remove the virus from RAM and turn the screen
                         blue
Type of infection...: self-identification method: 5th longword
                         ($ 49443932 = ascii 'ID92')
                      system infection: RAM resident, reset resident,
                         bootblock
Infection Trigger...: reset (CONTROL + Left-AMIGA + Right-AMIGA)
                      operation: any disk access
Storage media affected: only floppy disks (3.5" and 5.25")
Interrupts hooked...: vertical blank interrupt (IV 5)
Damage..............: permanent damage: overwriting bootblock
                      transient damage: after infecting a disk and the
                         next reset the mouse pointer will become a
                         penis after one minute
Damage Trigger......: permanent damage: reset
                         operation: any disk access
                      transient damage: infecting a disk with following
                         reset and 1 minute
Particularities.....: a resident program using the CoolCaptureVector is
                         shut down; uses DoIOVector; counts vertical
                         blanks until it's time to bring up his new
                         pointer; virus detects BYTE BANDIT, SCA and
                         SCA clones.
Similarities........: ---
--------------------- Agents ------------------------------------------
Countermeasures.....: Names of tested products of Category 1-6:
                      Category 1: .2 Monitoring System Vectors:
                                     'CHECKVECTORS 2.2'
                                  .3 Monitoring System Areas:
                                     'CHECKVECTORS 2.2','GUARDIAN 1.2',
                                     'VIRUSX 4.0'
                      Category 2: Alteration Detection: --
                      Category 3: Eradication: 'CHECKVECTORS 2.2'
                                     'VIRUSX 4.0'
                      Category 4: Vaccine: ---
                      Category 5: Hardware Methods: ---
                      Category 6: Cryptographic Methods: ---
Countermeasures successful: 'CHECKVECTORS 2.2', 'GUARDIAN 1.2',
                            'VIRUSX 4.0'; own suicide function
Standard means......: 'CHECKVECTORS 2.2'
--------------------- Acknowledgement ---------------------------------
Location............: Virus Test Center, University Hamburg, FRG
Classification by...: Wolfram Schmidt
Documentation by....: Alfred Manthey Rojas
Date................: 5-June-1990
Information Source..: ---
==================================== End of REVENGE 1.2G Virus =========================================


Animated picture of the Revenge v1.2G virus:



Ascii of Revenge v1.2G virus:




Virum Help Team
Denmark & Canada
Copyright © All rights reserved
www.vht.dk