==== Computer Virus Catalog 1.2: POWERBOMB Virus (31-January-1992) ==== Entry...............: POWERBOMB Virus Alias(es)...........: --- Virus Strain........: BYTE BANDIT Virus Strain Virus detected when.: JANUARY 1990 where.: Elmshorn, Germany Classification......: System virus (bootblock), resident Length of Virus.....: 1. Length on storage medium: 1,024 byte 2. Length in RAM : 1,024 byte --------------------- Preconditions ---------------------------------- Operating System(s).: AMIGA-DOS Version/Release.....: 1.2/33.166, 1.2/33.180 and 1.3/34.20 Computer model(s)...: AMIGA 500, AMIGA 1000, AMIGA 2000A, AMIGA 2000B (and only with those memory expansions of $0C000000 type) --------------------- Attributes ------------------------------------- Easy Identification.: Typical text: "POWERBOMB SYSTEMS PRESENTS: BYTEBANDIT V2.0 !!!COPYS :" Type of infection...: Self-identification method: --- System infection: RAM resident, reset resident, bootblock Infection Trigger...: Reset (=CONTROL+Left-AMIGA+Right-AMIGA); Operation: any disk access Media affected......: Only floppy disks (3.5" and 5.25") Interrupts hooked...: Vertical blank interupt Damage..............: Permanent damage: overwriting bootblock, maybe destroying opened files when screen and key- board are shut off and user has to restart system using CONTROL+LEFT-AMIGA+RIGHT-AMIGA Transient damage: screen buffer manipulation: screen becomes dark, keyboard seems to mal- function; transient damage may be interrupted by pressing a special key combination: LEFT-ALT+LEFT-AMIGA (on newer AMIGAS the COMMODORE key)+SPACE+RIGHT-AMIGA+RIGHT ALT (but the virus will still be active) Damage Trigger......: Permanent damage: reset; any disk access Transient damage: only under following condition: 2 resets AND 6 infections AND execution of BYTE BANDIT's own interrupt routine 5208 times (approx. 7 minutes) Particularities.....: uses StartIOVector; other resident programs using the system resident list (KickTagPointer, KickMemPointer) are shut down Copy counter: 19th word Similarities........: BYTE BANDIT Virus Strain --------------------- Agents ----------------------------------------- Countermeasures.....: Names of tested products of Category 1-6: Category 1: .2 Monitoring System Vectors: CHECKVECTORS 2.2 .3 Monitoring System Areas: CHECKVECTORS 2.2,GUARDIAN 1.2, VIRUSX 4.0 Category 2: Alteration Detection: --- Category 3: Eradication: CHECKVECTORS 2.2, VIRUSX 4.0 Category 4: Vaccine: --- Category 5: Hardware Methods: --- Category 6: Cryptographic Methods: --- Countermeasures successful: CHECKVECTORS 2.2, GUARDIAN 1.2, VIRUSX 4.0 Standard means......: CHECKVECTORS 2.2 --------------------- Acknowledgement -------------------------------- Location............: Virus Test Center, University Hamburg, Germany Classification by...: Wolfram Schmidt Documentation by....: Wolfram Schmidt Date................: 1-NOVEMBER-1991 Information Source..: --- ===================== End of POWERBOMB-Virus ========================= [Go back]