Lamer 4.0 Virus - Amiga Virus Encyclopedia

VIRUS HELP TEAM




-------------------------
Amiga Virus Encyclopedia
Lamer 4.0 Virus
-------------------------

            
== Computer Virus Catalog 1.2: LAMER EXTERMINATOR 4.0 (15-July-1991) =
Entry...............: LAMER EXTERMINATOR 4.0 Virus
Alias(es)...........: ---
Virus Strain........: LAMER EXTERMINATOR Strain
Virus detected when.: October 1989
              where.: Elmshorn, Germany
Classification......: Encrypting System virus (bootblock), resident
Length of Virus.....: 1. Length on storage medium: 1024 byte
                      2. Length in RAM           : 1024 byte
--------------------- Preconditions ----------------------------------
Operating System(s).: AMIGA-DOS
Version/Release.....: 1.2/33.180
Computer model(s)...: AMIGA 500, AMIGA 1000, AMIGA 2000A, AMIGA 2000B
--------------------- Attributes -------------------------------------
Easy Identification.: typical text: bootblock: ---
                             in memory: 'The LAMER Exterminator !!!'
Self-identification.: 471th word on bootblock is $ABCD; kicktag pointer
                         points to virus code
Type of infection...: System infection: RAM resident, reset resident,
                                        bootblock
Infection Trigger...: reset ( CONTROL + Left-AMIGA + Right-AMIGA );
                      any disk access
Storage media affected: floppy disks (3.5" and 5.25")
Interrupts hooked...: ---
Damage..............: Permanent damage: overwriting bootblock;
                         simulation of standard bootblocks when
                         examined with any tool; destroys blocks by
                         overwriting them 84-times with the string
                         'LAMER!': this will cause a read/write error
                         on affected storage media;
                      Transient damage: allocates 1024 bytes in RAM
Damage Trigger......: Permanent damage: reset; any disk access;
                         virus action after 6 resets and 3 infections
                      Transient damage: ---
Particularities.....: Uses StartIOVector; other resident programs
                         using system resident list (KickTagPointer,
                         KickMemPointer) are shut down; virus encodes
                         itself at every new infection (Bytes 78-941).
Similarities........: LAMER EXTERMINATOR virus strain
--------------------- Agents -----------------------------------------
Countermeasures.....: Names of tested products of Category 1-6:
                      Category 1: .2 Monitoring System Vectors:
                                     CHECKVECTORS 2.2
                                  .3 Monitoring System Areas:
                                     CHECKVECTORS 2.2, GUARDIAN 1.2,
                                     VIRUSX 4.0
                      Category 2: Alteration Detection: ---
                      Category 3: Eradication: CHECKVECTORS 2.2,
                                               VIRUSX 4.0
                      Category 4: Vaccine: ---
                      Category 5: Hardware Methods: ---
                      Category 6: Cryptographic Methods: ---
Countermeasures successful: without restrictions:
                               CHECKVECTORS 2.2, VIRUSX 4.0
                            with restrictions: GUARDIAN 1.2
Standard means......: CHECKVECTORS 2.2
--------------------- Acknowledgement --------------------------------
Location............: Virus Test Center, University Hamburg, Germany
Classification by...: Wolfram Schmidt
Documentation by....: Wolfram Schmidt
Date................: 15-July-1991
Information Source..: ---
==================== End of LAMER EXTERMINATOR 4.0-Virus =============

Antivirus...........: Kickstart 1.2 & 1.3 : VT-Schutz v3.17
                      Kickstart all others: VirusZ III v1.04B or higher, and also Xvs.library v33.47 or higher
                      
                      
Ascii of Lamer 4 Bootblock virus:





Virum Help Team
Denmark & Canada
Copyright © All rights reserved
www.vht.dk