Leviathan Virus (Bootblock+File):
        ---------------------------------


        This virus is a quite tricky combination between BB and file
        virus. It can be written as a normal bootblock to  disk  and
        it  can  write  a file in the first position of the Startup-
        Sequence.

        The virus uses the memory from $7f000-$7e000 direct.
        At first the viruscode will be  copied  and  after this, the
        memoryblock will be allocated.

        ColdCapture, OldOpenLibrary and DoIO will  be  changed.
        The Coldcapture Routine  initializes the DoIo and  the  Old-
        Openroutines.

        I have tested this virus with a normal A500+ and an A4000 but
        the ResetRoutine of this virus does not work on this computers.
        You have to coldreset your machine.




        At the end there is a crypted textblock:

        'YOU ARE THE OWNER OF A NEW GENERATION OF'
        ' VIRUS! IT FUCKS YOUR STARTUP-SEQUENCE! '
        'HAVE FUN.... '

        In  this virus was no special destroy routine found  (except
        the BB write command).



        Test by Markus Schmall           Detection tested 6.12.1993.

[Go back]