Umyj Dupe Bootblock Virus - Amiga Virus Encyclopedia

VIRUS HELP TEAM
Amiga Antivirus Website
 



     -------------------------
     Amiga Virus Encyclopedia
     Umyj Dupe Bootblock Virus
     -------------------------
     
     
     Name         : Umyj Dupe

     Aliases      : No Aliases

     Type         : Bootblock
     
     Size         : 1024 bytes

     Symptoms     : No Symptoms

     Discovered   : 27 march 1992

     Way to infect: Boot infection

     Rating       : Less Dangerous

     Kickstarts   : 1.2

     Damage       : Overwrites boot

     Removal      : Install boot

     Comments     : The  virus copies itself at address $7F800 and patches
                    the KICK vectors to stay resident in memory.

                    To  infect  other  disks  the  virus  uses  the DOIO()
                    vector.  Because  of  the direct Kick1.2 ROM-Jumps the
                    virus just works on Kick1.2 machines. 

                    If  you  are  booting with an infected disk on Kick1.3
                    or  2.0  you  will  immediately get an GURU. The virus
                    scans  the Rootblock of the disk, just DD-Disk will be
                    affected,  and  checks  for  "Umy" in the Diskname. If
                    there  is  such  a  "Umy"  you will get the following 
                    Alert:

                    "Umyj Dupe - Wash Your Ass"

                    If  there  isn`t  "Umy"  in the name your disk will be
                    infected + renamed in:

                    "Umyj Dupe - Wash Ur Ass"

                    So  the  next  time  you will see the Virus-Alert. The
                    text  aren`t  crypted  so  you  can  read  them in the
                    bootblock.

     Test made by : Safe Hex International 


     Screenshot of Umyjdupe Virus:
Virum Help Team
Denmark & Canada
Copyright © All rights reserved
www.vht.dk