Summary

One of the oldest viruses known - first found in April '87. It replaces the original boot sector with itself and stores the original boot sector on track 39, head 0, sector 8. This sector is generally not used unless the diskette is almost full.

The first version of the virus contained a POP CS instruction, which only exists on 8088 and 8086 machines. This was "fixed" later, so the virus worked correctly on '286 and later machines.

As this virus is so old, several variants have been created. Some of them have been reported to format the hard disk, when they have infected a predetermined number of diskettes.

All variants of the Alameda virus replicate only when Ctrl-Alt-Del is pressed.

Alameda was probably written on an old IBM PC, by a rather lousy programmer, using the A86 assembler.