ASS 1.0 Antivirus Virus - Amiga Virus Encyclopedia
VIRUS HELP TEAM
------------------------
Amiga Virus Encyclopedia
ASS 1.0 Antivirus Virus
------------------------
===== Computer Virus Catalog 1.2: "A.S.S. 1.0" Virus (5-June-1990) ====
Entry...............: "A.S.S. 1.0" Antivirus Virus
Alias(es)...........: ---
Virus Strain........: ---
Virus detected when.: OCTOBER 1989
where.: Elmshorn, FRG
Classification......: system virus (bootblock), resident
Length of Virus.....: 1. length on storage medium: 1024 byte
2. length in RAM : 1024 byte
--------------------- Preconditions -----------------------------------
Operating System(s).: AMIGA-DOS
Version/Release.....: 1.2/33.180
Computer model(s)...: AMIGA 500, AMIGA 1000, AMIGA 2000A, AMIGA 2000B
--------------------- Attributes --------------------------------------
Easy Identification.: typical text: 'This bootblock protect your AMIGA
against BYTE BANDIT', 'Something wonderful has
fiddled with the CoolCapture() pointer
(Probably the SCA-Virus) and has been
eleminated *** Thanks to the ASS VIRUS
PROTECTOR V1.0 ***', 'Something wonderful has
fiddled with the Resident() pointer
(Probably the ByteBandit-Virus) and has been
eleminated *** Thanks to the ASS VIRUS
PROTECTOR V1.0 ***'
Type of infection...: self-identification method: kicktag pointer
normally set to $0007F300 and the virus
compares the second word of this adress with
$F300
system infection: RAM resident, reset resident
Infection Trigger...: ---
Storage media affected: tests floppy disks (3.5" and 5.25") for BYTE
BANDIT, SCA and SCA clones
Interrupts hooked...: vertical blank interrupt (IV 5)
Damage..............: permanent damage: ---
transient damage: screen buffer manipulation:
message when detecting a known virus
(see above)
Damage Trigger......: permanent damage: CoolCapture is set to system
default, KickTag pointer is modified with
A.S.S. entry, DoIO vector is set to system
default (Kickstart 1.2 Release 33.180)
transient damage: message when detecting a known
virus (see above)
Particularities.....: other resident programs using the system resident
list (KickTagPointer) or the CoolCapture
pointer are shut down
detects BYTE BANDIT, SCA (and SCA clones)
Similarities........: produces a sequence of notes similar to the
SYSTEM Z (antivirus) virus series
--------------------- Agents ------------------------------------------
Countermeasures.....: Names of tested products of Category 1-6:
Category 1: .2 Monitoring System Vectors:
'CHECKVECTORS 2.2'
.3 Monitoring System Areas:
'CHECKVECTORS 2.2','GUARDIAN 1.2',
'VIRUSX 4.0'
Category 2: Alteration Detection: ---
Category 3: Eradication: 'CHECKVECTORS 2.2',
'VIRUSX 4.0'
Category 4: Vaccine: ---
Category 5: Hardware Methods: ---
Category 6: Cryptographic Methods: ---
Countermeasures successful: 'CHECKVECTORS 2.2', 'GUARDIAN 1.2',
'VIRUSX 4.0'
Standard means......: 'CHECKVECTORS 2.2'
--------------------- Acknowledgement ---------------------------------
Location............: Virus Test Center, University Hamburg, FRG
Classification by...: Alfred Manthey Rojas, Wolfram Schmidt
Documentation by....: Alfred Manthey Rojas
Date................: 5-June-1990
Information Source..: ---
===================== End of "A.S.S 1.0" Virus ========================
Antivirus removal...: Kickstart 1.2 & 1.3 : VT-Schutz v3.17
Kickstart all others: VirusZ III with Xvs.library installed
Screenshot of Ass Protector (A.S.S. 10) virus
Ascii of Ass Protector (A.S.S. 10) virus
Ascii of Ass Protector (A.S.S. 10) virus
