Graffiti Virus - Amiga Virus Encyclopedia

VIRUS HELP TEAM
 



------------------------
Amiga Virus Encyclopedia
Graffiti Virus
------------------------

  
====== Computer Virus Catalog 1.2: GRAFFITI Virus (15-July-1991) =====
Entry...............: GRAFFITI Virus
Alias(es)...........: ---
Virus Strain........: ---
Virus detected when.: 1990
              where.: Elmshorn, FRG
Classification......: System virus (bootblock), resident
Length of Virus.....: 1. Length on storage medium: 1024 byte
                      2. Length in RAM           : 1024 byte
--------------------- Preconditions ----------------------------------
Operating System(s).: AMIGA-DOS
Version/Release.....: 1.2/33.166, 1.2/33.180 and 1.3/34.20
Computer model(s)...: AMIGA 500, AMIGA 1000, AMIGA 2000A, AMIGA 2000B
--------------------- Attributes -------------------------------------
Easy Identification.: Typical text: 'VIRUS! written by Graffiti'
Type of infection...: System infection: RAM resident, reset resident,
                                        bootblock
Infection Trigger...: reset (CONTROL+Left-AMIGA+RIGHT-AMIGA),
                         any disk access
Storage media affected: only floppy disks (3.5" and 5.25")
Interrupts hooked...: ---
Damage..............: Permanent damage: overwriting bootblock
                      Transient damage: screen buffer manipulation:
                         screen becomes black, message 'VIRUS! written
                         by Graffiti' is displayed; next, a Blitter
                         demo is observed (LED flashing 30 times)
Damage Trigger......: Permanent damage: reset
                      Transient damage: starting with 7th infection;
                         LED flashing if left mouse button of Port 1
                         is not pressed, otherwise Blitter demo
Particularities.....: Any resident program using the CoolCaptureVector
                        is shut down; virus uses StartIOVector.
Similarities........: SCA strain
--------------------- Agents -----------------------------------------
Countermeasures.....: Names of tested products of Category 1-6:
                      Category 1: .2 Monitoring System Vectors:
                                     CHECKVECTORS 2.2
                                  .3 Monitoring System Areas:
                                     CHECKVECTORS 2.2, GUARDIAN 1.2,
                                     VIRUSX 4.0
                      Category 2: Alteration Detection: ---
                      Category 3: Eradication: CHECKVECTORS 2.2,
                                               VIRUSX 4.0
                      Category 4: Vaccine: SCA-PROTECTOR 1.0
                      Category 5: Hardware Methods: ---
                      Category 6: Cryptographic Methods: ---
Countermeasures successful: CHECKVECTORS 2.2,GUARDIAN 1.2,VIRUSX 4.0
Standard means......: CHECKVECTORS 2.2
--------------------- Acknowledgement --------------------------------
Location............: Virus Test Center, University Hamburg, Germany
Classification by...: Wolfram Schmidt
Documentation by....: Wolfram Schmidt
Date................: 15-July-1991
Information Source..: ---
======================================== End of GRAFFITI-Virus =========================================

Antivirus removal...: Kickstart 1.2 & 1.3 : VT-Schutz v3.17
                      Kickstart all others: VirusZ III with Xvs.library installed


Animated picture of the Graffiti Virus:



Ascii of Graffiti virus:
Virum Help Team
Denmark & Canada
Copyright © All rights reserved
www.vht.dk