Hochofen Virus - Amiga Virus Encyclopedia

VIRUS HELP TEAM
 



------------------------
Amiga Virus Encyclopedia
Hochofen Virus
------------------------
  
         
======= Computer Virus Catalog 1.2: Hochofen Virus (31-July-1993) ======
Entry...............: Hochofen Virus
Alias(es)...........: Trabbi Virus
Virus Strain........: ---
Virus detected when.: January 1992
              where.:
Classification......: Link Virus (Extending), Direct Action
Length of Virus.....: Length on storage medium: 3000 bytes
--------------------- Preconditions -----------------------------------
Operating System(s).: AMIGA-DOS
Version/Release.....: 1.2,1.3,2.04,3.0
Computer model(s)...: All Amigas
--------------------- Attributes -------------------------------------
Easy Identification.: Typical texts in file (first Hunk):
                         "Fasten seat-belt!",0
                         "Greetings to Hochofen",0
                      Screen Messages: the typical texts are displayed,
                         with Black/Red/Yellow rasterbeam display.
Type of infection...: Self-Identification methods:
                         test-longword($2e5) at $14(File)
                      Executable File infection:
                         extending infected files by 3000 Bytes in
                         direct action during infected program start
                      Infection preconditions:
                         1) File smaller than 200000 Bytes
                         2) File stored in c: or df0:
                         3) Disk validated
                         4) File not infected
Infection Trigger...: Execution of an infected file
Storage media affected: All media
Interrupts hooked...: ---
Damage..............: Permanent Damage: none
                      Transient Damage: screen buffer manipulation,
                          displaying text mentioned above
                      Transient/Permanent damage: some infected programs
                          will not execute or even crash the system as
                          virus cannot handle some Hunk Types correctly
                          due to a bug in the infection routine.
Damage Trigger......: ---
Particularities.....: Virus author's programming abilities are rather
                        poor, very likely a beginner.
Similarities........: ---
--------------------- Agents -------------------------------------------
Countermeasures.....: VT2.54, VirusZ
Countermeasures successful: VT2.54, VirusZ
Standard means......: VT2.54
--------------------- Acknowledgement ----------------------------------
Location............: Virus Test Center, University Hamburg, FRG
Classification by...: Soenke Freitag
Documentation by....: Soenke Freitag
Date................: 31-July-1993
Information Source..: H.Schneegold, SHI, reverse-analysis
===================== End of Hochofen Virus ============================

Antivirus...........: Kickstart 1.2 & 1.3 : VT-Schutz v3.17
                      Kickstart all others: VirusZ III v1.04B or higher, and also Xvs.library v33.47 or higher
                      

Screenshot of Hochofen link virus:
Virum Help Team
Denmark & Canada
Copyright © All rights reserved
www.vht.dk