------------------------
     Amiga Virus Encyclopedia
     Port 4097 Trojan
     ------------------------
     
     
    - Port 4097 Trojan
    
          The Install-Prg. is unknown
          2 files both coded
          Loadwb length 1136 bytes
          rexxfifo.lib 1136 bytes = decoded origin Loadwb
          You have to delete both and a real loadwb file
          copieren
          
      Decoded can be read in loadwb:
          4eaefe7a 4a806602 613c7000 4e75646f N..zJ.f.a < p.Nudo
          732e6c69 62726172 79006c69 62733a72 s.library.libs: r
          65787866 69666f2e 6c696272 61727900 exxfifo.library.
          534e4f4f 50444f53 00000000 00000000 SNOOPDOS ........
          ; .....
          d1c84e75 d3c9d3c9 4e756801 1be45443 ..Nu .... Nuh ... TC
          503a3430 39370000 fffc26aa 00242540 P: 4097 .... & .. $% @

          Loadwb fake opens rexx.lib, decodes and then executes the
          original loadwb commands.
          Searches for SNOOPDOS port
          Creates a process without a name or name assumption (i.e. 2x).
          Time loop # 150000 ticks


     Original test by Heiner Schneegold
     Translated from german to english by Google translate