Traveller v1.0 Virus - Amiga Virus Encyclopedia

VIRUS HELP TEAM
Amiga Antivirus Website
www.vht-dk.dk
 



------------------------
Amiga Virus Encyclopedia
Traveller v1.0 Virus
------------------------

                         
=== Computer Virus Catalog 1.2: TRAVELLER 1.0 Virus (25-July-1992) ===
Entry...............: TRAVELLER 1.0 Virus
Alias(es)...........: ---
Virus Strain........: ---
Virus detected when.: Unknown
              where.: Unknown
Classification......: System virus (bootblock), memory resident
Length of Virus.....: 1. Length on storage medium: 1024 byte
                      2. Length in RAM:            3072 byte
--------------------- Preconditions ----------------------------------
Operating System(s).: AMIGA-DOS
Version/Release.....: all versions
Computer model(s)...: all models
--------------------- Attributes -------------------------------------
Easy Identification.: Typical text: "The Traveller 1.0"
Type of infection...: RAM resident, reset resident, bootblock
Infection Trigger...: Message with #$6E000 at offset $2C and
                         with #2 (Read) at offset $1C recieved dy DoIO
Storage media affected: All device-driven systems
Interrupts hooked...: Interrupt-vector 3
Damage..............: Permanent damage: overwriting block zero of
                                        the same device
                      Transient damage: screen buffer manipulation:
                                        screen becomes red, green
                                        and blue; message "never heard
                                        of virus-protection ??? -
                                        lamer !!!" is shown in black;
                                        system stops working
Damage Trigger......: Permanent damage: message with #$6E000 at offset
                                        $2C and #2 (Read) at offset
                                        $1C recieved dy DoIO
                      Transient damage: 45,000th occurence of
                                        interrrupt 3 after last in-
                                        fection
Particularities.....: A resident program using the CoolCaptureVector
                         is shut down; changes DoIO vector; uses
                         KickTagPtr; restores DoIO vector
Similarities........: ---
--------------------- Agents -----------------------------------------
Countermeasures.....: GUARDIAN 1.2, VIRUSX 4.0, VIRUSCONTROL 2.0
Countermeasures successful: GUARDIAN 1.2, VIRUSX 4.0, VIRUSCONTROL 2.0
Standard means......: VIRUSCONTROL 2.0
--------------------- Acknowledgement --------------------------------
Location............: Virus Test Center, University Hamburg, FRG
Classification by...: Karim Senoucci
Documentation by....: Karim Senoucci
Date................: 14-July-1992
Information Source..: ---
===================== End of TRAVELLER 1.0 Virus =====================


Ascii of Traveller 1.0 Bootblock virus:
Virus Help Team
Denmark & Canada
Copyright © All Rights Reserved