Zaccess v1.0 virus - Clone: 16 BitCrew

== Computer Virus Catalog 2.0: ZACCESS V1.0 Virus  (14-December-1993) ===
Entry...............: ZACCESS V1.0 Virus
Alias(es)...........: ---
Virus Strain........: 16 Bit Crew Virus strain
      detected when.: ---
              where.: ---
Classification......: system virus (bootblock), resident
Length of Virus.....: 1. Length on storage medium: 1024 bytes
                      2. Length in RAM: 1024 bytes
--------------------- Preconditions -------------------------------------
Operating System(s).: AMIGA-OS
Version/Release.....: all system releases
Computer model(s)...: all models
--------------------- Attributes ----------------------------------------
Easy identification.: text visible in bootblock: "ZACCESS V1.0 / 1991"
Type of Infection...: Self-identification method: Virus checks if the
                      sum of two matchwords in the bootblock equals
                      zeros; if yes, the virus assumes to have found
                      itself on disk
                      System infection: RAM resident, reset resident,
                      bootblock
Infection Trigger...: reset
Storage Media affec.: only floppy disks
Systemcalls hooked..: DoIO vector of exec-library, CoolCapture
Stealth.............:
Tunneling/Selfprot.¾:ºOligo¿Pÿnymorphism..:
Encoding Method...,.:
Damage..............: Permanent damage: overwriting bootblock
                   ° °Transùeþv damage: LED flashing 10 or 3  times)
Damage Trigger......: Permanent damage: reset
                      Transient damage: depending on infection counter
                      value and mouse button during
                      boot
Particularities.....: a resident program using the CoolCapture vector
                      is shut down
Similarities........: ---
-------½-----½-½/--- Agents -----------
--------------------------------
Countermeasures.....: Virus Workshop V3.0, VirusChecker V6.3³,º     ° °"             VT 2.58, FirusZ 3.07
Standard means......: VT 2.58, Virus Workshop V3.0
--------------------- Acknowledgements ----------------------------------
Location............: Virus Test Center, University of Hamburg, Germany
Classification by...: Karim Senoucci
Documentation by....: Karim Senoucci
Date................: 14-December-1993
Information Source..: Virus analysis
======================= End of ZACCESS V1.0 Virus =======================

[Go back]