========= Computer Virus Catalog 1.2: FICA Virus (31-July-1993) ======== Entry...............: FICA Virus Alias(es)...........: --- Virus Strain........: --- Virus detected when.: --- where.: --- Classification......: System virus (bootblock infector), RAM resident Length of Virus.....: 1.Length on storage medium: 1024 bytes 2.Length in RAM: 2304 bytes --------------------- Preconditions ------------------------------------ Operating System(s).: AMIGA-DOS Version/Release.....: 1.2/all, 1.3/all, 2.0/all Computer model(s)...: All models --------------------- Attributes --------------------------------------- Easy Identification.: The following text is found in virus/RAM: "Hey ROB of QUARTEX! Your mouth is getting bigger every day, while your work is becoming worse and worse (soon you''ll reach ABAKUSS-level) ! You claim to be THE VERY BEST - but you perform loser cracks (look at your version of SPACE ACE)! Have we EVER seen a TRAINER or an INTRO from you (except the CLI-type command in combination with ridiculous poems)? Fuck off, lame bastard! F.I.C.A RULES!" Type of infection...: RAM resident, reset resident, bootblock infector Infection Trigger...: Booting from an infected disk, reset afterwards Storage media affected: Only floppy disks Interrupts hooked...: Following vectors are changed: KickTagPtr, KickCheckSum, SumKickData and BeginIO of the trackdisk.device. Damage..............: Permanent damage: overwriting bootblock. Damage Trigger......: Using BeginIO on Sector zero Particularities.....: Once in action, virus tries to fool the user and shows a clean bootblock, instead of his infected one. Similarities........: --- --------------------- Agents ------------------------------------------- Countermeasures.....: VirusZ 3.06, VT 2.54, VirusChecker 6.28 Countermeasures successful: VirusZ 3.06, VT 2.54 (VirusChecker 6.28 diagnoses that there is no standard bootblock) Standard means......: VT 2.54 --------------------- Acknowledgement ---------------------------------- Location............: Virus Test Center, University Hamburg, Germany Classification by...: Jens Vogler Documentation by....: Jens Vogler Date................: 31-July-1993 Information Source..: Reverse engineering of virus code ===================== End of FICA Virus =============================== [Go back]