BB-Prot
Introduction
BB-Prot is a computer virus written for the Commodore Amiga. It is a bootvirus and clone of Zombi I.
Summary
- Overwriting the original bootblock of an unprotected disk when bootet with it
- The virus is not encrypted
- Uses DoIO()-vector from the exec.library for infection
- Makes itself reset resident by using the CoolCapture
- Tries to cheat by showing the XCopy text at startup
Details
Compared to its original Zombi I the encrypted alert text has been removed. Also the virus renames the disk to T.ET.E instead of Zombi I.
However, the most significant modification is that when booting with an infected disk will show a graphical output:
This graphical output is also be performed by the XCopy-Bootblock. XCopy is a wellknown disk-copy program on the Amiga.
In the bootblock you can see the following text:
0330h: 4E F9 00 07 A0 36 3E 42 42 2D 50 72 6F 74 20 62 ; Nù.. 6>BB-Prot b
0340h: 79 20 4D 41 58 20 69 6E 20 30 34 00 31 30 00 31 ; y MAX in 04.10.1
0350h: 39 39 32 3C 00 07 EE 00 00 07 EE 50 20 01 FF FE ; 992<..î...îP .ÿþ
Clones and variants
- None
