The Artima Developer Community
Articles | News | Weblogs | Books | Forums
Artima Forums | Articles | Weblogs | Java Answers | News
Sponsored Link

Agile Buzz Forum
The state of modern viruses

0 replies on 1 page.

Welcome Guest
  Sign In

Go back to the topic listing  Back to Topic List Click to reply to this topic  Reply to this Topic Click to search messages in this forum  Search Forum Click for a threaded view of the topic  Threaded View   
Previous Topic   Next Topic
Flat View: This topic has 0 replies on 1 page
James Robertson

Posts: 29924
Nickname: jarober61
Registered: Jun, 2003

David Buck, Smalltalker at large
The state of modern viruses Posted: Jan 25, 2004 6:06 PM
Reply to this message Reply

This post originated from an RSS feed registered with Agile Buzz by James Robertson.
Original Post: The state of modern viruses
Feed Title: Michael Lucas-Smith
Feed URL: http://www.michaellucassmith.com/site.atom
Feed Description: Smalltalk and my misinterpretations of life 		Latest Agile Buzz Posts
Latest Agile Buzz Posts by James Robertson
Latest Posts From Michael Lucas-Smith

Advertisement

"Back in my day" viruses were lethal buggers on a computer. These days they're harmless little executables that are run from emails or VB scripts. The state of viruses is disarray... let me explain.

I went over to help my folks out with their computer. They've been having trouble running programs lately. I immediately noticed a dodgy process in memory. I checked the registry and sure enough there was a weird looking program in there (weird as in, I'd never seen it before. This usually includes anything to do with scanners, internet connections or viruses).

I removed the registry entry and checked again a few seconds later.. it was back. This is most annoying as there's no easy way to remove something from the registry without being in windows - which will run those programs. The virus program was called winkmi.exe and it had hidden itself with hidden, system, readonly attributes in the windows system directory.

Very easily fixed with attrib, reboot in to windows and remove the registry entry and all is done. Except for the hundreds of copies of itself it'd made in the program files directory. Wiped those and the system has been cleansed.

Back in my day what I'd just done would have been impossible. Viruses would insert themselves at the start of other executables, in to system configurations, the boot sector, stay memory resident no matter what.. all sorts of things. Today's viruses are just horny rabbits, not deadly vipers.

"Back in my day" my friend David got a virus called TwoHalves. This was a very dangerous virus because it slowly encrypted your hard disk from the back to the front. What was truely innovative about this virus was that it intercepted attempts to read from the disk and decrypted the encrypted information on the fly.

That's right, remove TwoHalves and you lose a heap of your data. But wait, it gets worse - once it has finished it 'forgets' the encryption key, leaving you with a harddisk full of gibberish. The sooner you remove this virus the better off you are.. if you can call it that.

Compare that with todays viruses? they roam about on the internet gobbling network traffic. I suppose you can say this is a good state of affairs? If that's so why do virus scanners cost more now than they ever have? Conspiracy time...

Read: The state of modern viruses

Topic: Eclipse on its own Previous Topic   Next Topic Topic: More on font matching
Sponsored Links


Google
  Web Artima.com   

Copyright © 1996-2019 Artima, Inc. All Rights Reserved. - Privacy Policy - Terms of Use