The compilation of a unified list of computer viruses is made difficult because of naming. To aid the fight against computer viruses and other types of malicious software, many security advisory organizations and developers of anti-virus software compile and publish lists of viruses. When a new virus appears, the rush begins to identify and understand it as well as develop appropriate counter-measures to stop its propagation. Along the way, a name is attached to the virus. As the developers of anti-virus software compete partly based on how quickly they react to the new threat, they usually study and name the viruses independently. By the time the virus is identified, many names denote the same virus. Another source of ambiguity in names is that sometimes a virus initially identified as a completely new virus is found to be a variation of an earlier known virus, in which cases, it is often renamed. For example, the second variation of the Sobig worm was initially called "Palyh" but later renamed "Sobig.b". Again, depending on how quickly this happens, the old name may persist. ScopeIn terms of scope, there are two major variants: the list of "in-the-wild" viruses, which list viruses in active circulation, and lists of all known viruses, which also contain viruses believed not to be in active circulation (also called "zoo viruses"). The sizes are vastly different: in-the-wild lists contain a hundred viruses but full lists contain tens of thousands. Comparison of viruses and related programs
Related lists
Unusual subtypes
Notable instances
Similar software
Security topics
See also
References
External links
Page 24kCommon name4KTechnical name4KAliasesFrodoFamilyN/AClassificationVirusTypeDOS[1]SubtypeCOM, EXEIsolation1990Point of isolationUnknownPoint of originUnknownAuthor(s)Unknown 4k is a computer virus which infects COM files and EXE files. The virus was one of the first file infectors to employ stealth tactics. Infected systems will hang, after September 22 every year, which is also the date of birth of Bilbo Baggins, a character from The Lord of the Rings. The code was intended to display the message Frodo Lives, but hangs in all known variants. This virus was spread without the aid of the Internet. It was ported between systems by floppy disks. HistoryIt first appeared in October 1989.[2] The first U.S. specimen was contracted in Dallas, TX, and quarantined with verification given by antivirus professionals. Reporters and TV crews recorded this in the local area news in August 1990. Its trail led from Dallas back to New York City via a professional at a software firm creating software for lawyers. Virus firms had been tracking it previously in London a month or two before getting calls from New York. No specimens were quarantined or properly recorded in New York. Raymond Glath of Phoenix, AZ, was the developer and owner of the Vi-Spy product which continued production until mid-release of Windows 95. Reports to McAfee antivirus and Vi-Spy antivirus firms resulted in only one product properly detecting the virus, Vi-Spy. OperationThe virus added itself to the system in a way which defied normal infection processes. Because of this, it was able to infect a system without using system subroutines, which is what most antivirus products were watching. This is why the virus received the additional name 'stealth'. The infection process used a mathematical algorithm to determine the letters E-X-E & C-O-M. When a file was opened by the OS, the virus checked the extension of the file, and sometimes, other extension letters would be identified as a program file causing the virus to infect a data file and obviously corrupting its contents. Because the virus appended itself to a file, while hiding the increase in file length, the system could cross-link files and diagnostics on the disks would report allocation errors. This would damage programs and data alike. The description of the problems found while trying correct the 'stupid-looking errors' would cause most computer professionals to erase the system and start over. A few days later the problems would arise again. Diagnostic disks and writable installation disks used to fix the computer would commonly be infected with the virus and this would aid in the spread. References
|