Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Self-destructing virus kills off PCs
teoti ^ | 9:38 pm 05/05/2015 | tricpe

Posted on 05/07/2015 7:01:36 PM PDT by Utilizer

click here to read article


Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-62 next last
To: Utilizer
Self-destructing virus kills off PCs

Stop talking about Windows like that!

21 posted on 05/07/2015 7:29:38 PM PDT by Still Thinking (Freedom is NOT a loophole!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: tacticalogic; dennisw
> Done it many times when doing bare-metal upgrades. The downside is having to re-install all the software.

True, but doing in-place upgrades has its downsides too. I believe in ripping out the OS about every two years regardless, and reinstalling everything, because:

and so on.
22 posted on 05/07/2015 7:32:36 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is...sounding pretty good about now.)
[ Post Reply | Private Reply | To 17 | View Replies]

To: Utilizer
At this point Rombertik will first run anti-analysis checks to determine whether it is running within a sandbox. If it isn’t, it will then decrypt and install itself, which then allows it to launch a second copy of itself and to overwrite the second copy with the malware’s core functionality.

Need to get it in a sandbox it doesn't recognize.

23 posted on 05/07/2015 7:34:10 PM PDT by tacticalogic ("Oh, bother!" said Pooh, as he chambered his last round.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: dayglored
Oh, no argument at all, I just get a little irritated at these DoomDoomKerboom articles. I last used testdisk about three weeks ago to bring back a partition table on a machine somebody had trashed "irrecoverably". CS major, too. The guy blushed scarlet when he saw how easy it was.

You are, of course, completely correct that the average user might not know about this stuff, more's the pity. So, 'fess up - could you write a script and put it on a bootable medium that would take care of this in a single operation? Yes, you could. Haha - admit it! ;-)

24 posted on 05/07/2015 7:35:29 PM PDT by Billthedrill
[ Post Reply | Private Reply | To 19 | View Replies]

To: tacticalogic; Utilizer
> Need to get it in a sandbox it doesn't recognize.

Tricky. It's a lot easier to detect that you're in one, than to build one that can't be detected.

25 posted on 05/07/2015 7:36:47 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is...sounding pretty good about now.)
[ Post Reply | Private Reply | To 23 | View Replies]

To: dayglored
I believe in ripping out the OS about every two years regardless, and reinstalling everything,

I do it about every 3 years, and start with a new MB, CPU, memory, and HD. A good case and PS will usually be good for 2-3 cycles of that.

26 posted on 05/07/2015 7:39:22 PM PDT by tacticalogic ("Oh, bother!" said Pooh, as he chambered his last round.)
[ Post Reply | Private Reply | To 22 | View Replies]

To: Billthedrill
> So, 'fess up - could you write a script and put it on a bootable medium that would take care of this in a single operation? Yes, you could. Haha - admit it! ;-)

"Guilty, Your Honor!!"

27 posted on 05/07/2015 7:39:41 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is...sounding pretty good about now.)
[ Post Reply | Private Reply | To 24 | View Replies]

To: Utilizer
Destroying your computers runs completely counter to the purpose of watching your habits and stealing your personal data. This "article" is written like a junk e-mail ("destroys your computer!").

"involves reinstalling Windows, which could mean important data is lost"
This does not make logical sense, I've reinstalled Windows many times with no loss of data.

28 posted on 05/07/2015 7:41:22 PM PDT by Excuse_My_Bellicosity (Death before disco.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Utilizer

This will continue until we bring back public hanging.


29 posted on 05/07/2015 7:44:19 PM PDT by SWAMPSNIPER (The Second Amendment, a Matter of Fact, Not A Matter of Opinion)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Billthedrill
I just get a little irritated at these DoomDoomKerboom articles

Yup. The virus may be for real but this "article" reads like a junk e-mail. We've all seen those before: "indestructible virus", "completely destroys your computer", "intelligently evades detection".

30 posted on 05/07/2015 7:45:56 PM PDT by Excuse_My_Bellicosity (Death before disco.)
[ Post Reply | Private Reply | To 24 | View Replies]

To: SWAMPSNIPER
> This will continue until we bring back public hanging.

Problem: hanging is too quick and reliable.

Writing malware should be punishable by something slow and uncertain. Maybe the honey and fire-ant-hill thing, and THEN hanging.

31 posted on 05/07/2015 7:47:17 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is...sounding pretty good about now.)
[ Post Reply | Private Reply | To 29 | View Replies]

To: dayglored
Tricky. It's a lot easier to detect that you're in one, than to build one that can't be detected.

Figure out what tests it's running and then figure out how to lie to it.

32 posted on 05/07/2015 7:50:10 PM PDT by tacticalogic ("Oh, bother!" said Pooh, as he chambered his last round.)
[ Post Reply | Private Reply | To 25 | View Replies]

To: Utilizer

Wont affect my awesome linux pc ha


33 posted on 05/07/2015 7:53:45 PM PDT by bicyclerepair (Ft. Lauderdale FL (zombie land). TERM LIMITS ... TERM LIMITS)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Billthedrill

public void alwaysDo()
{
User user = new User();

user.keepOriginalSoftware();
user.knowHowToInstallOriginalSoftware();
user.backupYourData(USB_DRIVE);

// for good cloud backup goto http:www.crashplan.com
user.backupYourData(CLOUD);
}


34 posted on 05/07/2015 7:55:49 PM PDT by doomtrooper99 (Mr Truman, you did not finish the job)
[ Post Reply | Private Reply | To 10 | View Replies]

To: tacticalogic
> Figure out what tests it's running and then figure out how to lie to it.

Well, yes, of course. ;-)

The problem is that if it's smart, it won't let you intercept the fact that it's running a test. That's somewhat more challenging in these days of multiple cores and threads, but it can usually be done.

A very interesting problem in either direction.

35 posted on 05/07/2015 7:58:01 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is...sounding pretty good about now.)
[ Post Reply | Private Reply | To 32 | View Replies]

To: Utilizer
Restoring a PC with its MBR deleted involves reinstalling Windows, which could mean important data is lost.

Wrong. Restoring a corrupted MBR is child's play; I've done it several times for clients.

36 posted on 05/07/2015 8:01:28 PM PDT by Squawk 8888 (Will steal your comments & post them on Twitter)
[ Post Reply | Private Reply | To 1 | View Replies]

To: dayglored

…Taliban Justice???...


37 posted on 05/07/2015 8:01:52 PM PDT by doomtrooper99 (Mr Truman, you did not finish the job)
[ Post Reply | Private Reply | To 31 | View Replies]

To: dayglored
The problem is that if it's smart, it won't let you intercept the fact that it's running a test. That's somewhat more challenging in these days of multiple cores and threads, but it can usually be done.

I think you should be able to mitigate some of that by running it in a VM.

38 posted on 05/07/2015 8:05:04 PM PDT by tacticalogic ("Oh, bother!" said Pooh, as he chambered his last round.)
[ Post Reply | Private Reply | To 35 | View Replies]

To: tacticalogic

I HAVE to reinstall Windows once every 2-3 years.

I reinstalled MAC OSX, only once, when I took my MAC Mini to work and wanted to scrub personal data and software..


39 posted on 05/07/2015 8:07:02 PM PDT by doomtrooper99 (Mr Truman, you did not finish the job)
[ Post Reply | Private Reply | To 26 | View Replies]

To: tacticalogic

I use VMWare’s Player all the time.

www.vmware.com


40 posted on 05/07/2015 8:08:26 PM PDT by doomtrooper99 (Mr Truman, you did not finish the job)
[ Post Reply | Private Reply | To 38 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-62 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson