This isn't a virus making program, its a virus, identified by F-Prot as
V2Px.1260. Hopefully not too many people will try to run this, and
probably even less will be able to find it, as its being cancelled by
AOL.
--
--==Steve==--
>Virus maker program. Teaches you how to make viruses
>Execute this program in C:\ or it won't work.
The only thing I learned is that even the intricacies of the "rename"
command are too much for you.
Next time you post a 1260 bytes file (the V2PX.1260 virus BTW), you
should rename it something like N324Gold and tell everyone that it is
the Netscape 4 Beta. Then, and only then, you have a slight chance of
hurting someone.
BTW, you have a really cool name. Too bad, I guess you'll get your
account cancelled.
Pierre Vandevenne
http://www.datarescue.com
>Execute this program in C:\ or it won't work.
>section 1/1 file 1260.com [ Wincode v2.6.1 ]
>begin 644 1260.com
etc.
Seems awful small to be a tutorial, and why do you want us to execute
in C:\ Is there and unpleasant surprise waiting ;-)
>megab...@aol.com (Megabyte57) wrote:
>>begin 644 1260.com
>etc.
yeah of course it's unpleasant it's the V2PX.1260 virus and if you
renamed the file to N324GOLD no one would believe you because netscape
gold is 7-10 megs. I think I agree with Pierre Vandevenne learn to
rename files.
That was the first polymorphic virus, came out in 1990, as I recollect (or
was it 1989?). It was written by Mark Washburn, who lives in Minnesota. I
remember the buzz as we looked at it and realised that no scan string was
possible (well, you can have 2-byte scan strings, and there are a few of
them). Panic - what are we (the AV industry) going to do. Then we all sat
down and wrote a subroutine to detect it, about a dozen lines of code did
it. But it meant the end of simple signature scanning.
Maybe I should write a detailed history of the PC virus.
--
Alan Solomon, Chairman, AuthenTec Data Recovery and Computer Forensics
Personal: drs...@ibmpcug.co.uk http://www.ibmpcug.co.uk/~drsolly
Business: alan.s...@authentec.sprint.com
I also do some consulting for S&S, who sell Dr Solomon's Antivirus:
S&S: http://www.drsolomon.com email: sup...@drsolomon.com AOL: DrASolly
>Maybe I should write a detailed history of the PC virus.
Hmmmm, I don't know if it is really that interesting. The intro to your
virus encyclopedia was enjoyable. But a *detailed* history...
Pierre Vandevenne, http://www.datarescue.com
Thanks to the a.c.v. safety team for your good work. I missed reading
the group on Mon. Aug. 26. Today, I found the responses, but the
original post had disappeared, so hopefully V2PX didn't get too much
play. Of course, most readers who would download a "virus maker program"
would fall into Tarkan's category of "looking for trouble" anyway :)
Pat Reskey
Pat Reskey <amet...@ix.netcom.com> wrote in article
<3223E9...@ix.netcom.com>...
>
> Thanks to the a.c.v. safety team for your good work. I missed reading
> the group on Mon. Aug. 26. Today, I found the responses, but the
> original post had disappeared, so hopefully V2PX didn't get too much
> play. Of course, most readers who would download a "virus maker program"
> would fall into Tarkan's category of "looking for trouble" anyway :)
You got it, partner :-) Don't be a victim. Of course, you're confusing the
issues
as usual. There's a difference between some punk posting infected files
to public forums (which is spreading viruses), and one that loads them up
in
his clearly labeled web-pages (distribution), which you "happen to" click
upon.
Regards,
Tarkan Yetiser
VDSARG
>Inside Caro
For some reason, I think a chapter entitled "Inside Caroline" would
appeal to a wider audience...
>And much much more. Oh, there are so many stories, *begging* to be told.
Why don't you write a good SF book or something like that ? Your style
would probably be 30% Asimov, 30% Pratchett and 30% Adams (the missing
10% are left as an exercise for the reader). I'd probably want to read
that and leave the virus stuff aside.
Pierre Vandevenne, http://www.datarescue.com
Who did what to who and when:
The truth about Brain (the legend is wrong).
Jerusalem - the unfinished virus
The story of Datacrime
The CVIA
David Stang, and the story of the NCSA
Inside Caro
The Saratoga story
The distribution of Virus-X
The mechanics of the media scares
The truth about Michelangelo
The Agiplan mystery
The virus that never was.
The fueds: Bontchev/Netiv, Larsen/Eubanks, and many, many others
How the first polymorphic virus came about (and where the word polymorphic
came from)
The intriguing story of Whale
The initial launch, and unlaunch, of NAV
And much much more. Oh, there are so many stories, *begging* to be told.
--
Alan Solomon, Chairman, AuthenTec Data Recovery and Computer Forensics
Personal: drs...@ibmpcug.co.uk http://www.ibmpcug.co.uk/~drsolly
Business: alan.s...@authentec.sprint.com
In 1984, I founded S&S; in 1996 sold S&S, who sell Dr Solomon's Antivirus
Done that. Have a look at my personal web pages to read my stories. And
thank you for the compliments about my style; those are three authors I
admire.
>This isn't a virus making program, its a virus, identified by F-Prot as
>V2Px.1260. Hopefully not too many people will try to run this
VP2x also called Chameleon series... Mark Washburn's creatures. I love
them, they're the first poly virii :)
Mister Sandman,
bring me a dream.
>Steven Hoke <sh...@baldcom.net> wrote:
>
>
>>This isn't a virus making program, its a virus, identified by F-Prot
as
>>V2Px.1260. Hopefully not too many people will try to run this
>
>VP2x also called Chameleon series... Mark Washburn's creatures. I
love
>them, they're the first poly virii :)
>
So, where does the term polymorph come from in reference to these
viruses?
Just curious...just a newbie to this group...
-Puck
From the FAQ:
* POLYMORPHIC VIRUSES - viruses that cannot be detected by
searching for a simple, single sequence of bytes in a
possibly-infected file, since they change with every
replication.
You can get the full FAQ from http://www.webworlds.co.uk/dharley/
If you are new to the newsgroup, it will answer a lot of other questions
you may also have.
--
--==Steve==--
I'm glad you asked that ...
Frisk and I had a very long telephone converstaion, Christmas 1991. It
lasted about 24 hours, over a period of 3-4 days. The conversation was to
agree on names for the 1000 existing viruses, so that we could eliminate
the unnecessary connfusion. These names then went on to be adopted as the
official Caro namibng scheme, now officially used by just about ever AV
producer (with some slippage, of course).
In the course of what was inevitable a fairly boring conversation (you
try talking about virus names for 24 hours), we got into various off-topic
subjects, and one of those was what to call the (fairly new then)
phenomenon of self-mtuating, or self-garbling viruses. Neither of those
words was really satisfactory, because they don't mutate. I came up with
Polymorphic as a suggestion (I'd just been reading about OOP). Frisk says
it was his suggestion. Maybe we both thought of it at once. Anyway, it
was such an obviously right word, we agreed on it, and it got adopted
everywhere.
It's from the Greek. poly = many. morph = form.