Page 2 of 2 FirstFirst 12
Results 11 to 13 of 13

Thread: 2 days to learning all about NTFS ADS viruses.

  1. #11
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    Turmoil, this particular trick (alternate data streams) has been in place since Windows NT. Some other sources that might be helpful or add more.

    http://patriot.net/~carvdawg/docs/dark_side.html
    http://www.heysoft.de/nt/ep-lads.htm
    Microsoft Q188806 Article
    http://www.ciac.org/ciac/bulletins/m-034.shtml
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  2. #12
    Banned
    Join Date
    Dec 2003
    Posts
    138
    Hello Everyone and thankyou for your feedback.
    Yay I finally got rid of the red dots.
    Deaflamb thankyou for pointing out that typing mistake.I'm glad people liked this report.For people who want to learn more about NTFS ADS,I wrote another article on it.You can get it for free from my website:
    http://www.virustimes.cjb.net/stunts/stunts.html
    Thanks again everyone.

  3. #13
    They call me the Hunted foxyloxley's Avatar
    Join Date
    Nov 2003
    Location
    3rd Rock from Sun
    Posts
    2,534
    Nice and easy to comprehend, then I found the link by sysmin770, and now I've really got some reading to do, I am up to speed on encryption techniques and codes, but this is a real big box of tricks I'm getting into now. Advice on site has been of a consistent high quality, with the emphasis on three 'RE's REsearch, REading and REmembering, have printed out copies for my own use, and am starting to gain a really impressive pile of books and notes.
    Wife is not too impressed, but baby loves the marker pens ?? Can honestly say that I have learnt more here in two months, than in the previous couple of years, although at this rate I'll run out of (real) memory pretty soon.
    so now I'm in my SIXTIES FFS
    WTAF, how did that happen, so no more alterations to the sig, it will remain as is now

    Beware of Geeks bearing GIF's
    come and waste the day :P at The Taz Zone

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •