Malware doubts
Results 1 to 7 of 7

Thread: Malware doubts

  1. #1
    Senior Member therenegade's Avatar
    Join Date
    Apr 2003
    Posts
    400

    Malware doubts

    How do programs cause an AV/firewall/system processes to shut down or get disabled?

  2. #2
    Senior Member Info Tech Geek's Avatar
    Join Date
    Jan 2003
    Location
    Vernon, CT
    Posts
    828
    as long as you know the process that is running, you could easily write a script to stop the process.

  3. #3
    HeadShot Master N1nja Cybr1d's Avatar
    Join Date
    Jul 2003
    Location
    Boston, MA
    Posts
    1,836
    viruses/worms have it built in their code to disable them. If the AV is not updated to catch that particular worm/virus, and the virus infects the computer, it will disable it.

  4. #4
    Hmm...I don't know, but I'm going to guess. Modifications to the Windows registry perhaps?

  5. #5
    Senior Member therenegade's Avatar
    Join Date
    Apr 2003
    Posts
    400
    So a virus would be dependent on the OS version as well as the versions of the other programs like AV's or firewalls?umm and if it were,wouldnt it take a LOT of code just to disable certain features?

  6. #6
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Mainly by knowing what the process is called and just shutting it down. Most don't use rocket science

    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  7. #7
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,130
    some virus ARE version dependent. Or even language dependent (works on Russian Windows, but not on English version).
    About shutdown services (windows or unix) is quite easy as nihil stated. All of them has standard name. I.E. you can find all NIS process and kill them. Or even delete them. Even on Unix you can kill those process (is special with you got malware while logged as an admin)
    To spread evil, they dont want to infect ALL systems, just 1% will cause a big problem
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides