Showing posts with label computer virus. Show all posts
Showing posts with label computer virus. Show all posts

Sunday, February 24, 2013

Virus Hunting

    Where do you look for virii?  Simple, you look in computer memory (RAM).  Computer programs of any kind have to be loaded into memory to work at all.  Windows uses the name "Process" for each  piece of programming loaded into RAM.   Process Explorer is a freeware program that lists all the processes loaded into memory.  It can be downloaded from the web.  Just Google for "Process Explorer" to find a site to down load it from.
    When running, Process Explorer displays a list of all programs loaded in memory, and thus runnable.  A typical computer will have about 30 processes loaded.  Most of these processes are parts of Windows and are supposed to be there.  But if you have a virus, it will show up in the Process Explorer. 
   So how does one tell the harmless and necessary parts of Windows from virii?  Just right click on the process name and Process Explorer will Bing (Microsoft's Google competitor) the internet for information on the program name.  Cool.  You will get dozens of hits on every process name.
   You want to read a number of them.  Many of the hits are from websites offering magical Windows Washing programs.  I don't trust  magical Windows Washers, they can be virii themselves, or they can break your computer.  But postings from, Da Tech Guy, Bleeping Computer, CNET and many others are reliable.  Take a preponderance of evidence.  If all the posts say it's part of windows, or all the posts say it's a virus, you know where you are at.  If most of the posts are wishy-washy, and the single post that calls it a virus sounds like a rant,  then it means no one really knows what it is. 
  So what do you do when you find a virus lurking in RAM?  It only gets into RAM by loading itself off disk at boot time.  You have to use Windows Explorer to find it on disk and zap it. In fact just to make sure it's really gone, I'd empty the trash after deleting the file. 
   This is hand-to-hand virus fighting.  You only need get  into this sort of thing after your anti virus program[s] have failed to kill. 

Wednesday, February 20, 2013

Apple Got Hacked

Yesterday Apple announced that a "small number" of employee's Mac's were infected by visiting a software development site.  Wow, a Mac attack after all that Appletalk about how only Windows gets infected by virii.  A "small number" presumably means something less than all the computers at Apple.  And, hard working Apple employees were infected at a software development site, not those nasty porn sites.  Apple workers never watch porn on the job.  Right.
  Since the infection occurred by just visiting a website, that means the browser did it.  The Apple browser got stupid and ran a program off that website, something it should never do, but all commercial browsers are doing today. 
  What the world needs is a secure browser that never ever executes programs from anywhere.  You would think such a browser would sell fairly well.  Maybe some of the flashier websites would look less flashy, but I'll take secure over flashy anyday.