- 4K (computer virus)
Computer virus
Fullname = 4K
Common name = 4K
Technical name = 4K
Family = N/A
Aliases = Frodo, IDF, Israeli Defence
Classification =Virus
Type =DOS
Subtype = COM,EXE
IsolationDate = 1990
Isolation = Unknown
Origin = Unknown
Author = Unknown4k is a
computer virus which infectsCOM file s andEXE file s. The virus was one of the first to employStealth tactics, infected systems will hang, displaying the message "Frodo Lives", on the 22 September, which is also the date of birthBilbo Baggins , a character from theThe Lord of the Rings .This virus was spread without the aid of the Internet. It was ported between systems by
floppy disk s.History
It first appeared in 1989. The first U.S. specimen was contracted in Dallas, TX, and quarantined with verification given by antivirus professionals. Reporters and TV crews recorded this in the local area news in August 1990. Its trail led from Dallas back to New York via a professional at a software firm creating software for lawyers. Virus firms had been tracking it previously in London a month or two before getting calls from New York. No specimens were quarantined or properly recorded in New York.
Raymond Glath of Phoenix, AZ, was the developer and owner of the Vi-Spy product which continued production until mid-release of Windows 95. Reports to McAfee antivirus and Vi-Spy antivirus firms resulted in only one product properly detecting the virus, Vi-Spy.
Operation
The virus added itself to the system in a way which defied normal infection processes. Because of this, it was able to infect a system without using
system subroutine s, which is what most antivirus products were watching. This is why the virus received the additional name 'stealth'. The infection process used a mathematical algorithm to determine the letters E-X-E & C-O-M. When a file was opened by the OS, the virus checked the extension of the file, and sometimes, other extension letters would be identified as a program file causing the virus to infect a data file and obviously corrupting its contentsBecause the virus appended itself to a file, without updating the disk FAT (
File Allocation Table ) as to the new file length, the system would cross-link files and fill up disks with allocation errors. This would damage programs and data alike. The description of the problems found while trying correct the 'stupid-looking errors' would cause most computer professionals to erase the system and start over. A few days later the problems would arise again. Diagnostic disks and installation disks used to fix the computer would commonly be infected with the virus and this would aid in the spread.External links
Wikimedia Foundation. 2010.