Re: Trojan horse Downloader.Generic.ML

From: Zvi Netiv (support_at_replace_with_domain.com)
Date: 06/23/05

• Next message: Louise: "Should I dump Norton 2002 ?"
• Previous message: nemo_outis: "Re: What can one do against Keylogger Attacks?"
• In reply to: Arthur Hagen: "Re: Trojan horse Downloader.Generic.ML"
• Next in thread: Roger Wilco: "Re: Trojan horse Downloader.Generic.ML"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Thu, 23 Jun 2005 04:23:58 +0300

"Arthur Hagen" <art@broomstick.com> wrote:
> Zvi Netiv <support@replace_with_domain.com> wrote:

> > The definition of virus ( www.invircible.com/glossary.php ) is: "A
> > virus is parasitic computer code that replicates by producing
> > functional copies of itself into host files. The infected hosts
> > inherit the replication ability of the affecting virus, in addition
> > to maintaining the original functionality of the host program or
> > file."
> >
> > The last part requires that everything that was contained in the
> > program in its preinfected state, be still there, plus the necessary
> > changes made by the virus to incorporate its own code in the program
> > flow. A direct deduction is that all virus infections are
> > theoretically reversible, by reverting the changes made to the
> > program, and since nothing from the original code was lost. This is,
> > in a nutshell, the entire theory on which virus disinfection and
> > recovery is based upon.
>
> You forget that a virus can *replicate* the functionality of a program
> without keeping it, in which case there's nothing to revert back to.
> This is most certainly true for most boot virus, and also some file
> virus do this.

The discussion is about plain integrity checkers versus AV adapted integrity
checkers/restorers. See <8skab19h5v3unr41o5ipm776g61jtui03c@4ax.com>
 
Regards, Zvi

--
NetZ Computing Ltd. ISRAEL www.invircible.com www.ivi.co.il (Hebrew)
InVircible Virus Defense Solutions, ResQ and Data Recovery Utilities

---

• Next message: Louise: "Should I dump Norton 2002 ?"
• Previous message: nemo_outis: "Re: What can one do against Keylogger Attacks?"
• In reply to: Arthur Hagen: "Re: Trojan horse Downloader.Generic.ML"
• Next in thread: Roger Wilco: "Re: Trojan horse Downloader.Generic.ML"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Weight Watching ... health of the host this would lead to very low levels of infection. ... to say that "it's not in the interests of the virus to kill off ... process of evolution per se. ... a virus is formed that is able to spread to ... (uk.rec.motorcycles) Re: Weight Watching ... virus' interests to kill off its hosts too quickly so it will tend to ... so why would a less virulent form ... it may take some time but at an earlier stage it can weaken the host ... (uk.rec.motorcycles) Re: What to do about Islam? ... Influenza would control the AIDS epidemic. ... AIDS sufferers and IV drug users have a weakened ... virus to yet another deadly virus might produce a few ... and a disease which kills its host is a failure. ... (rec.org.mensa) A question for the list... ... to virus infections that have affected networks and hosts. ... attempts to remove the virus from the host. ... I have read the reports correctly, ... (Incidents) Re: Weight Watching ... from the mutation of the virus. ... The host and the pathogen are each part of the other's ... Evolution of either one does not take place in issolation. ... successful phenotypes will be determined by selective pressure in the ... (uk.rec.motorcycles)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > alt.computer.security  > 2005-06