Dustin expressed precisely :
> Virus Guy wrote in news:lro2j1$rkc$1@speranza.aioe.org:
[...]
>> "The non-ASCII trick is a tool Microsoft uses to hide its source
>> code from being copied, but the feature was later cracked."
Conflating JS Encode with non-ASCII naming.
>> Registry-infecting reboot-resisting malware has NO FILES
>> Anti-virus doesn't stand a chance becuase there's nothing for it to scan
As has been metioned many many many times before - it is essentially
'game over' when you allow a malware to execute on your machine. The
primary goal of AV/AM is to avoid such.
> *yawn* puff piece and horse ####. You need better more reliable
> resources...
The author apparently misunderstands quite a bit.
>> The non-ASCII trick is a tool Microsoft uses to hide its source code
>> from being copied, but the feature was later cracked.
Again, conflating the two separate issues.
> NO, this 'trick' doesn't. It stops MS regedit and other lamers, but that's
> about it.
Yep, it shouldn't be hard at all to find such in the registry. There is
no legitimate reason for encoded JS in the registry AFAIK.
https://blog.gdatasoftware.com/blog/article/poweliks-the-persistent-malware-wit
hout-a-file.html
--- NewsGate v1.0 gamma 2
* Origin: News Gate @ Net396 -Huntsville, AL - USA (1:396/4)
|