TIP: Click on subject to list as thread! ANSI
echo: virus_info
to: THE VISIONARY
from: DMITRY MOSTOVOY
date: 1996-12-29 22:40:00
subject: Re: Here again!

           Hi The!
22 Dec 96, letter The Visionary to Alexander Kovneristy:
 TV>        I would have to say that if every .EXE file was engineered to
 TV> CRC itself before execution, there would be no more .EXE infections,
 TV> since that in itself is a fairly solid form of self-checking (although
 TV> can be worked around, but not very easily).
    The most simple stealth method is to take int 21h fun. 4bh and to 
desinfect file before execution. Virus code get control before executable 
file itself, so self-checking will not find any changes. And at the end of 
the execution virus reinfects the file. It is very widespread stealth method.
                                    Dmitry Mostovoy
--- GoldED 2.50+
---------------
* Origin: DialogueScience, Moscow; E-mail: dmost@dials.ru (2:5020/69.4)

SOURCE: echomail via exec-pc

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.