Wilders Security Forums  

Go Back   Wilders Security Forums > Other Security Topics > malware problems & news
Reload this Page Signature of packed files
User Name
Password
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

 
 
Thread Tools Search this Thread
  #1  
Old September 29th, 2004, 08:29 AM
r3l4x r3l4x is offline
Infrequent Poster
  
Join Date: Jun 2004
Posts: 19
Default Signature of packed files
Hello
I wonder how removal tools (like Symantec fixes for worms) work to detect packed viruses (UPX, ASPack, PECompact etc....).
An antivirus can unpack files with unpackers so an antivirus researcher can analyze the real code and find a signature.
But a removal tool I believe can't upack files, so the virus signature isn't the same because it scan packed file and not unpacked file.
So how detect a "strong" signature for packed infected files without unpack them? (like F-Prot do)

Regards
 

Wilders Security Forums > Other Security Topics > malware problems & news « Previous Thread | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Settings
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -4. The time now is 08:20 PM.

Contact Us - SSL - Wilders Security - Archive - TOS/Privacy - Top

Powered by vBulletin® Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2013, Wilders Security Forums