Author: Keith Evans
Date: 15:26:56 06/01/05
Go up one level in this thread
On May 31, 2005 at 14:05:52, Christopher Conkie wrote: >Hello Dann, > >Well I don't want the kind of destructive argument that did take place in that >thread and I contacted them. > >This was what they did to rectify that situation and I respect their decision in >that. > >We are all trying to collate information rather than get caught up in some angry >argument. > >Someone said they had contacted Symantec and did not provide any supporting >evidence. I asked for it and got diddly squat. > >I don't believe it ever happened and that there is no mail. > >I could however contact them if you like. I think however that the answer from >them will pretty much be what is on their webpage. > >To embed a script in an exe before compilation would require some >transformation. There is no proof anywhere that this nastiness attaches itself >to anything. It just does not work like that. > >I still have a copy of the offending exe and if any programmer would like to >take up the challenge, it could be made available to them. I have musterred all >my web power to try to provide a sane and logical explanation for this as I >personally do not wish that this is true. > >I would have an explanation (at a very long stretch) if the exe was just named >Fafis.exe and did not play chess. But it does, so on all known information it >must have been attached. There are no known mechanisms that attach this >particular file to something else. > >Not only that but the file is both compressed and encrypted. > >Also the script is in a different language. For compilation to succeed it would >need to be translated for the compile to be successful. I've tried it. > >I still hope that there is a reasonable answer out there but like all others >await the examination of the code. I hope it is the same code including said >nastiness and then maybe we can discover how it is inside there. > >If you would like me to contact Symantec (or any anti-virus company) to get a >definative answer I can. Any responses I can publish for the benefit of those >who did use the file. > >I just can't see an explanation anywhere. I would like to be wrong but...... > >Shall I send them a mail? I'm sure that they will reply. They might be able to >examine it for themselves and explain how. What do you think? > >Regards > >Christopher How would a programmer go about attaching this particular worm to an exe? (Please no step by step instructions.) I mean is this an obvious thing, or a whole tedious procedure to be worked out? If it's not so obvious how to do this, then ... ? -Keith
This page took 0 seconds to execute
Last modified: Thu, 15 Apr 21 08:11:13 -0700
Current Computer Chess Club Forums at Talkchess. This site by Sean Mintz.