August 19th, 2006 11:06 AM
miag : A virus is built for damaging your ystem and will do so for sure...if you donwload a virus, it will surely damamge your system no matter what you do...the only way to prevent that is "REMOVE THE VIRUS".
Norton will surely detect a backdoor creation utility as a trojan bacuse its the job of norton...it identifies most of them!!!
Your laboratory will fail....its really not safe. For doing what you want to look at, you will probabaly have to install the windows on Linux on QEMU or use those viruses upon emulation engine like Wine!!
"Everything should be made as simple as possible, but not simpler."
- Albert Einstein
August 19th, 2006 11:37 AM
I said this on a not so serious note, but in principle, yes, it
Yep. Once you have opened startme.txt with notepad, you can alter the text
Im not able to understand what are you saying.....
Did you mean that if we alter that text some changes will be made in that .exe..
is possible to alter the strings in an executable - as long as your
text-editing tool does not change special character like #10 and #13
etc, and as long as you do not change the length of the strings.
Notepad is thus the wrong tool, a hex-editor is more appropriate
Have a look at theHorse13's tutorial about forensic analysis of malcode for competent answers.
partitioned windows/linux box, so i can see them working without damaging the whole damn thing....Would this be a reliable (safe) laboratory?
Have a look at  and . A short but incomplete answer is that
What does an AV exactly look for?
they scan for a specific sequence of bytes, called a signature.
I promise to try Google!!!
 http://www.antionline.com/showthread...ighlight=bagle and http://rozinov.sfs.poly.edu/papers/b...ysis_v.1.0.pdf
If the only tool you have is a hammer, you tend to see every problem as a nail.
(Abraham Maslow, Psychologist, 1908-70)