On Friday 24 August 2007 17:59, Jude DaShiell wrote:
how these trojans survive is by surviving operating system reinstalls.
The better trojans hide themselves in several out of the way places on
disks and after adjacent areas have got their new files copy themselves
back into the areas where no more disk wiping by the installer is about to
happen. Trojan file names get changed too whenever this happens too.
How would a trojan be activated to copy itself back if block zero was
wiped, a new partitition table was installed, and new file systems
created? Yes, an image of a trojan may still exist in the unused sectors
of the first track of a partition, but how could it be activated?
--Mike Bird
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org