accessory of virus/spyware...it seems to be

Yu Han
2008-08-02
2013-05-23
  • Yu Han
    Yu Han
    2008-08-02

    u know that,don't u?
    when a  virus/spyware pack with UPX,the antivirus could not detect it.
    ur app more effective,it will also made us more dangerous than ever.....

     
    • Lots of anti virus sw contain code that can unpack UPX compressed files. And don't forget, it's windows which make your system unsafe.

       
    • Yu Han
      Yu Han
      2008-08-03

      the code u mentioned didn't work at all ,since the UPX is so powerful.

      would you please tell me ,what can I do with suspect exes compressed by UPX?

      Maybe the UPX can make a little change that even a program was compressed ,still the source file's signature is unpacked that to make the antivirus can recognise it...

      THX for the reply :)

      --

       
    • You can manually decompress UPX compressed files using the "-d" command line option. After that you can run your virus scanner on it.

      Please note, that there is no such thing that "THE program signature", it's just a general term anti-virus vendors use - every one of them have a different algorithm for computing their signatures.

      L

       
    • Valhalla
      Valhalla
      2008-11-05

      Nowadays all antiviruses can "unpack" and check upx'ed executables.

      Actually, UPX is arguably the most antivirus-friendly packer.