Don't be a dim-wit. The only reason its a problem on NT is that MS decided to
not allow users to browse the other data streams (or forks, or whatever you
want to call them) in Explorer.
Actually, this type of virus is probably easier to find and clean because its
isolated itself in a nice little package that you can nuke at via the file
system.
>
>
> Keith Owens wrote:
>
>> http://www.net-security.org/text/articles/viruses/generation.shtml
>> describes a new generation of viruses which use NTFS stream support to
>> hide themselves.
>>
>> "Certainly, this virus begins a new era in computer virus creation,"
>> said Eugene Kaspersky, Head of Anti-Virus Research at Kaspersky Lab.
>> "The 'Stream Companion' technology the virus uses to plant itself into
>> files makes its detection and disinfection extremely difficult to
>> complete."
>>
>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Sep 07 2000 - 21:00:27 EST