Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page Write Access on Win9x
Register Forum Rules FAQ Calendar Mark Forums Read

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 04-27-2005, 19:59
bgrimm bgrimm is offline
Friend
  
Join Date: Jan 2004
Location: South of The North Pole
Posts: 66
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 0
Thanks Rcvd at 3 Times in 3 Posts
bgrimm Reputation: 0
Don't quote me on this, as I'm not to familiar with the 9x VX scene.

But it is my understanding the HPS virus used an undocumented int21 routine to access Kernel32.dll, then from there you can find VxDCall.

An overview of how it is done is located here:
h**p://vx.netlux.org/lib/vgy06.html

An analysis of the HPS virus is here:
h**p://www.peterszor.com/hps.pdf


-bg
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Hybrid Mode Hybrid Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
For those who write tutorials. Nilrem General Discussion 4 02-03-2004 00:21
Making unpacked progs work on both WinXP/Win9x? Barry General Discussion 5 02-02-2004 04:04
SoftICE (DS 2.6 || SS 2.6) + ICEDump 6.025 + win9X --> Not Work fine? sky General Discussion 1 09-19-2002 09:51


All times are GMT +8. The time now is 19:00.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )