2008-07-01
Abstract
By the addition of a relocation table, Vista executables can be configured to use a dynamic image base. That essentially turns them into executable DLLs. Now a virus has come along that has made a ‘breakthrough’ by infecting these executables - or it would be a breakthrough if it weren’t for the fact that relocatable executables have been supported since Windows 2000. Peter Ferrie takes an indepth look at the buggy W32/Truvel.
Copyright © 2008 Virus Bulletin
The full article is available to registered users. Click here for free registration or, if you already are a registered user, login to access the full article.
![]() |
Magazine | ![]() |
![]() |
Quick Links | ![]() |
![]() |
Poll | ![]() |
| ||||||
![]() |
VB100 certification | ![]() |
| ||||||
Virus Bulletin currently has 224,243 registered users.






This month's VB100 test saw some major changes and a radical overhaul of the VB100 test methodology - for the first time allowing products to use their 'cloud' look-up systems. John Hawes has all the details.