Path: utzoo!utgpu!news-server.csri.toronto.edu!rutgers!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw
From: coa44@seq1.keele.ac.uk (Mark Scase)
Newsgroups: comp.virus
Subject: EXE file compression with LZEXE and PKLITE (PC)
Message-ID: <0001.9101021349.AA03694@ubu.cert.sei.cmu.edu>
Date: 20 Dec 90 14:22:50 GMT
Sender: Virus Discussion List <VIRUS-L@LEHIIBM1>
Lines: 16
Approved: krvw@sei.cmu.edu

There has been recent discussion about the use of the EXE compression
program LZEXE and the possibility that viruses could hide within EXE
files that are subsequently LZEXEed.  Now some virus scanners can look
within these compressed files to see if something nasty is hiding.

I have recently discovered the shareware program PKLITE by PKWARE that
appears to do much the same thing functionally as LZEXE.  Does this
mean now that virus scanners should include a feature to look inside
PKLITEed files?

- --
Mark Scase,                 |    JANET: coa44@uk.ac.keele
Dept of Communication,      |   BITNET: coa44%keele.ac.uk@ukacrl
University of Keele, Keele, | Internet: coa44%keele.ac.uk@nsfnet-relay.ac.uk
Staffordshire, ST5 5BG, UK. |    Other: coa44@keele.ac.uk
(Phone: +44 782 621111)     |     UUCP: ..!ukc!keele!coa44