Re: WinCE.Dust Remover Concept

Hello Michael

Thursday, April 7, 2005, 11:50:57 PM, you wrote:
M> I am looking to design a virus remover tool for
M> WinCE.Dust (Pocket PC Virus infecting Windows Mobile
M> 2003). For those of you aware and into this malware
M> research working domain, could you please share some
M> schematics and/or logical structures/concepts for
M> proper removal of this malware ?
It is not very hard to disinfect files infected by Dust. In fact it's
pretty easy. Dust doesn't implement any kind of EPO or
polymorphic/metamorphic in it's base form. All you'll need to
code a proper removal tool is a knowledge of PE file format which is
documented in MSDN.

Also, due to the limitations presented in the article on Informit the
range of files that Dust is able to infect is really small if there is
any.

Whatever you'll do, have fun gaining the knowledge.

-- 
Best regards,
Ratter