[lug] message from fschmid
D. Stimits
stimits at idcomm.com
Wed Jun 26 15:27:18 MDT 2002
Barney Treadway wrote:
>
> That "good tool" looks exactly like the Klez virus.
>
> my $.02
>
> Barney
It had what was listed as a .jpg file. The Klez will try to hide itself
with file extension games, like naming an executable with ".jpg.scr" or
".jpg.bat", hoping the o/s hides the ".scr" (script file) or ".bat"
(batch file) suffix from the user. In this case though, the suffix
really was ".jpg". Strangely enough, it looks like it is a neutralized
virus/worm. Perhaps some anti-virus software was hit along the way that
stripped the name down.
D. Stimits, stimits at idcomm.com
More information about the LUG
mailing list