Avast WEBforum
Other => General Topics => Topic started by: polonus on July 02, 2005, 08:04:18 PM
-
Hello my fellow virus killers,
Not everybody seems to know that exempt from explorer, every executable file can be run renamed. So an exe can be renamed as gif, a stealth technique a lot of miscreants prefer to rootkits. pckill.exe could so be run as a gif. So you need a hex viewer or a binairy scanner or FileAlyzer, yes even notepad to see that this file is not an ordinairy GIF file.
See how they do this on our gemproject blog: http://spaces.msn.com/members/gemproject/
greets
polonus