ATTENTION AIM USERS!

Pyr-O-Rgasm · Post by **Pyr-O-Rgasm** » Sat May 14, 2005 5:45 pm

One of my friends keeps sending me this and says he didn't. He said he was sent the same IM from someone else who claimed they didn't send it.

" this was cool, check it out"

The word "this" is a link to download something from some place. But anyways, fair warning. Don't click it. I'm not sure what it is or what it does, but chances are it isn't good. The file I think was titled, "untitled.jpg.exe". I think. Something along those lines.

Archived topic from Iceteks, old topic ID:3321, old post ID:26916

Red Squirrel · Post by **Red Squirrel** » Sat May 14, 2005 5:48 pm

Hmm probably one of those IE exploits where if you click it with IE it invokes a bunch of scripts into your system. If you have the link PM me it I want to try it in firefox to see what happends. LOL I'm experimental like that.

Hmm I should just get VMware and do expirements like this in it.

Archived topic from Iceteks, old topic ID:3321, old post ID:26918

Pyr-O-Rgasm · Post by **Pyr-O-Rgasm** » Sat May 14, 2005 6:50 pm

In Firefox is asks you if you want to download "untitled.jpg.exe".

Archived topic from Iceteks, old topic ID:3321, old post ID:26919

richardj · Post by **richardj** » Sat May 14, 2005 7:08 pm

A double extension usually is the mark of a trojan.

Archived topic from Iceteks, old topic ID:3321, old post ID:26920

Red Squirrel · Post by **Red Squirrel** » Sat May 14, 2005 7:42 pm

Pyr-O-Rgasm wrote: In Firefox is asks you if you want to download "untitled.jpg.exe".

Figured. So the only way to get infected is if you do download it and execute it.

And yep it's probably a trojan. By default windows hides extensions (really bad, it should be the oposite) so it would apear as a .jpg file. If the virus writer was smart he probably made it have a picture icon of ms picture viewer or something.

Archived topic from Iceteks, old topic ID:3321, old post ID:26921