Klez at it again
Philip J. Koenig
pjklist
Mon May 17 11:30:48 PDT 2004
On 2 May 2002, at 18:24, David A. Bandel boldly uttered:
> NOTE: Klez, when run, first disables antivirus software, deletes
> signature files from common AV programs, then installs itself as a
> service. You can't run, you can't hide, all you can do is reformat.
Actually most major A/V vendors have written tools to remove the
worm. Here are 2 examples, the first one also includes manual
removal instructions:
http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=WORM_KLEZ.H (overview)
http://www.antivirus.com/vinfo/security/fix_worm_klez_3.11.zip (fix)
http://www.antivirus.com/vinfo/security/readme_worm_klez_3.11.txt (readme)
http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.gen@mm.html (overview)
http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.removal.tool.html
--
Philip J. Koenig pjklist at ekahuna.com
Electric Kahuna Systems -- Computers & Communications for the New Millenium
More information about the Linux-users
mailing list