New trojan spam tells you where to download trojan as "MS beta antispy"

Discussion in 'Computer Support' started by Joel Rubin, Mar 6, 2005.

  1. Joel Rubin

    Joel Rubin Guest

    If you get a spam "from Microsoft" inviting you to download the beta
    anti-spyware program from some place like

    http://microsoft-download.pisem.net...c9-ac0a-50512c6de0f9/Windows-KB890830-ENG.exe

    well, it was only 25K bytes so I did download it, but not run it. My
    antivirus didn't find anything but Kaspersky.com's online scan found

    Trojan-Downloader.Win32.Delf.iu

    When I examined it with a file viewer it was UPX compressed but in a
    way so that UPX wouldn't decompress it. I suppose someone who doesn't
    want to be reverse engineered could do that but I think 90+% of the
    time that's an indicator of malware.
     
    Joel Rubin, Mar 6, 2005
    #1
    1. Advertising

  2. Joel Rubin wrote:
    > If you get a spam "from Microsoft" inviting you to download the beta
    > anti-spyware program from some place like


    > http://microsoft-download.pisem.net...c9-ac0a-50512c6de0f9/Windows-KB890830-ENG.exe


    > well, it was only 25K bytes so I did download it, but not run it. My
    > antivirus didn't find anything but Kaspersky.com's online scan found


    What's "[your] antivirus"?

    --
    Blinky Linux Registered User 297263
    Who has implemented Usenet Solution #45933:
    Now killing all posts originating at Google Groups
     
    Blinky the Shark, Mar 7, 2005
    #2
    1. Advertising

  3. Joel Rubin

    Mack Guest

    "Actually servers in the U.S. do a pretty good job
    of screening some viruses, trojans, and worms. However,
    I use a server in S. Africa which absolutely has every worm, virus, trojan,
    Pfish etc. represented. One recurring is from "Microsoft"
    and looks very legitimate; click on the attachment and
    your computer is history. Replete with MS logos etc.,
    and looks very authentic. Been there for at least two
    years. I would never download anything with and
    attachment purporting to be from MS. I would go
    to the MS site first.
     
    Mack, Mar 7, 2005
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. C A Preston

    Spam-Spam and more Spam

    C A Preston, Apr 12, 2004, in forum: Computer Support
    Replies:
    2
    Views:
    812
    Hywel
    Apr 12, 2004
  2. Unclaimed Mysteries

    NYPD tells you the Right Way to take pictures. Got it?

    Unclaimed Mysteries, Apr 12, 2006, in forum: Digital Photography
    Replies:
    43
    Views:
    1,048
    salgud
    Apr 20, 2006
  3. Clwddncr
    Replies:
    6
    Views:
    877
    Dave - Dave.net.nz
    Feb 7, 2005
  4. Anonymous
    Replies:
    1
    Views:
    247
    Your Name
    Jan 11, 2014
  5. Anonymous
    Replies:
    1
    Views:
    233
    Your Name
    Feb 12, 2014
Loading...

Share This Page