New trojan spam tells you where to download trojan as "MS beta antispy"

If you get a spam "from Microsoft" inviting you to download the beta
anti-spyware program from some place like

http://microsoft-download.pisem.net...c9-ac0a-50512c6de0f9/Windows-KB890830-ENG.exe

well, it was only 25K bytes so I did download it, but not run it. My
antivirus didn't find anything but Kaspersky.com's online scan found

Trojan-Downloader.Win32.Delf.iu

When I examined it with a file viewer it was UPX compressed but in a
way so that UPX wouldn't decompress it. I suppose someone who doesn't
want to be reverse engineered could do that but I think 90+% of the
time that's an indicator of malware.

 

What's "[your] antivirus"?

 

"Actually servers in the U.S. do a pretty good job
of screening some viruses, trojans, and worms. However,
I use a server in S. Africa which absolutely has every worm, virus, trojan,
Pfish etc. represented. One recurring is from "Microsoft"
and looks very legitimate; click on the attachment and
your computer is history. Replete with MS logos etc.,
and looks very authentic. Been there for at least two
years. I would never download anything with and
attachment purporting to be from MS. I would go
to the MS site first.