- New trojan spam tells you where to download trojan as "MS beta antispy"
- Posted by Joel Rubin on March 6th, 2005
If you get a spam "from Microsoft" inviting you to download the beta
anti-spyware program from some place like
http://microsoft-download.pisem.net/...890830-ENG.exe
well, it was only 25K bytes so I did download it, but not run it. My
antivirus didn't find anything but Kaspersky.com's online scan found
Trojan-Downloader.Win32.Delf.iu
When I examined it with a file viewer it was UPX compressed but in a
way so that UPX wouldn't decompress it. I suppose someone who doesn't
want to be reverse engineered could do that but I think 90+% of the
time that's an indicator of malware.
- Posted by Blinky the Shark on March 7th, 2005
Joel Rubin wrote:
What's "[your] antivirus"?
--
Blinky Linux Registered User 297263
Who has implemented Usenet Solution #45933:
Now killing all posts originating at Google Groups
- Posted by Mack on March 7th, 2005
"Actually servers in the U.S. do a pretty good job
of screening some viruses, trojans, and worms. However,
I use a server in S. Africa which absolutely has every worm, virus, trojan,
Pfish etc. represented. One recurring is from "Microsoft"
and looks very legitimate; click on the attachment and
your computer is history. Replete with MS logos etc.,
and looks very authentic. Been there for at least two
years. I would never download anything with and
attachment purporting to be from MS. I would go
to the MS site first.
- "Registry editing is disabled" by virus/trojan (Security & Administration) by ehgoodrich@hotmail.com
- M$ antispy to be free even after beta, new "refresh" available (Computers & Technology) by Joel Rubin
- Re: SpamPal files:AntiVir says "Trojan", ClamWIn Says nothing (Software & Applications) by REM
- Is "a squared anti-trojan free" any good? (Software & Applications) by Chris
- 3rd post re Down load Trojan and Worm AutomatAHB : Do not open message sfrom "Microsoft" (Computers & Technology) by Geoff/Elaine
