Surprise.exe

I received a phone call the other day from a friend, now referred to as John He said he kept getting a popup on his screen saying that he was infected with a virus and for the low price of $79.99 this program would remove it. John then started to tell me about this email he received, from someone he knew and he was expecting this person to send him a file. I saw this email, and it looked something like this:

From: luigi
To: john
Subject: i think you will like this
Body:
http://Url.to.surprise.exe

There are a couple things wrong with this picture,
1. The subject is non-descript.
2. The body contained only a link (url) in this case to the virus

If you receive an email like this, I would not click on the link. Even if it is suppose to be a hilarious video of some kid getting attacked by the family cat.

And what happened to him after he downloaded and ran the file sure was a surprise to him. John had 2 anti-virus programs on his computer. Microsoft Security Essentials which we will call MSE for short and Malwarebytes Free Version. MSE did not prevent the installation of this program, however it did find the trojan that Suprise.exe tried to install. Malwarebytes did successfully find and remove the program.

Be very careful with what links you click on. If you think it might be a virus reply to the email and ask your friend if they had intended to send you that email. Its better to be sure then have to worry if your data is safe. John was lucky that he had someone he could call and that the virus didn’t delete any of his data.

References:
Microsoft Security Essentials –http://www.microsoft.com/security_essentials/
Malwarebytes – http://www.malwarebytes.org/

Comments are currently closed.