Hi,

A file was sent to me from phoniest of phony-looking email addresses and all I can tell is it's a packed executable, no idea what it does but I have suspicions (some sort of mutant ASPack keeps me from decompression).

Anyway, it's probably meant to do bad stuff. In order to fry the perpetrator who sent me this I have to know if is destructive. I figured someone else here knew more about EXE packers and/or they have a temporary machine that they didn't care if the HD got trashed.

It would help because the email account I had received the trojan from I use only for HA and Monkey's forums. I do not like to suspect all the members of both forums, it would be best to place full blame on the guilty person.

Thanks for reading.

Do you run a firewall AND anti-virus program? I have Kerio Firewall & Norton AV.. together I believe (hope) they can stop any trojan I recieve, because sometime's I'm dumb enough to run them..

You could try just executing it yourself, the firewall can stop it accessing the internet (to alert the creator) and the AV program will bust it down if it tries doing anything...

However, DON'T try this unless you are willing to risk your computer.. Don't believe I know what I'm talking about to a high degree, because even I don't believe that


About the email issue, there are crawlers and the like which might of harvested your email address just from it appearing on this site... or just because it contains "word_number@thehosttheyarespamming.com" if that makes sense.. (my sister gets a ton of spam for being loolabell40 or whatever she is..)

Most viruses spread by mail. It means that if you receive a virus from someone, and this virus has infected 100,000 people, then there is one chance that someone sent it to you in order to harm your computer, and 99,999 chances that the virus sent itself on its own from an infected machine to yours.
Exept if some people collect viruses found on the net in order to send them to people they don't like.

Well you can find that out yourself, I wouldn't recommend sending the file to anyone except for your antivirus software developer who could either update a removal utility, or create one.

You would need to scan the file with updated antivirus software, however most antivirus scanners are not so great in combating Trojans - sure they can detect them but undoing the damage usually results into having to download a special removal utility, which of course means the Trojan must be detected by name for you to download the correct removal utility.

If you have a file you think is suspicious and your antivirus software doesn't detect anything you may want to try an anti-trojan scanner made specifically for detecting and removing Trojans:

Trojan Remover (Shareware/Trial): http://www.simplysup.com/

The Cleaner (Shareware/Trial):
http://www.moosoft.com/

...And of course don't forget the freeware F-PROT Antivirus for DOS http://www.f-prot.com/ which can detect all sorts of destructive files over 87,000 of them.

Great answers, I really appreciate it. The original email has some information on the sender, the file attached to the email had no extension (it's a ZIP) containing a PIF file (an executable with a bogus ASPack compression). To me that seems a little too wacky for the typical trojan or worm, it looks more like a "Get Un-well" card from a secret despiser. Perhaps.

I think instead of letting it consume you, and wanting to get revenge or anything of the liking it would be best to just block the sender email address and forget about it - since reporting things to ISP's generally doesn't solve anything more than wasting your time.

If anything it will teach you to never trust any file sent to you in an email anonymously without first scanning it with good updated antivirus software before poking around with it. Of course a good rule of thumb is to never open an un-requested file that you yourself didn't ask to be sent to you.