But, even if you wanted to download HijackThis, this isn't it. Symantec detects the file as a dropper Trojan, and recommends everyone to take this simple little step to check every file that looks suspicious for any reason and whose provenience you doubt - oftentimes, the attackers won't even bother to properly disguise the file they are sending, or will do it badly.
::Trend Micro Threat Resource Center::
04 May 2010
Trojan disguised as a toolbar for Facebook
A Facebook toolbar is just what you need to make your sharing and connecting with friends easier, says in an email supposedly coming from "Facebook.com":
If you decide to click on the download link, the downloaded file ("toolbar.exe") will present itself with an icon of a black ball with "darkSector" written on it. That should be enough to raise suspicion, and a look at the file properties should be in order:
Sure enough, the properties reveal a positive jumble of information that has no connection whatsoever to Facebook (HijackThis is a well-known piece of security software from Trend Micro).
But, even if you wanted to download HijackThis, this isn't it. Symantec detects the file as a dropper Trojan, and recommends everyone to take this simple little step to check every file that looks suspicious for any reason and whose provenience you doubt - oftentimes, the attackers won't even bother to properly disguise the file they are sending, or will do it badly.
But, even if you wanted to download HijackThis, this isn't it. Symantec detects the file as a dropper Trojan, and recommends everyone to take this simple little step to check every file that looks suspicious for any reason and whose provenience you doubt - oftentimes, the attackers won't even bother to properly disguise the file they are sending, or will do it badly.