Guys, Im sure this question has been asked a million times, but what are, and how do I use, the .exe files that come up when I search on usenet?

For instance: http://www.binabled.com/details.html?r=13889201

What is that file? How is it used if downloaded?

Thanks,

Tradr62

It's fake... Size: 189.5 KB

This is one has more change of being real than the first one you said, spot the difference?

https://www.binsearch.info/?b=Rosetta+Stone+v3.3.5+for+Windows&g=alt.binaries.world-languages&p=ziesjoem+%3Cnada%40nada.com%3E&max=250

The difference is "size" all files below 1.0mb generally are FAKE and are virus's...so use common sense when it comes to these, if you need the exact size go to the programs homepage and see the size of the download and compare that to the one on Usenet. The ones on usenet will always be about 10-50mb bigger because the par files.

With all the viruses-in-disguise being posted these days, its a good idea to look on NZB indexers first like *FilesharingTalk* for verified files -- especially applications. (Save the search engines for the rare stuff.)


Also, don't trust your antivirus to keep you safe. I've uploaded a lot of these newsgroup .exe's onto VirusTotal, and this proved to me that many popular antivirus applications will completely miss a lot of these dangerous trojans being spammed on Usenet by the thousands.

Good on you for not using Windows and if you do and don't know about .exe's then I pity you lol

You've just got to be knowledgeable enough to know that "if it's too good to be true it is"

With all the viruses-in-disguise being posted these days, its a good idea to look on NZB indexers first like *FilesharingTalk* for verified files -- especially applications. (Save the search engines for the rare stuff.)


Also, don't trust your antivirus to keep you safe. I've uploaded a lot of these newsgroup .exe's onto VirusTotal, and this proved to me that many popular antivirus applications will completely miss a lot of these dangerous trojans being spammed on Usenet by the thousands.

That's because some of them are not virus's/tojans but fake files just to throw people off...

That's because some of them are not virus's/tojans but fake files just to throw people off...
Really? Every .exe I've uploaded to VirusTotal has been reported as malware by at least a few AVs, but but this could easily be due to false positives. And it's rare to ever see anything identified as malware by all AVs on the list (about half is common).

I've also wondered if adware/spyware would slip by some AV scanners, since it's a coporate product and not considered malicious.

MediaDefender used to post a lot of password-protected blank files, but these were CD-size files.