I rarely read many articles all the way through bc I’m so busy these days, but I just loved this article on “Rogue Antivirus Dissected” from Joe Stewart.
Basically Joe breaks down XP Antivirus 2008:
* Is there ANY antivirus capability in AV XP 2008 or is it 100% fraudulent?
* What happens when you pay to register the program?
* Where does the money go?
* Who is behind all this?
* How much money are they making?
{ 4 comments… read them below or add one }
That was actually a really interesting article! Thanks!
* How much money are they making?
http://pandalabs.pandasecurity.com/archive/Who-Wants-to-Be-a-Millionaire_3F00_.aspx
intresting
To test whether or not these threats are actually detected and removed by AV XP 2008, we surfed to doubleclick.com (loading a DoubleClick cookie onto our machine) and manually created a file in C:\WINDOWS\system32 named ctfmona.exe, a known filename associated with malware (and one of the filenames listed in the AV XP 2008 compress.dat file), containing only the word “test” instead of executable content.
Surprisingly, Antivirus XP 2008 actually detected and removed both, but only after running a manual scan – we were able to add both files to the system despite the “Realtime Protection” feature: