One really dumb fake scan.
The “businessmen” behind the AntivirusStudio2010 rogue security product have a web site that runs a fake scan of a visitor’s machine, tells him it’s infected then tries to sell him their product. If you look behind the scenes though, the scan is really dumb and sort of funny.
When you go to the site, the page automatically begins a “quick scan:”
(click on graphic to enlarge)
And, of course it finds malicious code on your machine.
(click on graphic to enlarge)
In the grayed-out page behind the “Scan Results” box, it lists the malware it allegedly found.
(click on graphic to enlarge)
If you look at the page source code, you’ll notice that the “scan” information is hard coded right in the HTML! So, every visitor has the same result! Wow, if only detecting malcode was that easy!
(click on graphic to enlarge)
Now here is the result of a REAL AV scan – VIPRE identifying the Unvirex download as LooksLike.Win32.malwareD (v).
(click on graphic to enlarge)
Thanks Patrick.
Tom Kelchner