- Jan 8, 2011
- 22,361
A free AV product protecting a Windows XP machine, right?
No, actually it’s malware – a Brazilian Trojan banker coming via email and then using a masquerade to stay in the system. The malware is 386Kb only, written in Delphi, and comes via an email together with a bunch of many other malicious and non-malicious files.
...
Before dropping the mentioned fake Avast product, another module, based on the anti-rootkit product Avenger, tries to remove the following legitimate AV products from the system if they are installed: AVG, McAfee, Panda, Nod32, Kaspersky, Bitdefender, Norton, Microsoft Security Essentials, PSafe, Avira and Avast.
Source : Link