|
Active Virus Shield from AOL is a great thing. How could a free ativirus based on the Kaspersky Labs not be?
Granted, they had some sort of a mix up when they released it in the dubious company of a former "less-than-good-ware". But AOL sort of cleared it up. And poor old me is still naive enough to believe in good intentions.
So, here i was, trying to figure a way to get AVS into BartPE. Reading a refistry dump of course.
And this comes along.
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP6\profiles\AVService\settings\Excludes]
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP6\profiles\AVService\settings\Excludes\0000]
"Enable"=dword:00000001
"Triggers"=dword:00000001
"Description"=""
"VerdictMask"="not-a-virus:AdWare.Win32.Softomate.j"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP6\profiles\AVService\settings\Excludes\0000\Object]
"Mask"="c:\\program files\\aol security toolbar"
"Recurse"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP6\profiles\AVService\settings\Excludes\0000\TaskList]
"0000"="ods"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP6\profiles\AVService\settings\Excludes\0000\VerdictPath]
"Mask"=""
"Recurse"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP6\profiles\AVService\settings\Excludes\0001]
"Enable"=dword:00000001
"Triggers"=dword:00000003
"Description"=""
"VerdictMask"="not-a-virus:AdWare.Win32.Softomate.j"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP6\profiles\AVService\settings\Excludes\0001\Object]
"Mask"="C:\\PROGRA~1\\AOLSEC~1\\AOL_SE~1.DLL"
"Recurse"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP6\profiles\AVService\settings\Excludes\0001\TaskList]
"0000"="oas"
[HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\AVP6\profiles\AVService\settings\Excludes\0001\VerdictPath]
"Mask"=""
"Recurse"=dword:00000001
Now, KAV does have an exclusion list. AVS does not. But that feature is part of the KAV engine. Its only the AVS graphical front end that does not give you acess to it. The reason why is pretty much obvious by now. AOL was using the exclusion list themselves to mask out their toolbar.
Bottom line, AOL did know about the "less-than-good-ware" they were bundling. They knew it well enough to mask it out using the exclusion list. And preventing easy acess to said list.
Nice job guys. Next time remember to cleanup the registry keys in you later installs, because at the moment, tough the badware is gone, the exclusion entries are still finding their way into the registry.
I appreciate AOL's offering of a free AV, especially if it is of KAV quality, but i really can do without the AOL sanctioned malware, past and future. |