We’re seeing numerous Youtube videos advertising programs and functionality related to Windows XP, which is interesting given it just rode off into the sunset.
A relevant angle to start off with: security programs, because a little extra security on an XP box certainly won’t hurt these days:
The above links lead to PUP executables (Potentially Unwanted Programs), which in this case Malwarebytes Anti-Malware detects as PUP.Optional.Amonetize.A. The VirusTotal score is 16 / 51, and you can see a Malwr analysis here.
We saw more downloads elsewhere, such as the following “Media Center” keygen which we detect as RiskWare.Tool.CK.
Keygens are something you should really avoid, as more often than not you never know quite what you’ll end up with. As for XP themed “setup files”, those links took us to the usual selection of surveys and ringtone offers:
We even saw XP themed adverts from installs entirely unrelated to anything to do with the above. Adam was testing a PUP called YourFileDownloader and saw a Windows XP Driver Download advert:
The advert leads to a download for a driver updater program:
You have to pay to register and unlock the program for use.
I’ll hazard a guess and say if you’re still running XP by this point, you probably don’t need any help keeping that box up to date with drivers and everything else. If you’re wondering, the VirusTotal score for the original executable is 5 / 51 and we detect it as PUP.Optional.YourFileDownloader.
Take care with the last minute surge of XP themed downloads and offers – whether on social networks, forums or video sharing sites a lot of what you’re going to see over the coming weeks will probably not do you any favours to install or sign up to. XP may be dead and gone in terms of updates, but that doesn’t mean pitfalls and boobytraps have followed suit.
Christopher Boyd (Thanks Adam)
