johnwhelan
Well-known member
Malware basically needs to be executed before it can do any harm. What many of the Malware scanners do is look for a particular string of characters. Many err on the side of caution ad from a sales point of view if you see it flagging something you think wow its working.
Reality is false positives are a major source of problems. Most Malware these days sneaks in through your browser going to an infected web site. Adobe Flash, Java are all well known entry points. Running Win 7 or later and keeping it up to date with Microsoft updates means most Malware won't stand much chance anyway. Firefox with no script is quite good at stopping javascript attacks.
The .cdp files we use are used as data to things like TS12. If you're running in a normal account rather than an administrator account TS12 is quite restricted in what it can do to damage the operating system.
Then you get to the bit where you look at what TS12.exe actually does. It quite restrictive in that it basically displays things on the screen and plays a few sounds. So even if we manage to feed it a bit of bad data ie a tatty .cdp unlike a browser which has access to practically everything and executes addons, scripts etc its going to be extremely difficult to make it do tatty things.
Besides which Malware writers are lazy, its much better bang of the buck to write Malware that uses very common software that way you infect far more machines for the same effort than to write it for TS12.exe.
I stand to be corrected but I don't think anyone has managed to insert Malware that could attack a machine into a .cdp. If nothing else I doubt if the documentation for the software existis other than the source code.
Cheerio John
