AVG - MSN , , WinRAR, , IM
) - malware, . , uses AVG AVG , AVG -- AVG -- ( AVG 8 AVG 8.5), ’ AVG WinRAR , , RAR AVG -- downloaded (MSN) , IM, - .
) AVG ’ using, AVG . , i.e. x86 (32-) x64 (64- ).
32- x86
AVGSCANX.EXE /scanfile=%% exe=* . :
AVGSCANX.EXE scanfile=%% exe=*
“CProgram:\ FilesAVGAVG8AVGSCANX.EXE\\\” scanfile=%% exe=*
64- x64
AVGSCANA.EXE /scanfile=%% exe=* . :
AVGSCANA.EXE scanfile=%% exe=*
“CProgram:\ (x86AVGAVG8AVGSCANA.EXE)\\\” scanfile=%% exe=*
, customized , HEUR heuristic . “avgscanx.exe ? ” “avgscana.exe ? ” ) .
AVGSCANX.EXE AVG – CProgram:\ FilesAVGAVG8\\, CProgram:\ FilesGrisoftAVG7\\\, CProgram:\ FilesGrisoftAVG\\ \, CProgram:\ FilesAVGAVG\\ \ ( AVG -- 8.5 ).
) AVG .
Using AVG
, > > configure :
CProgram:\ FilesAVGAVG8avgscan\\\?.exe ( ‘?’ ‘x’ ‘a’)
configure :
/=% ext=*
AVG WinRAR
WinRAR, > configure :
CProgram:\ FilesAVGAVG8avgscan\\\?.exe ( ‘?’ ‘x’ ‘a’)
:
/=% ext=*
AVG IM
IM, > > , configure :
CProgram“:\ FilesAVGAVG8avgscan\\\?.exe” =% ext=* ( ‘? ’ ‘ ’ ‘ ’)
AVG ,
, > ,
CProgram:\ FilesAVGAVG8avgscan\\\?.exe =% ext=* ( ‘? ’ ‘ ’ ‘ ’)
Using AVG - MSN
AVG 8 AVG 8.5, anymore MSN . ) downloaded , 0 . ’ using AVG 7.5, > > , using , :
CProgram“:\ FilesGrisoftAVG\\ Freeavgw.exe\” SE
AVG 8 AVG 8.5 , ScanAVG8.bat :
@echo ,, ( ‘?’ ‘ ’ ‘ ’)
"CProgram:\ FilesAVGAVG8avgscan\\\?.exe" =% HEUR
ScanAVG8.bat . MSN , > > , using , :
CPathToScanAVG8.bat“:\\\” ( \ ScanAVG8.bat ’ )
- , ScanAVG8.bat :
@echo
"CProgram:\ FilesAVGAVG8avgscan\\\?.exe" =% HEUR ( '? ' 'x' 'a')
- MSN ( MSN )
- : Dr.Web -- ( PC )
- “ ” -- /Malware/Spyware ) OneCare
- AVG -- 8.5 7, XP
- (MSN) ’ Phishing URL ( ‘ ’)
- )
- CA -- 2009 1
- ) AVG -- 7.5
- AVG -- 8.0.135a
- Ads - Visualisation
Entries (RSS)
7th, 2009 2239:
ITguy, ) AVG ’ ?
7th, 2009 0811:
’ WINRAR, CMD “ ” “ ” . avggui.exe lauch AVG ) autoscan.
MDL, .