AVG Blogs | Virus Lab

This blog is written by virus analysts from AVG's Virus Lab.

Dangerous Flash Drives – The End(?) (Comments: 0)

Clipboard01 The vulnerability described in our previous two blog posts is closed. Microsoft released the patch with the “Critical“ severity and it is also part of the Automatic Updates. Patch details More information about the patch: Microsoft Security Bulletin MS10-046 -... read more

Posted September 03, 2010 by Hynek Blinka |

Subscribe to this blog via RSS

Dangerous Flash Drives – part 2 (Comments: 0)

Clipboard01 The story continues. Microsoft released their Security Advisory with workarounds regarding the „ .lnk vulnerability “ described in our previous blog post. To help you protect your systems, here are the two official workarounds, or you can visit the official... read more

Posted July 21, 2010 by Hynek Blinka |

Subscribe to this blog via RSS

Dangerous Flash Drives (Comments: 0)

Clipboard01 And here it comes again. You though, that turning the “auto-run” feature for removable drives off is sufficient and no “Worm/Autorun” can harm you again. And I bet you are pretty sure about it. I’m sorry, you are wrong. Few... read more

Posted July 16, 2010 by Hynek Blinka |

Subscribe to this blog via RSS

Believe it or not? (Fake AV and Fake IME) (Comments: 0)

Clipboard02 It's irony when malware that drops and installs Chinese IME into victim`s system pretends to be a regular AV component. It was first discovered on common Chinese website infected by "Aurora" exploit. This exploit execution causes that malware file qi.exe... read more

Posted May 21, 2010 in Analysis by Hynek Blinka |

Subscribe to this blog via RSS

Zeus 2.0 (Comments: 0)

image Flickr Credit: Sebastia Giralt The title of this post might confuse some people. The 2.0 symbol may trigger thoughts about yet another social networking story we have all read in the last three years and probably do not want to... read more

Posted April 27, 2010 by AVG Blogs |

Subscribe to this blog via RSS

The Show Must Go On… (Comments: 0)

image Flickr Credit: Raqib Our security research team is constantly monitoring what is happening on the Web that we at AVG should be aware of. Looking for malicious URLs, exploits, new obfuscation techniques are just a few of the tasks we... read more

Posted April 26, 2010 by AVG Blogs |

Subscribe to this blog via RSS

Japanese Ransom Trojan Horse (Comments: 0)

Clipboard01 This BBC blog mentioned recently a new threat attacking Japanese users aka "Kenzero" trojan and we would like to clarify some information about it. AVG detects all known variants as Trojan horse Generic17.ATLK and Trojan horse PSW.Generic7.AUUX. This malware belongs... read more

Posted April 23, 2010 in Analysis by Hynek Blinka |

Subscribe to this blog via RSS

Copyright Violation Scam (Comments: 0)

Violscm1 After years of rogue antivirus and antispyware products, scaring users by tens or hundreds non-existing infections it seems that there is new way how to rip off computers user - we have noticed malware pretending to be “Antipiracy client scanner... read more

Posted April 12, 2010 by Hynek Blinka |

Subscribe to this blog via RSS

NSS Labs’ Questionable Report (Comments: 0)

Aurora Attack It’s interesting that this is the first time in AVG’s history that anyone has come out and said that our product flat out doesn’t catch what it’s supposed to catch. That doesn’t fit with our reputation and it doesn’t fit our own experience with our 110 million customers. It just doesn’t smell right. AVG eagerly awaits a further response from NSS so they can see for themselves that AVG does indeed protect its customers from the Aurora attack. read more

Posted March 12, 2010 in AVG VirusLab News by AVG Blogs |

Subscribe to this blog via RSS

Fake Antivirus case analysis (Comments: 2)

Pic01 One of previous DHL scam campaign propagated downloader in ziped attachement named DHL_label_NR1156.exe. Collected Name: DHL_label_NR1156.exe SIZE: 41984 bytes MD5: f71d48a86776f8c0da4d7a46257ff97c After execution malware copies itself as incognito.exe into %system% folder. Downloader then gets two binaries named exe0.exe and dll.dll... read more

Posted March 11, 2010 in Analysis by Hynek Blinka |

Subscribe to this blog via RSS


If you love our graphics in our blogs check out ourofficial AVG images

AVG on Twitter

AVG on Facebook