 Luka1
join:2001-10-30
Index, WA | said by EGeezer:This looks like a new opportunity - rootkitting AV programs. Wouldn't it be within malware technology to replace AV engine files with a rooted version of the AV engine that would ignore selected malware, open ports, make connections to bot controllers etc? Why disable AVs when they can "upgrade" them to their liking so the user could see an active AV they think is still protecting them? Opportunity.
This has me curious indeed, because of a recent event on my computer.
Somewhere around two weeks ago, AVG was doing it's regularly scheduled automatic update.
It showed to be downloading a file roughly 5830kb in size. (I can't remember the exact number.)
When that much was downloaded, it just kept right on downloading. By the time it was finished, there was more than 11000kb file size.
By the time I noticed what was happening, it was too late. It had already finished the download and started the process of updating.
All other functions of the computer locked up. I couldn't stop it. Then it rebooted without even asking me.
After the reboot...
Mailwasher and Process guard were both "new" again. None of my account info was there in mailwasher, and it wanted me to fill out that info. Process guard was in learning mode, and all of my settings/programs/etc were gone.
And... Now every time that I send out an email with Eudora, (set to offline mode, so I have to ok the single connection each time I send out an email)... I hit the ok for the connection, then the same message comes up again a second time and I have to hit ok for the connection again.
All of this started with that update to AVG... |
·