martes, 21 de julio de 2009

KAV 4.5 - The antivirus of the traders

Hi, malware collectors of the world!

This entry in the blog will be dedicated to the antivirus that all malware collectors use to exchange and that you can use to catalog your collection.

You can download KAV 4.5 from this link.

You launch the installer and the welcome screen appears. Click "Next >".

Now you must choose a temporal folder where KAV will decompress installation files. Click "Next >" when you are done.

Another welcome screen appears. Click "Next >" again. Click "Yes" to accept license agreement. Does anyone in the world read that?

Introduce customer information and click "Next >".

Choose destination folder for KAV and don´t touch the common files folder. Click "Next >".

Select program folder. Default will be fine. Click "Next >".

Choose "Custom" setup type and click "Next >".

Everything must be disabled except: Kaspersky Anti-Virus Core Components, Kaspersky Anti-Virus Bases, Kaspersky Anti-Virus Scanner and Kaspersky Anti-Virus Updater. Click "Next >". Like this:


Click "Next >" in the "Start Copying Files" screen.

You can associate report files (*.REP and *.RPT) to KAV´s Report Viewer utility. This is not really necessary and you can skip the association if you want. You must configure where you want to store report files. Click "Next >" when you are done.

Add your valid key file and click "Next >".

Don´t enable the "Launch Kaspersky Anti-Virus Updater" checkbox and click "Finish".

If you pretend to exchange with malware collectors you should run "Kaspersky Anti-Virus Updater" and configure it properly. For this you must do:

In the welcome screen of Kaspersky Anti-Virus Updater enable the "Change settings" checkbox. Click "Next >".

Open "Update Kaspersky Anti-Virus from Internet" tree and click in the "..." button. Select all links and click the "Delete URL" icon. Click in the "Add URL" icon and introduce next link:

http://66.232.119.78/~largefus/AVP/

It will look like this:


Click "Next >" twice and Kaspersky Anti-Virus should start updating databases. If you receive an error message telling the updater can not obtain contents means that Kaspersy Anti-Virus, for some reason I never was able to understand, will not work. In this case you can try using the KAV Updater tool I coded for this situation. You can retrieve it from here.

If you don´t plan exchanging with collectors you can skip the above steps and update KAV defs using default KAV servers.

You must consider with what periodicity you will update KAV defs. If you use the server used by traders you must know defs are updated one time per week.

Now launch the Kaspersky Anti-Virus Scanner. It´s time to configure it.

Click in the "Expert" button at left side. (bottom)

"Options" should be configured like this:


Just change the path of the report file to the one you prefer.

"Customize" should be configured like this:


Now go the menus and click "File -> Save profile as default". Save the file in the same folder you installed KAV.

And that´s all. You have KAV ready to be used.

KAV can be launched from command line. The proper command line to use is:
AVP32 /S /W /Q C:\FOLDER_TO_SCAN

If anyone has any doubt just drop a comment.

1 comentario: