Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus


March 1st, 2010

Get avast! Free Antivirus or a „free“ upgrade with the Alureon rootkit

avast! Free Antivirus can be downloaded for free from our servers or from other download servers such as download.com, 01.fr and others.  But why limit yourself to avast! Free Antivirus if there are other products available with additional functionality that can be downloaded for free?

At least, that is what some people are thinking.

Last week when I was checking files submitted as false positive alerts, l was looking to verify accurate, 100%  detections. There were a few files named AIS (Avast Internet suite)  from  megaupload and uploading.com servers. Bad guys take our product, add an Alureon rootkit file (typically under the name codec.exe) and make new setup file with Nullsoft installer.

avast! detected this and put the infected files in the Virus Chest.

But, the story is not over. Some thieves are so cheeky, they reported this to us as a false positive. They should really be sending us a thank you note.

One advice to thieves: Be careful with what you are stealing. An active rootkit in your  system is a hard task for any newly installed antivirus solution.

::29CECD094DBB93CBE4D08D03F2170C2EE0A34FBBA43D63D8791D65BA7C798E40:
  Detected by 10021700
  fp_desc.000=NAM: avast VER:5.0 PUB:alwil software all right.
  oripath.0000=http://fs74.uploading.com/get_file/...\avast! - pack\avast! Internet Security\setup_ais.exe\nsis.hdr
* Scan name: aswcmd.exe
* Started on: 1. březen 2010 12:39:52
* VPS: 100301-0, 01.03.2010
*
D:\False\work\29CECD09.dat.out\$EXEDIR\codec.exe [L] Win32:Alureon-FN [Rtk] (0)
D:\False\work\29CECD09.dat.out\$EXEDIR\setup_ais.exe [+] is OK
D:\False\work\29CECD09.dat.out\nsis.hdr [L] NSIS:Fasec-CB [Trj] (0)
Infected files: 2
Total files: 3
Categories: Virus Lab Tags: , , ,
  • http://GOOGLE SUNDER

    ITS VERY SIMPLE AND ESSY .

  • dan

    Best free antivirus for windoze.

  • http://www.bsc.gov.bd BSC

    for standard antivirus.

  • http://www.bsc.gov.bd BSC

    protection for pc

  • http://www.bsc.gov.bd BSC

    the best antivirus program

  • http://www.bsc.gov.bd BSC

    safety for pc’s file

  • http://www.bsc.gov.bd BSC

    for your goodwill.

  • http://www.bsc.gov.bd BSC

    for yr business development.

  • http://www.avast.com Vojta – Avast support team

    update for version4.8 :

    i want update for avast4.8 version

    Hello,
    version 4.8 is no longer developed.

  • http://www.avast.com Vojta – Avast support team

    ila :

    how will i submit file to your virus lab?..

    Hello,
    send the zipped file to virus–at–avast–dot–com
    Encrypt the file with password “virus”

  • http://www.avast.com Vojta – Avast support team

    @samir
    Hello,
    we are already detecting this virus for a long time.

  • http://www.avast.com Vojta – Avast support team

    amadish :

    how can i use free avast edition ??

    For non business use only.

  • http://www.yahoo.com piyush verma

    how can i use

  • arif

    Vojta – Avast support team :

    update for version4.8 :
    i want update for avast4.8 version

    Hello,version 4.8 is no longer developed.

    @Vojta – Avast support team

  • http://aol paula thomas

    i need to protect my pc please

  • http://aol paula thomas

    i need best free antivirus for my pc

  • ritesh jain

    paula thomas :i need to protect my pc please