Just a heads-up, really, and a request to know if Avast! is aware of something called the
A9installer which seems to have some connection with Antivirus 2009?
There seems to be some confirmation on theses sites:
The signatures are a couple of days out of date on VT, but you should still send the sample to avast.
Send the sample to virus@avast.com zipped and password protected with the password in email body, a link to this topic might help and undetected malware in the subject.
Or you can also add the file to the User Files (File, Add) section of the avast chest (if it isn’t already there) where it can do no harm and send it from there (select the file, right click, email to Alwil Software). No need to zip and PW protect when the sample is sent from chest. A copy of the file/s will remain in the original location, so any further action you take can remove that.
avast does detect some of these variants as win32.fraudo and also possibly as win32.trojan-gen.
Avast web scanner does not detect this. Sorry, didn’t get a sample of the file to send. My hips program running in locked mode won’t let me download it. I can’t believe people click on this crap.
I am unable to send a sample to Avast! since my system is not infected with it. The information came from a friend (not an Avast! user despite my best efforts), who uses MySpace and clicked on a link to an outfit called privateonlinescanner, which I`ve never heard of before but perhaps someone else has?
the virustotal scan is from february 2008, that’s quite old… i believe this file is detected already as Win32:Fraudo, but wasn’t rescanned… we can match the hash against our internal set of samples…
This month/day/year notation is certainly the cause of some confusion. I does seem to be an odd way to write the date but perhaps thats just because Im not used to it.
I can confirm, though, that this A9installer thing I referred to earlier dates from Thursday or Friday of last week when the incident happened; an ill-advised click on a pop-up I`m told, which resulted in the fake anti-virus being installed.
Since Avast was not installed on the machine at the time the question of whether or not it would have stopped the malware did not arise.