Mebroot

Now that the Mebroot rootkit has been around for a few days, (named by symantec) does anyone have any idea which other AV's recognise it? I guess the problem is that so many of them give the virus different names, AVG did not recognise it under mebroot when I tried it, so does it use a different name for it?
If anyone has any ideas's I would greatly appreciate it.

Thanks in advance, Rollers

 

Most AVs recognize it, AVG should see it as: PSW.Sinowal.C

 

Anyone know the Avast! name for it, please?

 

McAfee identifies it as StealthMBR and StealthMBR!rootkit.

 

last time i checked avast did not have a signature for it.

 

Does anyone know what Kaspersky and ESET label this rootkit as?

 

kaspersky backdoor.win32.sinowal.a or Trojan.Win32.Agent.dsj (version 7/8 called it the first, the virustotal scanner the second name)
eset: Win32/Agent.DSJ

 

Alright, thank you.

 

And TrendMicro detect's it as TROJ_SINOWAL.AD

 

Thanks for your answers.

Rollers

 

And F-Secure detect it as Trojan:W32/Mebroot.A

Patrik

 

how about avira antivir PE premium?

 

Hello,

# TR/PSW.Sinowal.GD
# TR/PWS.Sinowal.Gen

-ren

 

Thank you

 

Anyone know what F-Prot detects it as?

 

Does anyone know if HIPS or any other anti-keylogger can protect against the keylogging mechanism of StealthMBR?

Is anyone able to post a screen of the client/control console of this beast?

 

It would be a lot helpful if they decided on one name, instead of individual stupid random words.

 

http://info.drweb.com/show/3257/en

& discussed here