WGA - Heads up!

We've discovered recently several IRCBot Trojans claiming to be the WGA tool.
Here are you find on the 2nd page the scan info
http://aumha.net/viewtopic.php?t=20...start=15&sid=8f1bddc3690c48fc6686fcb28a56ef0f

Maximus (the Bot) produced a alert this evening since a lot of files were uploaded for scanning claiming to be the WGA tool.

Antivirus Version Update Result
AntiVir 6.35.0.19 06.29.2006 no virus found
Authentium 4.93.8 06.29.2006 Possibly a new variant of W32/Threat-HLLIM-based!Maximus
Avast 4.7.844.0 06.29.2006 no virus found
AVG 386 06.29.2006 no virus found
BitDefender 7.2 06.29.2006 BehavesLike:Trojan.FWDisable
CAT-QuickHeal 8.00 06.29.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 06.29.2006 no virus found
DrWeb 4.33 06.29.2006 no virus found
eTrust-InoculateIT23.72.52 06.29.2006 no virus found
eTrust-Vet 12.6.2282 06.29.2006 no virus found
Ewido 3.5 06.29.2006 no virus found
Fortinet 2.77.0.0 06.29.2006 no virus found
F-Prot 3.16f 06.29.2006 Possibly a new variant of W32/Threat-HLLIM-based!Maximus
Ikarus 0.2.65.0 06.29.2006 Backdoor.Win32.IRCBot.BV
Kaspersky 4.0.2.24 06.29.2006 no virus found
McAfee 4796 06.29.2006 no virus found
Microsoft 1.1481 06.29.2006 no virus found
NOD32v2 1.1632 06.29.2006 a variant of Win32/IRCBot.OO
Norman 5.90.21 06.29.2006 W32/Suspicious_M.gen
Panda 9.0.0.4 06.29.2006 Suspicious file
Sophos 4.07.0 06.29.2006 no virus found
Symantec 8.0 06.29.2006 no virus found
TheHacker 5.9.8.166 06.28.2006 no virus found
UNA 1.83 06.28.2006 no virus found
VBA32 3.11.0 06.29.2006 no virus found
VirusBuster 4.3.7:9 06.29.2006 no virus found

 

Seems you need to give that virtual employee a raise
and thanks for the heads up !

 

nice NOD32 is also protecting us. Maximus is very good.