WGA - Heads up!

Discussion in 'malware problems & news' started by Inspector Clouseau, Jun 29, 2006.

Thread Status:
Not open for further replies.
  1. Inspector Clouseau

    Inspector Clouseau AV Expert

    Joined:
    Apr 2, 2006
    Posts:
    1,329
    Location:
    Maidenhead, UK
    We've discovered recently several IRCBot Trojans claiming to be the WGA tool.
    Here are you find on the 2nd page the scan info
    http://aumha.net/viewtopic.php?t=20...start=15&sid=8f1bddc3690c48fc6686fcb28a56ef0f

    Maximus (the Bot) produced a alert this evening since a lot of files were uploaded for scanning claiming to be the WGA tool.

    Antivirus Version Update Result
    AntiVir 6.35.0.19 06.29.2006 no virus found
    Authentium 4.93.8 06.29.2006 Possibly a new variant of W32/Threat-HLLIM-based!Maximus
    Avast 4.7.844.0 06.29.2006 no virus found
    AVG 386 06.29.2006 no virus found
    BitDefender 7.2 06.29.2006 BehavesLike:Trojan.FWDisable
    CAT-QuickHeal 8.00 06.29.2006 (Suspicious) - DNAScan
    ClamAV devel-20060426 06.29.2006 no virus found
    DrWeb 4.33 06.29.2006 no virus found
    eTrust-InoculateIT23.72.52 06.29.2006 no virus found
    eTrust-Vet 12.6.2282 06.29.2006 no virus found
    Ewido 3.5 06.29.2006 no virus found
    Fortinet 2.77.0.0 06.29.2006 no virus found
    F-Prot 3.16f 06.29.2006 Possibly a new variant of W32/Threat-HLLIM-based!Maximus
    Ikarus 0.2.65.0 06.29.2006 Backdoor.Win32.IRCBot.BV
    Kaspersky 4.0.2.24 06.29.2006 no virus found
    McAfee 4796 06.29.2006 no virus found
    Microsoft 1.1481 06.29.2006 no virus found
    NOD32v2 1.1632 06.29.2006 a variant of Win32/IRCBot.OO
    Norman 5.90.21 06.29.2006 W32/Suspicious_M.gen
    Panda 9.0.0.4 06.29.2006 Suspicious file
    Sophos 4.07.0 06.29.2006 no virus found
    Symantec 8.0 06.29.2006 no virus found
    TheHacker 5.9.8.166 06.28.2006 no virus found
    UNA 1.83 06.28.2006 no virus found
    VBA32 3.11.0 06.29.2006 no virus found
    VirusBuster 4.3.7:9 06.29.2006 no virus found
     
  2. Wake2

    Wake2 Registered Member

    Joined:
    Apr 30, 2005
    Posts:
    205
    Seems you need to give that virtual employee a raise
    and thanks for the heads up !
     
  3. EraserHW

    EraserHW Malware Expert

    Joined:
    Oct 19, 2005
    Posts:
    588
    Location:
    Italy
  4. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    nice NOD32 is also protecting us. :D Maximus is very good. :thumb:
     
Loading...
Thread Status:
Not open for further replies.