Zlob Trojan Distributing sites
Site Name: Avidirection.com
IP Address: 85.255.120.106
Site Name: Movhelper.com
IP Address: 85.255.118.180
As usual the site registrants for both the sites are ESTDOMAINS, INC. The installer from these sites were scanned and here are the results:
VirusTotal Scan Result: 4/31 (12.91%)
eSafe 7.0.15.0 2008.03.31 suspicious Trojan/Worm
F-Secure 6.70.13260.0 2008.04.01 Suspicious:W32/Malware!Gemini
Prevx1 V2 2008.04.01 Trojan.Zlob
VBA32 3.12.6.3 2008.03.25 suspected of Downloader.Zlob.3
As you can see detection of the Trojans are really poor stay away from these sites.
Bharath M N
IP Address: 85.255.120.106
Site Name: Movhelper.com
IP Address: 85.255.118.180
As usual the site registrants for both the sites are ESTDOMAINS, INC. The installer from these sites were scanned and here are the results:
VirusTotal Scan Result: 4/31 (12.91%)
eSafe 7.0.15.0 2008.03.31 suspicious Trojan/Worm
F-Secure 6.70.13260.0 2008.04.01 Suspicious:W32/Malware!Gemini
Prevx1 V2 2008.04.01 Trojan.Zlob
VBA32 3.12.6.3 2008.03.25 suspected of Downloader.Zlob.3
As you can see detection of the Trojans are really poor stay away from these sites.
Bharath M N
