Does avast detect iWin.Trojan.691128 in PUP-mode?

See: https://www.virustotal.com/nl/url/de8d14445e339225d58f4045dc12d384f3a4b058ce8b684a477c660f323d82e9/analysis/1418995260/
and https://www.virustotal.com/nl/file/0584d22455f05a3a19438f00083d595f5ab089ece49e11f0cc063752d8f6fc4c/analysis/1418973658/
Quttera blacklisted site. Unable to properly scan site. Site returning error (40x): HTTP/1.0 403 Forbidden
IP badness history: https://www.virustotal.com/nl/ip-address/122.226.102.76/information/
Aknowledged program may have legitimate uses in contexts where an authorized administrator has knowingly installed this application.

polonus

Update for Riskware/Generic.AC.18053 APNIC CN antispam at dcb.hz.zj dot cn 122.225.96.132 to 122.226.102.76 sh5y dot com htxp://xiazai9.sh5y.com/setup_361.exe
See: https://www.virustotal.com/nl/url/c13305ac6dbbb96d65475d9c6f15bec30a00bae019e0a0771d76c64d270672a1/analysis/1420725973/
Filescan: https://herdprotect.com/setup_361.exe-35e8fe7d3aa073c08c4067ce3f2d6bc2c41d9e4a.aspx
System Details:
Running on: nginx
Via proxy: 1.0 Netcraft Risk Status: http://toolbar.netcraft.com/site_report/?url=xiazai9.sh5y.com & http://totalhash.com/network/ip:122.226.102.76

Unable to properly scan your site. Site returning error (40x): HTTP/1.0 403 Forbidden
IP badness → https://www.virustotal.com/nl/ip-address/122.226.102.76/information/
Malware on IP: http://www.scumware.org/report/122.226.102.76.html
IDS alerts: http://urlquery.net/report.php?id=1418323679450
Cannot get DNS for parent server! → http://www.dnsinspect.com/sh5y.com/1420727499
Direct link to a malware file: https://app.webinspector.com/public/reports/28562072
Link to Malware File. Found by Antivirus Engine.
SHA1: a765610ea32ada1338c027971799d63207b162e6
Only 1 flags: fortinet 23.543, 23.543 5.1.158 2015-01-07 Riskware/Generic.AC.18053
500 Took to long to download - URL Domain Result: Blacklisted in multiple real-time domain blocklists
See: http://support.clean-mx.de/clean-mx/viruses.php?id=51240418
Does avast detect in PUP-mode? → https://www.virustotal.com/nl/file/0584d22455f05a3a19438f00083d595f5ab089ece49e11f0cc063752d8f6fc4c/analysis/
malware up an d active now since 2014-12-24 - 21:08:51 hrs.

polonus

htxp://xiazai9.sh5y.com/setup_361.exe First submission 2014-12-31 17:27:28 UTC ( 1 week ago )
https://www.virustotal.com/en/file/e48262292ebd2d348071e1cdecd51cbef99990af33c21a91ff9c461be9eb93db/analysis/1420727881/