Researchers said on Tuesday that they are seeing something unusual in the malware world–a virus that targets a development environment.
See my topic:
Event Log Explorer FP
http://forum.avast.com/index.php?topic=47738.0
our blog entry will follow soon (it’s prepared, but not yet reviewed by our eng guru)
Hello, I think that you can already check it on our blog
http://blog.avast.com/2009/08/19/win32induc-new-concept-of-file-infector/
It’s being detected by Microsoft Security Essentials on Glary Utilities also.
Are they false positives (the Glary ones) or not?
Even files that are compled by Delphi and the Delphi compiler is not on the system then this latest detection is triggered by this detection.
The infected file looks for the Borland Delphi compiler on the victim’s machine. If Delphi is found, the source file SysConst.pas is replaced by a malicious one and is compiled into SysConst.dcu.
No, they are not false positives.
As said in the blog post comments, the newest build is apparently clean…