NOD32 does it again! Thanks

Folks,

This evening (Australian time) my daughter received an instant message purporting to be from a friend. It had a link purporting to lead to a photo (yes, I know - but my daughter's 14).

NOD32 swung into action. IMON blocked my daughter's attempt to click on the link. And AMON detected and quarantined two files containing the Trojan Win32/MSNMaker.naa, which it ofund in her Windows user account settings and in her Firefox profile.

Because none of my daughters' friends' anti-virus programs had detected the Trojan, I Googled for it. No result - not a single reference.

I went to Eset's support site and found the Trojan in the definitions update which we received at about 11am our time today (fourth item):

NOD32 - v.1.1820 (20061020)
Virus signature database updates:
HTML/Phishing.gen, Win32/KillAV.NBE, Win32/KillAV.NBG, Win32/MSNMaker.NAA, Win32/PSW.Delf.NDI (3), Win32/PSW.Lineage.DN, Win32/Quatim.I, Win32/Spy.Banker.BUM (2), Win32/Stration (11), Win32/Stration.KG (26), Win32/Stration.KQ (6), Win32/Stration.KR (4), Win32/Stration.KS, Win32/Stration.KT (3), Win32/TrojanDownloader.Adload.NCD, Win32/TrojanDownloader.VB.AKB (3), Win32/TrojanDownloader.VB.AKL, Win32/TrojanDownloader.VB.AKV (2), Win32/TrojanDownloader.VB.ANY (2), Win32/TrojanDownloader.VB.NHN (2), Win32/TrojanDownloader.VB.XY (2), Win32/TrojanDownloader.Zlob (6), Win32/TrojanDropper.PurityScan.AH (2), Win32/TrojanDropper.Small.AFY, Win32/VB.NFL (5), Win32/Viking.BM, Win32/Viking.BP, Win32/Viking.BQ (2), Win32/Viking.BR (4)

If NOD32 only updated every few days - as my previous AV software did - we'd have been history.

Thanks, Eset!

David

 

I'd merely add that it had been detected before by ThreatSense as a variant of MSNMaker without the need to update.