FYI: New MSN worm "Bropia.k" [KAV] / Backdoor component detected by NOD's AH

Discussion in 'NOD32 version 2 Forum' started by Markus, Mar 6, 2005.

Thread Status:
Not open for further replies.
  1. Markus

    Markus Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    14
    Location:
    Germany
    Sorry, in German, but you can take a look at the pictures. ;)
    -> http://sicher-ins-netz.info/aktuell/06/03/2005/9/

    There are two parts: On the one hand the dropped worm (link.exe -> IM-Worm.Win32.Bropia.k [KAV]), on the other hand the backdoor component (buddie.exe -> Backdoor.Win32.IRCBot.y [KAV]), which is detected by NOD's AH.

    I sent the sample out some hours ago - Kaspersky was very fast (as they usually are), so the malware is already detected.
     
  2. Gauthreau

    Gauthreau Guest


    Uh-oh, you mentioned a rival AV, not once, but twice...

    Neil
     
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,375
    NOD32's heuristics was much faster because it already detected it at the instant the malware came into the world :-] Detection by name will be added.
     
  4. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    Another probe that heuristic is VERY important and that Eset is doing a good work! Congratulations again! ;)
     
Thread Status:
Not open for further replies.