NOD32 does it again! Thanks

Discussion in 'NOD32 version 2 Forum' started by davidburchell, Oct 21, 2006.

Thread Status:
Not open for further replies.
  1. davidburchell

    davidburchell Registered Member

    Joined:
    Jun 14, 2006
    Posts:
    1
    Folks,

    This evening (Australian time) my daughter received an instant message purporting to be from a friend. It had a link purporting to lead to a photo (yes, I know - but my daughter's 14).

    NOD32 swung into action. IMON blocked my daughter's attempt to click on the link. And AMON detected and quarantined two files containing the Trojan Win32/MSNMaker.naa, which it ofund in her Windows user account settings and in her Firefox profile.

    Because none of my daughters' friends' anti-virus programs had detected the Trojan, I Googled for it. No result - not a single reference.

    I went to Eset's support site and found the Trojan in the definitions update which we received at about 11am our time today (fourth item):

    NOD32 - v.1.1820 (20061020)
    Virus signature database updates:
    HTML/Phishing.gen, Win32/KillAV.NBE, Win32/KillAV.NBG, Win32/MSNMaker.NAA, Win32/PSW.Delf.NDI (3), Win32/PSW.Lineage.DN, Win32/Quatim.I, Win32/Spy.Banker.BUM (2), Win32/Stration (11), Win32/Stration.KG (26), Win32/Stration.KQ (6), Win32/Stration.KR (4), Win32/Stration.KS, Win32/Stration.KT (3), Win32/TrojanDownloader.Adload.NCD, Win32/TrojanDownloader.VB.AKB (3), Win32/TrojanDownloader.VB.AKL, Win32/TrojanDownloader.VB.AKV (2), Win32/TrojanDownloader.VB.ANY (2), Win32/TrojanDownloader.VB.NHN (2), Win32/TrojanDownloader.VB.XY (2), Win32/TrojanDownloader.Zlob (6), Win32/TrojanDropper.PurityScan.AH (2), Win32/TrojanDropper.Small.AFY, Win32/VB.NFL (5), Win32/Viking.BM, Win32/Viking.BP, Win32/Viking.BQ (2), Win32/Viking.BR (4)

    If NOD32 only updated every few days - as my previous AV software did - we'd have been history.

    Thanks, Eset!

    David
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    I'd merely add that it had been detected before by ThreatSense as a variant of MSNMaker without the need to update.
     
Thread Status:
Not open for further replies.