possable IRC/SdBot.AIG trojan infection ??

Discussion in 'NOD32 version 2 Forum' started by Bethrezen, Jul 17, 2004.

Thread Status:
Not open for further replies.
  1. Bethrezen

    Bethrezen Registered Member

    Joined:
    Apr 16, 2002
    Posts:
    546
    hi all

    i recentley decided to try nod 32 as i had heard good things about it and my av is now 2 years behind the time although the sig files are still kept up to date

    and i was alarmed to find it IDing one of the files on my hd as IRC/SdBot.AIG trojan

    now i have read a few other posts on here saying its a Fales positive and it was a .rar file being id as the trojan but the file being IDed on my comp isnt a .rar file its an .exe (sr-98pro47.exe) so im wondering if the same still applys here and its being incorrectley IDed o_O i scaned the file in question with NAV and its not detecting it so now im windering which is right
     
  2. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    It's hard to say if it is a false positive or not. I did a google search and currently only NOD and Norman detect this supposed trojan. I believe it is a false positive on my system and maybe on yours as well. If you want, try going to www.virustotal.com and uploading the file in question for them to scan. They use 12 different scanners (NOD and Norman included) and see what they return.
     
  3. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Nice post Flyrfan111

    Cheers :D
     
  4. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    Hello,
    It's indeed a FP. I'll contact ESET.
    Thanks.
     
  5. backfolder

    backfolder Registered Member

    Joined:
    May 25, 2004
    Posts:
    72
    Location:
    Spain
    I´ve had also that "FP" in one "_restore{big number...}/A0070906.EXE" yesterday. I´m just give rights to read and write in that folder, to see if NOD32 can clean. Today message didn´t apears...Can´t send that file because can´t access to that folder...

    By the way, I have only in AMON > Methods only 2 options: Methods & Heuristics. How can update to "Methods on Create" options?

    Thanks in advance...

    backfolder.-
     
  6. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    This is in the new Beta, available any day now...

    Cheers :D
     
  7. ChromeX

    ChromeX Guest

Thread Status:
Not open for further replies.