VERY timely support incident!

Discussion in 'NOD32 version 2 Forum' started by spy1, Feb 8, 2005.

Thread Status:
Not open for further replies.
  1. spy1

    spy1 Registered Member

    Dec 29, 2002
    Clover, SC
    So my son clicks on a link someone sent him in an IM and - BANG! - up pops a NOD alert:

    Time Module Object Name Virus Action User Info
    2/7/2005 19:18:16 PM IMON file link edited out to prevent the curious infecting themselves probably unknown NewHeur_PE virus quarantined - connection terminated NONE-8EE7DS6F1Q\Family and it gets quarantined.

    I'm in Shadowmode, so it doesn't really matter, so I wait until this morning and then send a support email to Eset. Here's the answer (same day service - actually, only a couple of hours! YAY!)


    it was a new variant of the Rbot trojan, we'll add detection by name
    shortly. Feel free to delete it from quarantine.

    Best regards,


    NOD32 Technical Support

    and a further one!

    Hello Pete,

    thanks a lot for the sample. The file is a new variant of IRC/Sdbot backdoor. It's a backdoor controlled via IRC network. It allows the infected computer to be controlled remotely. After an update of NOD32 is released, this particular file will be detected as IRC/Sdbot.DBY. You can simply delete the file.


    Juraj Sarinay
    ESET s.r.o.

    You guys have made my day because that's technical support! Thank you! Pete
    Last edited by a moderator: Feb 8, 2005
  2. FanJ

    FanJ Guest

    Thanks Pete, my dear old friend !!! :D

    I'm glad your PC was not infected !!!

    Thanks also to ESET.

    Most warmest regards, Jan.
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.