VERY timely support incident!

Discussion in 'NOD32 version 2 Forum' started by spy1, Feb 8, 2005.

Thread Status:
Not open for further replies.
  1. spy1

    spy1 Registered Member

    Dec 29, 2002
    Clover, SC
    So my son clicks on a link someone sent him in an IM and - BANG! - up pops a NOD alert:

    Time Module Object Name Virus Action User Info
    2/7/2005 19:18:16 PM IMON file link edited out to prevent the curious infecting themselves probably unknown NewHeur_PE virus quarantined - connection terminated NONE-8EE7DS6F1Q\Family and it gets quarantined.

    I'm in Shadowmode, so it doesn't really matter, so I wait until this morning and then send a support email to Eset. Here's the answer (same day service - actually, only a couple of hours! YAY!)


    it was a new variant of the Rbot trojan, we'll add detection by name
    shortly. Feel free to delete it from quarantine.

    Best regards,


    NOD32 Technical Support

    and a further one!

    Hello Pete,

    thanks a lot for the sample. The file is a new variant of IRC/Sdbot backdoor. It's a backdoor controlled via IRC network. It allows the infected computer to be controlled remotely. After an update of NOD32 is released, this particular file will be detected as IRC/Sdbot.DBY. You can simply delete the file.


    Juraj Sarinay
    ESET s.r.o.

    You guys have made my day because that's technical support! Thank you! Pete
    Last edited by a moderator: Feb 8, 2005
  2. FanJ

    FanJ Guest

    Thanks Pete, my dear old friend !!! :D

    I'm glad your PC was not infected !!!

    Thanks also to ESET.

    Most warmest regards, Jan.
Thread Status:
Not open for further replies.