How come TDS3 does not detect Win32.Ircobus (defined a Trojan at Symantec USA)?
(Pest Patrol did find it).

Comments/suggestions?

Snook,
Licensed Operator. :) ;D

Hi,

If you ever have a detection on something that TDS doesnt detect, please send it in for verification/analysis

I'm not sure about this one, or what possible aliases it uses ?

I didn't see aliases yet Gavin, see F-secure's description here (http://www.f-secure.com/v-descs/ircobus.shtml) more a mIRC script worm, not a trojan.

Hi Jooske,

http://www.wilderssecurity.com/showthread.php?t=13604

From that Symantec link:

Backdoor.IRC.Aladinz.C is an IRC Trojan Horse that gives its creator full control over a compromised system. The Trojan may be downloaded by the Trojan.Downloader.Aphe from the Web site, w3.ircx-vanguard.com. The existence of the file uqir.exe is an indication of a possible infection.
Also Known As:
Worm.Win32.Ircobus [KAV], Worm.Win32.Randon.p [KAV]

Worm, Trojan, Backdoor?
Three for the price of one?

HTH,

Pieter

disabled link

Ahh ok THOSE things ;D

GT Bots.. mIRC based script worm/backdoors.. if you have one that is not detected please do send it in for analysis. Im thinking of a generic GT Bot detector for TDS-4 which shouldn't be too hard :)

TDS-4.01 I hope
Dolf