Backdoor.Sdbot

Discussion in 'malware problems & news' started by poespas, Nov 18, 2003.

Thread Status:
Not open for further replies.
  1. poespas

    poespas Guest

    Hi,

    I am in the habit since the W32.Sobig.F@mm virus became active, to do a system scan each day. Norton, which is up-to-date, told me last week Thursday (11/13) that I had the Backdoor.Sdbot Trojan horse on my system. :mad: :'(

    I was able to remove this trojan horse, based on the instructions given on following web page:
    http://securityresponse.symantec.com/avcenter/venc/data/backdoor.sdbot.html

    I learned that "Backdoor.Sdbot is a server component (bot) that the Trojan's creator distributes over IRC channels".
    But what is a IRC Channelo_O And is (should) Norton or Spywareguard not detect the attempt to install this Trojan??

    Thanks for any feedback!

    Ellen
     
    poespas, Nov 18, 2003
    #1
  2. subratam

    subratam Registered Member

    Joined:
    Nov 14, 2003
    Posts:
    1,310
    Location:
    Issaquah, WA
    hey poespas,
    1st about IRC i think you will get many information about IRC, channels " http://www.mirc.com/irc.html " in the given site.. maybe it will help you to learn something
    next
    "But what is a IRC Channelo_O And is (should) Norton or Spywareguard not detect the attempt to install this Trojan??"
    do you have any anti trojan software in your computer??
    no computer is secured in internet today with only one or two security software antitrojan software will have more power in tracking a trojan than a wholesome antivirus
    "if i am wrong i want to be corrected"
    good luck anyway
     
    subratam, Nov 18, 2003
    #2
  3. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,491
    Location:
    Netherlands
    Hi poespas,

    To answer a few of your questions.
    On IRC, channels are where people meet and chat. You may be more familiar with the term "chat rooms".

    SpywareGuard focuses on spyware and would only give you a prompt if the trojan/backdoor would show tyypical spyware behaviour, which most of them don't.

    IMO Norton should have stopped it however, if it was in it's definitions at the time you got infected. As you can see on the site you linked to, there are a lot of variants, so this one may have been added after the infection.

    Regards,

    Pieter
     
    Pieter_Arntz, Nov 18, 2003
    #3
  4. poespas

    poespas Guest

    Hi Pieter,

    thanks for your reply. Yes I am familiar with the term "Chat room" :D, only I do not go into the chat rooms.

    Unless the Yahoo Games lobbies and rooms do belong to the "IRC, channels"? I do play a lot of canasta and dominoes, plus I do use Yahoo Messenger.

    I suspected Norton should have stopped it too, but like you said, it might be a new variation.

    Thanks for your reply, and Subtratam as well!!

    Best regards,
    Ellen
     
    poespas, Nov 18, 2003
    #4
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...