Discussion in 'malware problems & news' started by poespas, Nov 18, 2003.

  poespas

    poespas Guest


    I am in the habit since the W32.Sobig.F@mm virus became active, to do a system scan each day. Norton, which is up-to-date, told me last week Thursday (11/13) that I had the Backdoor.Sdbot Trojan horse on my system. :mad: :'(

    I was able to remove this trojan horse, based on the instructions given on following web page:

    I learned that "Backdoor.Sdbot is a server component (bot) that the Trojan's creator distributes over IRC channels".
    But what is a IRC Channelo_O And is (should) Norton or Spywareguard not detect the attempt to install this Trojan??

    Thanks for any feedback!

  subratam

    Nov 14, 2003

    Nov 14, 2003
    Issaquah, WA
    hey poespas,
    1st about IRC i think you will get many information about IRC, channels " " in the given site.. maybe it will help you to learn something
    "But what is a IRC Channelo_O And is (should) Norton or Spywareguard not detect the attempt to install this Trojan??"
    do you have any anti trojan software in your computer??
    no computer is secured in internet today with only one or two security software antitrojan software will have more power in tracking a trojan than a wholesome antivirus
    "if i am wrong i want to be corrected"
    good luck anyway
  Pieter_Arntz

    Apr 27, 2002

    Apr 27, 2002
    Hi poespas,

    To answer a few of your questions.
    On IRC, channels are where people meet and chat. You may be more familiar with the term "chat rooms".

    SpywareGuard focuses on spyware and would only give you a prompt if the trojan/backdoor would show tyypical spyware behaviour, which most of them don't.

    IMO Norton should have stopped it however, if it was in it's definitions at the time you got infected. As you can see on the site you linked to, there are a lot of variants, so this one may have been added after the infection.


  poespas

    poespas Guest

    Hi Pieter,

    thanks for your reply. Yes I am familiar with the term "Chat room" :D, only I do not go into the chat rooms.

    Unless the Yahoo Games lobbies and rooms do belong to the "IRC, channels"? I do play a lot of canasta and dominoes, plus I do use Yahoo Messenger.

    I suspected Norton should have stopped it too, but like you said, it might be a new variation.

    Thanks for your reply, and Subtratam as well!!

    Best regards,
