How come TDS3 does not detect Win32.Ircobus (defined a Trojan at Symantec USA)? (Pest Patrol did find it). Comments/suggestions? Snook, Licensed Operator.
Hi, If you ever have a detection on something that TDS doesnt detect, please send it in for verification/analysis I'm not sure about this one, or what possible aliases it uses ?
I didn't see aliases yet Gavin, see F-secure's description here more a mIRC script worm, not a trojan.
Hi Jooske, http://www.wilderssecurity.com/showthread.php?t=13604 From that Symantec link: Backdoor.IRC.Aladinz.C is an IRC Trojan Horse that gives its creator full control over a compromised system. The Trojan may be downloaded by the Trojan.Downloader.Aphe from the Web site, w3.ircx-vanguard.com. The existence of the file uqir.exe is an indication of a possible infection. Also Known As: Worm.Win32.Ircobus [KAV], Worm.Win32.Randon.p [KAV] Worm, Trojan, Backdoor? Three for the price of one? HTH, Pieter disabled link
Ahh ok THOSE things GT Bots.. mIRC based script worm/backdoors.. if you have one that is not detected please do send it in for analysis. Im thinking of a generic GT Bot detector for TDS-4 which shouldn't be too hard