Trojan: IRC/SdBot.AFN
 

This is a moving target.

Have observed morphing.

SYS32 item that seemingly does not have
an identifiable fixtool that I can find with
my resources.

Have discovered a remedy that 'tricks' this
SYS32 problem with non-hacking.

Have yet to fully identify the original exposure
date of this critter.http://www.daniweb.com/techtalkforum...cons/icon4.gif

Feed back from within this domain is invited

Re: Trojan: IRC/SdBot.AFN
 

NOD32 AntiVirus should be able to clean that one - it's included in the signature file for it!

Re: Trojan: IRC/SdBot.AFN
 

A very embarassing response for me to recieve.
I rely on NOD32.

SIT: as reported
File C:\WINDOWS\System32\navmgrd.exe is infected with a trojan
IRC/SdBot.AFN.
SIT: Newly reinstalled Zonelabs 4.0 reports that navmgrd.exe is
attempting to act as a server.
SIT: NOD32 reports that it cannot clean this infiltration.
SIT: This is kind of tough!!
SIT: NOD32 has allready recieved a pointed comm from
me on this sit ( allways polite ).

Spent time with other issues this past week that seem to point back to
this same item. http://www.daniweb.com/techtalkforum...cons/icon4.gif

Re: Trojan: IRC/SdBot.AFN
 

NOD32 can't clean it because it's a trojan. Delete instead! There's quite a few other AntiVirus packages which should be able to deal with it, as far as I can determine. I doubt if any of them would clean rather than delete, though.

Re: Trojan: IRC/SdBot.AFN
 

I trust that we are not both moving too fast for each other.
I repeat, this is a moving target.
Is a morphing item.
Have scanned and observed how quickly it has taken on other
nuances.

Re: Trojan: IRC/SdBot.AFN
 

heh heh..... Looks like it's me standing still, I reckon. I'll leave this to others more knowledgeable than myself. All I know is NOD32 has never let me down, and I've seen reference to its signature files including mention of this particular trojan.

**** whistles and wanders off, awaiting developments......

:D

Re: Trojan: IRC/SdBot.AFN
 

A goolgle search of navmgrd.exe ,show these , http://www.google.com/search?sourcei...=navmgrd%2Eexe ,

Re: Trojan: IRC/SdBot.AFN
 

That's what I did caperjack.

The Google results indicate NOD32 has included this trojan in their signature files since version V.1.730

Re: Trojan: IRC/SdBot.AFN
 

Traded emails with "SOURCE".
"Source" gave me advices.
Decided to go my own way and had a VERY,VERY,VERY successful resolution
without future compromises.
This was a GREAT learning experience and has given me
a whole new *^killer*^ marketing approach / perspective
on the AV industry. BIGTIME!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!:cool: :cool: :cool: :cool: :cool: :cool:

Re: Trojan: IRC/SdBot.AFN
 

My path of travel on this whole manouver was creative without hacking skills.
Had to tell 'others' how to do their job as part of the remedy.
We accomplished our 'mission'.:cool: :cool: :cool: :cool: :cool: :cool: