943,736 Members | Top Members by Rank

Hardware and Software > Microsoft Windows > Viruses, Spyware and other Nasties > Trojan: IRC/SdBot.AFN
Ad:
You are currently viewing page 1 of this multi-page discussion thread
Permalink
May 30th, 2004
0

Trojan: IRC/SdBot.AFN

Expand Post »
This is a moving target.

Have observed morphing.

SYS32 item that seemingly does not have
an identifiable fixtool that I can find with
my resources.

Have discovered a remedy that 'tricks' this
SYS32 problem with non-hacking.

Have yet to fully identify the original exposure
date of this critter.http://www.daniweb.com/techtalkforum...cons/icon4.gif

Feed back from within this domain is invited
Reputation Points: 10
Solved Threads: 0
Newbie Poster
webtor is offline Offline
16 posts
since May 2004
Permalink
May 30th, 2004
0

Re: Trojan: IRC/SdBot.AFN

NOD32 AntiVirus should be able to clean that one - it's included in the signature file for it!
Team Colleague
Reputation Points: 229
Solved Threads: 149
Grandad
Catweazle is offline Offline
3,826 posts
since Mar 2004
Permalink
May 30th, 2004
0

Re: Trojan: IRC/SdBot.AFN

Quote originally posted by Catweazle ...
NOD32 AntiVirus should be able to clean that one - it's included in the signature file for it!
A very embarassing response for me to recieve.
I rely on NOD32.

SIT: as reported
File C:\WINDOWS\System32\navmgrd.exe is infected with a trojan
IRC/SdBot.AFN.
SIT: Newly reinstalled Zonelabs 4.0 reports that navmgrd.exe is
attempting to act as a server.
SIT: NOD32 reports that it cannot clean this infiltration.
SIT: This is kind of tough!!
SIT: NOD32 has allready recieved a pointed comm from
me on this sit ( allways polite ).

Spent time with other issues this past week that seem to point back to
this same item. http://www.daniweb.com/techtalkforum...cons/icon4.gif
Last edited by webtor; May 30th, 2004 at 8:03 am. Reason: Additional input
Reputation Points: 10
Solved Threads: 0
Newbie Poster
webtor is offline Offline
16 posts
since May 2004
Permalink
May 30th, 2004
0

Re: Trojan: IRC/SdBot.AFN

NOD32 can't clean it because it's a trojan. Delete instead! There's quite a few other AntiVirus packages which should be able to deal with it, as far as I can determine. I doubt if any of them would clean rather than delete, though.
Team Colleague
Reputation Points: 229
Solved Threads: 149
Grandad
Catweazle is offline Offline
3,826 posts
since Mar 2004
Permalink
May 30th, 2004
0

Re: Trojan: IRC/SdBot.AFN

Quote originally posted by Catweazle ...
NOD32 can't clean it because it's a trojan. Delete instead! There's quite a few other AntiVirus packages which should be able to deal with it, as far as I can determine. I doubt if any of them would clean rather than delete, though.
I trust that we are not both moving too fast for each other.
I repeat, this is a moving target.
Is a morphing item.
Have scanned and observed how quickly it has taken on other
nuances.
Reputation Points: 10
Solved Threads: 0
Newbie Poster
webtor is offline Offline
16 posts
since May 2004
Permalink
May 30th, 2004
0

Re: Trojan: IRC/SdBot.AFN

heh heh..... Looks like it's me standing still, I reckon. I'll leave this to others more knowledgeable than myself. All I know is NOD32 has never let me down, and I've seen reference to its signature files including mention of this particular trojan.

**** whistles and wanders off, awaiting developments......

Team Colleague
Reputation Points: 229
Solved Threads: 149
Grandad
Catweazle is offline Offline
3,826 posts
since Mar 2004
Permalink
May 30th, 2004
0

Re: Trojan: IRC/SdBot.AFN

A goolgle search of navmgrd.exe ,show these , http://www.google.com/search?sourcei...=navmgrd%2Eexe ,
Team Colleague
Reputation Points: 1056
Solved Threads: 792
I hate 20 Questions
caperjack is offline Offline
12,720 posts
since Aug 2003
Permalink
May 30th, 2004
0

Re: Trojan: IRC/SdBot.AFN

That's what I did caperjack.

The Google results indicate NOD32 has included this trojan in their signature files since version V.1.730
Team Colleague
Reputation Points: 229
Solved Threads: 149
Grandad
Catweazle is offline Offline
3,826 posts
since Mar 2004
Permalink
Jun 1st, 2004
0

Re: Trojan: IRC/SdBot.AFN

Quote originally posted by Catweazle ...
NOD32 AntiVirus should be able to clean that one - it's included in the signature file for it!
Traded emails with "SOURCE".
"Source" gave me advices.
Decided to go my own way and had a VERY,VERY,VERY successful resolution
without future compromises.
This was a GREAT learning experience and has given me
a whole new *^killer*^ marketing approach / perspective
on the AV industry. BIGTIME!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Reputation Points: 10
Solved Threads: 0
Newbie Poster
webtor is offline Offline
16 posts
since May 2004
Permalink
Jun 1st, 2004
0

Re: Trojan: IRC/SdBot.AFN

Quote originally posted by Catweazle ...
NOD32 can't clean it because it's a trojan. Delete instead! There's quite a few other AntiVirus packages which should be able to deal with it, as far as I can determine. I doubt if any of them would clean rather than delete, though.
My path of travel on this whole manouver was creative without hacking skills.
Had to tell 'others' how to do their job as part of the remedy.
We accomplished our 'mission'.
Reputation Points: 10
Solved Threads: 0
Newbie Poster
webtor is offline Offline
16 posts
since May 2004

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.
Message:
Previous Thread in Viruses, Spyware and other Nasties Forum Timeline: please help me with my windows xp
Next Thread in Viruses, Spyware and other Nasties Forum Timeline: prosearching.com taking over my internet





About Us | Contact Us | Advertise | Acceptable Use Policy
Forum Index | Build Custom RSS Feed


Follow us on Twitter


© 2011 DaniWeb® LLC