Discovered: October 7, 2003
Updated: February 13, 2007 12:08:45 PM
Type: Trojan Horse
Systems Affected: Windows 2000, Windows NT, Windows Server 2003, Windows XP
Backdoor.SDBot.Q is a Backdoor Trojan Horse that can be controlled through an IRC server. When Backdoor.SDBot.Q is executed, it attempts to contact an IRC server and waits for commands from the hacker. The existence of the file winz32.exe is an indication of a possible infection.
Backdoor.SDBot.Q has been packed using the run-time compression utility, Petite.
Protection
-
Initial Rapid Release version October 8, 2003
-
Latest Rapid Release version July 12, 2008 revision 018
-
Initial Daily Certified version October 8, 2003
-
Latest Daily Certified version July 12, 2008 revision 019
-
Initial Weekly Certified release date October 8, 2003
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Low
-
Number of Infections: 0 - 49
-
Number of Sites: 0 - 2
-
Geographical Distribution: Low
-
Threat Containment: Easy
-
Removal: Moderate
Damage
Distribution
Writeup By: Neal Hindocha
