[Dshield] Sony: You dont reeeeaaaally want to uninstall, do you?

stu secmail at patchsupplier.dyndns.org
Fri Nov 11 13:38:35 GMT 2005


What do you think the possibility of MS releasing a patch which breaks
this root kit?

-----Original Message-----
From: list-bounces at lists.dshield.org
[mailto:list-bounces at lists.dshield.org] On Behalf Of Robert Nelson
Sent: 11 November 2005 03:21
To: 'General DShield Discussion List'
Subject: Re: [Dshield] Sony: You dont reeeeaaaally want to uninstall, do
you?

According to the little I've seen, yes it is.

Symantec has it listed as Backdoor.Ryknos, aka BKDR_BREPLIOBOT.C [Trend
Micro], Ryknos.A [Panda Software], W32/Ryknos.A [Norman], Troj/Stinx-E
[Sophos].
http://securityresponse.symantec.com/avcenter/venc/data/backdoor.ryknos.
html

There is a variant also noted, Backdoor.Ryknos.B aka Troj/Stinx-F
[Sophos],
BKDR_BREPLIBOT.D [Trend Micro], Breplibot.C [F-Secure].

Didn't take them long, now did it?

Robert

-----Original Message-----
From: list-bounces at lists.dshield.org
[mailto:list-bounces at lists.dshield.org]
On Behalf Of Willy, Andrew
Sent: November 10, 2005 10:05 AM
To: 'General DShield Discussion List'
Subject: Re: [Dshield] Sony: You dont reeeeaaaally want to uninstall,do
y
ou?


Seeing a few reports of a trojan using DRM.  Legitimate?

Andrew


_________________________________________
Using .Net? Need to know more about .Net Security?
http://isc.sans.org/banner_count.php?dest=dotnet

_______________________________________________
send all posts to list at lists.dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list



More information about the list mailing list