Shafoo · Slashdot Mirror

User: Shafoo

Shafoo's activity in the archive.

NOD32 is kicking arse on Real Story of the Rogue Rootkit · 2005-11-17 10:49 · Score: 1

See the note below from my NOD32 suppliers. ESET is obviously not worried about Sony and is also working on a generic kit to stop others doing the same sort of dodgy stuff
Hi all, The latest update of NOD32 [Version=1.1290 (2005-11-17)] contains signatures for the infamous Sony rootkit. later tonight Eset will post a description to their web site as well. It is detected as Win32/Rootkit.XCP Application. If a machine is already infected, the rootkit will hide itself from NOD32 and it will be necessary to run a scan in safe mode (where the rootkit driver is not activated). If the rootkit tries to install itself on a clean, updated system, AMON will remove the rootkit driver upon creation and the system will run ok. Eset are currently working on a generic rootkit protection technique for the NT/XP/2003 version of NOD32 that will see the real world instead of the matrix :-) It is expected to be released before christmas but don't take this as a promise :-)