* Home Help Search Login Register  

Welcome, Guest. Please login or register.
November 18, 2008, 06:17:51 PM

Login with username, password and session length

212227 Posts
24530 Topics
57713 Members
Latest Member: desertrat2143

more news...
Search:     Advanced search | Tag Cloud
+  Welcome to the Comodo Forum
|-+  Desktop Security Products
| |-+  Comodo Internet Security - CIS
| | |-+  Virus/Malware Removal Assistance
| | | |-+  RootKit Trojan		 « previous next »
Pages: [1] Go Down Print
Author Topic: RootKit Trojan  (Read 1272 times)
Eric Cryptid
Global Moderator
Comodo's Hero
*****
Offline Offline

Posts: 1121


Security Saskquatch
« on: July 07, 2007, 06:59:54 AM »
I don't know where to put this but I don't use CAVS at the moment until it's detection rates come up some more and the AOL Flash.ocx and HIPS problem is resolved.

I use Antivir PE Premium which incidentally DID NOT detect the below mentioned Trojan.

I had been having some problems with CPF 2.4 and installed ZA Pro with Anti-spy today to see if that resolves my issuese.

Upon doing a Spyware Scan it found the following:

XPC.Sony.Rootkit Trojan
Details can be found here:
http://smartdefense.zonealarm.com/tmpl/SpywareArticle?action=detail&sid=1593
Logged

Moderator: Aims to keep the forum a friendly place. Any concerns? Please send me a PM and/or review the forum policy.
System: 32 bit Windows XP SP3, Comodo Internet Security 3.5, Comodo BoClean
wilpower
Comodo Loves me
****
Offline Offline

Posts: 157


LIVE LIKE YOU MEAN IT, THINK LIKE YOU CARE.
« Reply #1 on: July 07, 2007, 10:53:54 AM »
Do you have COMODO BoClean installed on your system...... or any other Trojan Guard type software?
I only ask because I run Boclean and another TRojan Guard software and I would be very interested (and surprised) if this "rootkit Trojan" got past either of these security programs!!!! Kewl
Logged
Holy Crap!!...More then one star.

"Use of COMODO Security Programs is not only Advised"  Use is Highly Recommend!!
Rednose
Malware Research Group
Comodo's Hero
*****
Offline Offline

Posts: 1380


Ganda's sleepy ( in his wildest dreams )
« Reply #2 on: July 07, 2007, 03:27:25 PM »
There are several entries with "sony" in the CBOClean defenition list.

22210. SONYCODESUP
22211. SONYROOTARIES
22212. SONYROOTDRM
22213. SONYROOTDROP
22214. SONYROOTKIT2
22215. SONYROOTKIT3
22216. SONYROOTKIT4
22217. SONYROOTKIT5
22218. SONYROOTKIT9X
22219. SONYROOTKITXP
22220. SONYROOTUPG
22221. SONYXCP

It could be SONYROOTKITXP or maybe SONYXCP... but you never know with all the different names from all the vendors  Undecided Maybe one of the Comodo guys can help us with this Huh

Greetz, Red
« Last Edit: July 07, 2007, 03:31:27 PM by Rednose » Logged
XP 32x SP3  CFP 2.4  SSM 2.0 Free  Avast! 4.8 Home  CBOClean 4.27  CMF 2.0  SAS 4.21 Free  MBAM 1.30
Eric Cryptid
Global Moderator
Comodo's Hero
*****
Offline Offline

Posts: 1121


Security Saskquatch
« Reply #3 on: July 08, 2007, 03:53:13 AM »
I didn't have BOClean installed at the time and still don't. it seemed to cause some internet connectivity problems for me. Incidentally it was a item in the Registry... I removed it at any rate...
Logged

Moderator: Aims to keep the forum a friendly place. Any concerns? Please send me a PM and/or review the forum policy.
System: 32 bit Windows XP SP3, Comodo Internet Security 3.5, Comodo BoClean
Tags:
Pages: [1] Go Up Print 
« previous next »
Jump to:  

SSL Firewall
Page created in -0 seconds with 19 queries.
Powered by SMF 1.1.7 | SMF © 2006, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks 		Design by 7dana.com