Ryknos

Discussion in 'NOD32 version 2 Forum' started by izi, Nov 16, 2005.

Thread Status:
Not open for further replies.
  1. izi

    izi Registered Member

    Joined:
    Jan 19, 2004
    Posts:
    354
    Location:
    Slovenia
  2. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,906
    Location:
    localhost
    This is the Trojan using Sony DRM to hide from the system....
    I have asked before but there was no answer :mad:

    Looking forward to a clear statement from ESET...

    Fax
     
  3. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    170,189
    Location:
    Texas
    Thread reopened.
     
    Last edited: Nov 16, 2005
  4. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    Hi,
    Of course. Indeed before it appear thanks to Eset's Advanced Heuristic.
    Signature name: Win32/IRCBot.PH.
    Here's a link about this trojan and the information where I found that NOD32 detect this as IRCBot.PH (Spanish)
    http://www.vsantivirus.com/ircbot-ph.htm

     
  5. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,906
    Location:
    localhost
    Oohh Good!:D
    I should have expected this answer...:cool:
     
  6. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,662
    Location:
    Throughout the USA and Canada
    so that was in signatures added on 11/11/2005:

    NOD32 - v.1.1284 (20051111)
    Virus signature database updates:
    IRC/SdBot (2), Win32/Death.27.C.damaged, Win32/Delf.AHV (2), Win32/Delf.WH (2), Win32/Ircbot.PH (3), Win32/Mytob.MJ, Win32/Mytob.MK (2), Win32/Mytob.ML (2), Win32/Oscarbot, Win32/Padodor.BC, Win32/PSW.Agent.DD (2), Win32/PSW.LdPinch, Win32/PSW.Legendmir (2), Win32/PSW.QQDragon.AU, Win32/Rbot (2), Win32/Savage.F (3), Win32/Spy.Bancos.U, Win32/Spy.Banker.JU (2), Win32/Spy.Banker.KQ, Win32/Spy.Banker.NGT (2), Win32/Spy.Banker.VJ, Win32/Spy.Delf.KL (2), Win32/Spy.Delf.S (2), Win32/Spy.Flux, Win32/TrojanDownloader.Delf.AAK (2), Win32/TrojanDownloader.Delf.PQ, Win32/TrojanProxy.Delf.S, Win32/TrojanProxy.Ranky (2), Win32/VB.NAA, Win32/VB.NBF (3)
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.