Ryknos

Discussion in 'NOD32 version 2 Forum' started by izi, Nov 16, 2005.

Thread Status:
Not open for further replies.
  1. izi

    izi Registered Member

    Joined:
    Jan 19, 2004
    Posts:
    354
    Location:
    Slovenia
  2. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    This is the Trojan using Sony DRM to hide from the system....
    I have asked before but there was no answer :mad:

    Looking forward to a clear statement from ESET...

    Fax
     
  3. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,802
    Location:
    Texas
    Thread reopened.
     
    Last edited: Nov 16, 2005
  4. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    Hi,
    Of course. Indeed before it appear thanks to Eset's Advanced Heuristic.
    Signature name: Win32/IRCBot.PH.
    Here's a link about this trojan and the information where I found that NOD32 detect this as IRCBot.PH (Spanish)
    http://www.vsantivirus.com/ircbot-ph.htm

     
  5. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    Oohh Good!:D
    I should have expected this answer...:cool:
     
  6. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    so that was in signatures added on 11/11/2005:

    NOD32 - v.1.1284 (20051111)
    Virus signature database updates:
    IRC/SdBot (2), Win32/Death.27.C.damaged, Win32/Delf.AHV (2), Win32/Delf.WH (2), Win32/Ircbot.PH (3), Win32/Mytob.MJ, Win32/Mytob.MK (2), Win32/Mytob.ML (2), Win32/Oscarbot, Win32/Padodor.BC, Win32/PSW.Agent.DD (2), Win32/PSW.LdPinch, Win32/PSW.Legendmir (2), Win32/PSW.QQDragon.AU, Win32/Rbot (2), Win32/Savage.F (3), Win32/Spy.Bancos.U, Win32/Spy.Banker.JU (2), Win32/Spy.Banker.KQ, Win32/Spy.Banker.NGT (2), Win32/Spy.Banker.VJ, Win32/Spy.Delf.KL (2), Win32/Spy.Delf.S (2), Win32/Spy.Flux, Win32/TrojanDownloader.Delf.AAK (2), Win32/TrojanDownloader.Delf.PQ, Win32/TrojanProxy.Delf.S, Win32/TrojanProxy.Ranky (2), Win32/VB.NAA, Win32/VB.NBF (3)
     
Thread Status:
Not open for further replies.