On 11 Nov 2005 at 6:15, Brad Beyenhof wrote: > On 11/11/05, Phil Daley <[EMAIL PROTECTED]> wrote: > > Sony has an "uninstaller" available on a web site somewhere. > > That "uninstaller" does not remove the rootkit in its entirety, it > just disables the $sys$ file hiding (which has already been exploited > in a new Trojan that just came out).
Something I read said there were already THREE exploits that used the file hiding technique provided by Sony's rootkit. And that will surely be just the beginning. My bet is that there's only a very small number of PCs that have this thing installed on them, but given the huge numbers of Windows PCs sitting connected to the Internet unprotected by any firewall, that very well might still be enough to justify going after those PCs for a botnet. A couple thousand computers is still a valuable commodity in the black hat world. -- David W. Fenton http://www.bway.net/~dfenton David Fenton Associates http://www.bway.net/~dfassoc _______________________________________________ Finale mailing list Finale@shsu.edu http://lists.shsu.edu/mailman/listinfo/finale