Sony has issued a patch to purportedly kill the rootkit, in which they lie about the danger it posed. But it seems that the patch does not remove the rootkit, it just gets rid of the $sys$ cloaking. A lot of the chatter about the Sony rootkit has been about other malware authors using files/processes/reg keys starting $sys$, which would then be invisible on machines with the Sony rootkit installed. It might be worth checking to see if you own any of the corrupted CDs — via Boing Boing
Share this Story
RSS – Posts