This is topic Root KIt maleware by SONY in forum Letterhead/Pinstriper Talk at The Letterville BullBoard.


To visit this topic, use this URL:
http://www.letterville.com/ubb/ultimatebb.php/topic/1/37576.html

Posted by Curtis hammond (Member # 2170) on :
 
BEware. SONY music is using a new type of maleware. It is a RootKit stealth technology that will cause you problems and actually break your machine if you try to remove it.

Fix.. Turn off your AutoRun feature in XP. This will stop it from self installing if you try to play a newer music CD from Sony. read more here..

http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html


OH yes, After your turn off the Autorun feature in your SP.. You could rip the song to your computer from the cd. That way you can enjoy your song and not worry about maleware.

[ November 05, 2005, 10:32 AM: Message edited by: Curtis hammond ]
 
Posted by dave parr (Member # 3868) on :
 
The further along I get, in understanding computers and the software the runs in them, the further away from them I want to get; of course, what we are really discussing is human behavior. I find it increasingly difficult to be around others but at the same time feel an increasing need to interact more about many things. All this just makes me want to go pick up a brush and do some hand lettering.

I need to write you Curtis.

[Smile]
 
Posted by Glenn Taylor (Member # 162) on :
 
I read that the other day, Curtis.

The biggest problem with these rootkits isn't because the music industry is trying to protect their property. Its because of the way they did it gives hackers another avenue to plant a virus and have access to your entire computer.

Removing these rootkits without damaging your system is extremely difficult.
 
Posted by Dave Utter (Member # 634) on :
 
Whoa! curtis! I went to that sight and it tried to install a win33update.exe file to my computer. Be carefull.
 
Posted by Curtis hammond (Member # 2170) on :
 
you sure?????? I just tested it myself and saw nutin...

No firewall alerts. no port scans nutin..

Also, there are no win33 exploits that work. win33 simply does not exist.

You may mean win32update.exe a completely different processs operated by many spy wares. You may wish to run a spyware scan to find it and remove the spyware infiltration installed via applications. Or, via the RBOT-BAS WORM

[ November 05, 2005, 07:21 PM: Message edited by: Curtis hammond ]
 
Posted by Dave Utter (Member # 634) on :
 
oops. typo Curtis. I thought I had typed win32update.exe. Actually, I had just done a clean install of XP and Letterville, and that site are the only ones that I had been to yet on a clean, brand new HD. I run the "teatimer" with Spybot S&D and also Winpatrol. Both programs gave me the warning at the same time, just as the page loaded. Might have been some other cause, but since everything is fresh on here, and I haven't even put my backup files back on the HD yet, it sure looked suspicious. Could be nothing though, who knows.......thanks for the headsup on the Sony stuff though. I can't believe Sony would stoop that low. I've always trusted sony and own a lot of their music and electronics products...
 
Posted by Glenn Taylor (Member # 162) on :
 
Well, its happened as predicted. If you have any
Sony music CDs, you might want to pay attention to this........

quote:
Virus writers have begun taking advantage of Sony-BMG's use of rootkit technology in DRM software bundled with its music CDs.

Sony-BMG's rootkit DRM technology masks files whose filenames start with "$sys$". A newly-discovered variant of of the Breplibot Trojan takes advantage of this to drop the file "$sys$drv.exe" in the Windows system directory.

Continued...

.
 
Posted by jake snow (Member # 5889) on :
 
I'm with Dave Parr
 
Posted by Robert Cole (Member # 477) on :
 
Having a Mac has it's advantages, EH?


Bob
[Rolling On The Floor]
[Rolling On The Floor]
[Rolling On The Floor]
[Rolling On The Floor]
[Rolling On The Floor]
[Rolling On The Floor]
[Rolling On The Floor]
[Rolling On The Floor]
 
Posted by whitey2 (Member # 1265) on :
 
If you want to see if there is a rootkit on your system check out this site
http://www.sysinternals.com/Utilities/RootkitRevealer.html
 
Posted by Paul McDowell (Member # 5092) on :
 
quote:
Having a Mac has it's advantages, EH?
Actually Macs generally arent able to read anything from the discs. In the liner notes it says the Windows operating system is required. Because of this the discs arent allowed to carry the "compact disc" label.
 
Posted by Glenn Taylor (Member # 162) on :
 
It just gets better and better (sarcasm) .......

quote:
The fallout from a hidden copy-protection program that Sony BMG Music Entertainment put on some CDs is only getting worse. Sony's suggested method for removing the program actually widens the security hole the original software created, researchers say.
Continued

I wonder if Sony can be billed for what its going to take to fix a person's computer. [Roll Eyes]
 


Powered by Infopop Corporation
UBB.classic™ 6.7.2