beyond teck

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Tuesday, 15 November 2005

Sony DRM Rootkit

Posted on 06:21 by Unknown
Okay so Sony is now being accused of having digital media malware in their CD's.
It is a evil program that hides behind the os. That's why it is really hard to kill! And the scary news is that more than 500 000 people are infected now! This evil thingy also creates holes in your OS (making itself like the OS) so that other viruses can easily make your computer their new home (for a long time!)! :( The good news is sony doesn't make such disks any more, and no more DRM for furture PS3 disks!!!!! Also there are free ways of how to check wheather you have the rootkit on your computer or not...



If you wan't to check if you are infected or not here are some instructions (from AlexTheBeast):

1) Right click on you desktop
2) Go to the new option and click on create a new text file
3) Then create a new file that starts with $sys$ (for example $sys$something.txt)
4) If you can't see your file after you click anywhere else on your desktop you have the DRM Rootkit installed
5) If you have the DRM Rootkit on your computer then... sue sony and become rich etc... (or atleast this is what AlexTheBeast says)

What the rootkit does is screws your $sys$ files. That's why if you create anything that has $sys$ on it it gets screwed up. The people over at symantec say this:

When SecurityRisk.First4DRM is executed, it performs the following actions:

Copies itself as the following file:%System%\$sys$filesystem\aries.sys.

Creates the following registry subkey:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services$sys$aries

which loads the risk as a device driver when the compromised computer is started.

Hides any processes, files, folders, or registry subkeys that begin with the following string:

$sys$

Checks the name of all processes attempting to access these processes, files, folders, or registry subkeys. If the name of the process begins with the following string, it allows access:$sys$

Otherwise, the risk prevents access to the process, file, folder, or registry subkey."

According to The Register Sony BGM "suspended" production of audio 'CDs' that use XCP. Sony being a big company has given out patches to all major anti-virus companies, but still a virus is a virus is a virus! You can view sony's statement here...

But you can also get some tools with which you can scan your computer/remove the rootkit over here:

free rootkit scanning software
you can also this update to unhide the rootkit
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Posted in | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • Contact Me!
    Okay so you want to contact me for something? No Problem! E-Mail You can send all your questions , comments , tips (I need a lot of those)...
  • WeTransfer Job Ad
    I like using WeTransfer to transfer things that don't fit in emails, mainly because the site is fast, has a large upload limit (2GB!) an...
  • 5 great add-ons for Internet Explorer 7
    If you haven’t yet upgraded to Internet Explorer 7, I’d say its high time you do so. If you’re still using IE 6, you’re missing out on a lot...
  • Adium Update
    Looks like Adium (or Adium X) was updated. Now of course Adium isn't the messenger I use most (I use Trillian + Windows Live Messenger...
  • The reason why Windows Vista was experiencing problems
    Off late, my Windows Vista Ultimate install was experience a slew of problems, which might explain the reason I had 10 GB of error reporting...
  • The plan for summer
    So summer has started, at least it has for most students in North America. This summer is different. I can almost feel it (interestingly eno...
  • The Nintendo Wii..
    The first thing that comes to my mind is the Wheee! Firefox flick by Jeff Gill. Except this time the IE logo is replaced by the Nintendo Wi...
  • Todays thoughts
    Great news, now you can get a newer version of the great performancing extension from the mozilla site. This version has many new features,...
  • How to play tetris on your Mac with Terminal
    Today, I noticed that it's the 25th anniversary of Tetris, through a Google doodle (you can learn some amazing things from a Google logo...
  • A list of things that I'm working on right now...
    Okay, as a tech enthusiast I can't stop working on something that I've started already. Unfortunately, because of school all of thes...

Categories

  • addons
  • adobe
  • ads
  • adsense
  • apple
  • audio
  • blackberry
  • blog
  • blogger
  • blogging
  • cars
  • cellphones
  • clean
  • code
  • comments
  • cricket
  • downloads
  • ebooks
  • email
  • error
  • file sharing
  • firefox
  • fixes
  • free
  • games
  • gas
  • Gmail
  • google
  • hack
  • hotmail
  • installs
  • instant messaging
  • internet
  • internet explorer
  • ipod
  • laptop
  • Linux
  • Live Writer
  • lol
  • Mac
  • mac. mail
  • mail
  • messenger
  • microsoft
  • Microsoft Word
  • money
  • msn
  • music
  • Musings
  • network
  • news
  • online
  • Outlook
  • page
  • peripherals
  • phones
  • photo
  • photoshop
  • php
  • plagiarism
  • problems
  • productivity
  • programming
  • projects
  • rant
  • Registry
  • Review
  • school
  • Screenshots
  • search
  • security
  • software
  • spam
  • speech
  • speed up windows
  • spyware
  • sysfader
  • technology
  • tip
  • tricks
  • tutorials
  • ubuntu
  • updates
  • video
  • virus
  • voip
  • web
  • wi-fi
  • Windows
  • Windows 7
  • Windows Vista
  • Windows XP
  • wireless
  • work
  • wtf
  • youtube

Blog Archive

  • ►  2013 (5)
    • ►  October (2)
    • ►  August (2)
    • ►  March (1)
  • ►  2012 (6)
    • ►  December (1)
    • ►  October (1)
    • ►  June (1)
    • ►  May (1)
    • ►  January (2)
  • ►  2011 (19)
    • ►  October (1)
    • ►  August (1)
    • ►  July (8)
    • ►  June (1)
    • ►  February (4)
    • ►  January (4)
  • ►  2010 (41)
    • ►  November (1)
    • ►  October (3)
    • ►  September (3)
    • ►  August (2)
    • ►  July (12)
    • ►  June (2)
    • ►  May (5)
    • ►  April (3)
    • ►  March (4)
    • ►  February (4)
    • ►  January (2)
  • ►  2009 (59)
    • ►  December (1)
    • ►  November (1)
    • ►  October (1)
    • ►  September (3)
    • ►  August (4)
    • ►  July (4)
    • ►  June (14)
    • ►  May (1)
    • ►  April (3)
    • ►  March (3)
    • ►  February (4)
    • ►  January (20)
  • ►  2008 (108)
    • ►  December (22)
    • ►  November (10)
    • ►  October (14)
    • ►  August (13)
    • ►  July (13)
    • ►  June (6)
    • ►  May (13)
    • ►  April (10)
    • ►  March (5)
    • ►  January (2)
  • ►  2007 (33)
    • ►  December (8)
    • ►  November (1)
    • ►  October (4)
    • ►  September (10)
    • ►  August (1)
    • ►  July (2)
    • ►  June (1)
    • ►  May (2)
    • ►  April (1)
    • ►  February (2)
    • ►  January (1)
  • ►  2006 (137)
    • ►  December (1)
    • ►  November (1)
    • ►  October (1)
    • ►  August (1)
    • ►  July (3)
    • ►  June (9)
    • ►  May (20)
    • ►  April (22)
    • ►  March (33)
    • ►  February (20)
    • ►  January (26)
  • ▼  2005 (55)
    • ►  December (12)
    • ▼  November (19)
      • iPod Shuffle problems?
      • Firefox 1.5 is here to reign the web browser world
      • Finally an AIM version that looks better!
      • Underconstruction tutorials...
      • Firefox 1.5 RC 3 is now here... do you have it yet?
      • Netscape navigator as good as Firefox?
      • Yes it's true, you can download the internet.
      • Google base (beta) is now officially open!
      • Latest recipe
      • Sony DRM Rootkit
      • Working super hard on the reviews and the site design
      • Windows Live Messenger 8 (beta)
      • How to create cool MSN nicknames
      • Powerpoint is usually a good thing but sometimes...
      • Another cool resource...
      • Are you new to the blogosphere?
      • Mail Nation giving you 1083984MB of storage?
      • Tabbed browsing in IE with MSN toolbar!
      • Password Security tips...
    • ►  October (9)
    • ►  September (15)
  • ►  2001 (1)
    • ►  January (1)
Powered by Blogger.

About Me

Unknown
View my complete profile