C++Talk.NET C++ language newsgroups   Archives   FAQ   Search   Memberlist   Usergroups   Register   Profile   Log in to check your private messages   Log in  Re: Caution SONY Music CDs have trojan Malware Goto page 1, 2, 3, 4, 5, 6  Next          C++Talk.NET Forum Index -> C++ language (comp.lang.c++) View previous topic :: View next topic   Author Message Dustin Cook Guest Posted: Thu Nov 03, 2005 4:11 pm    Post subject: Re: Caution SONY Music CDs have trojan Malware Sony Music CDs install Malware wrote: Quote: Whether you are a web surfer or a C++ developer, if you use Windows be cautioned about SONY music CDs. They contain 'viewer' type software that is actually a trojan horse for a "rootkit". The licence agreement gives no indication whatsoever that the 'viewer' software contains the implementation of a nasty near-impossible to remove rootkit software. http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html http://www.techdirt.com/articles/20051101/1514209_F.shtml http://www.theregister.co.uk/2005/11/03/secfocus_drm/ Sheesh. It's not a rootkit, it's not a virus, and it's not near impossible to remove for anybody who isn't simply an end-user. The register should be ashamed. Regards, Dustin Cook Back to top relic Guest Posted: Thu Nov 03, 2005 4:23 pm    Post subject: Re: Caution SONY Music CDs have trojan Malware Sony Music CDs install Malware wrote: Quote: "Dustin Cook" <bughunter.dustin (AT) gmail (DOT) com> wrote in message news:1131034294.274818.154000 (AT) g49g2000cwa (DOT) googlegroups.com... Sony Music CDs install Malware wrote: Whether you are a web surfer or a C++ developer, if you use Windows be cautioned about SONY music CDs. They contain 'viewer' type software that is actually a trojan horse for a "rootkit". The licence agreement gives no indication whatsoever that the 'viewer' software contains the implementation of a nasty near-impossible to remove rootkit software. http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html http://www.techdirt.com/articles/20051101/1514209_F.shtml http://www.theregister.co.uk/2005/11/03/secfocus_drm/ Sheesh. It's not a rootkit, it's not a virus, and it's not near impossible to remove for anybody who isn't simply an end-user. The register should be ashamed. Regards, Dustin Cook Mr. Cook: No, it's SONY that should be ashamed. You should read the lic. agreement for the nasty thing. There's no way anyone would realize they were installing software that uses sophisitcated rootkit techniques. And, yes, it is very difficult to remove. Simply deleting the files [once their cover's been torn off] usually renders the CD-ROM drive unusable. One "fix", for instance, was recently published by SONY, but it didn't actually remove it .. it simpled made the super-hidden files visible. So, no shame on the Register .. shame on SONY. Ignore Dustin, he's a self-appointed expert on things he knows little about. -- Come to us with a problem only if you want help solving it. That's what we do. Sympathy is what your girlfriends are for. Back to top Dustin Cook Guest Posted: Thu Nov 03, 2005 10:11 pm    Post subject: Re: Caution SONY Music CDs have trojan Malware relic wrote: Quote: Ignore Dustin, he's a self-appointed expert on things he knows little about. Psst. Relic, get a clue, son. Look up raidslam virus writer. I know wtf viruses are, rootkits etc, I've authored many of them, you freaking idiot. :) Checkout virusbulletin sometime if you don't believe me, I'm known by fucking name (Dustin Cook/Raid) as the author of Toadie virus, Irok virus, Krile, Creed, Kremlin, etc etc etc. Better yet, Ask alt.comp.virus who I am, and if I know wtf i'm talking about. I'll make it easier, I've crossposted it to them, you fucking idiot. Okay.. Off my soapbox now... Regards, Dustin Cook Back to top Dustin Cook Guest Posted: Thu Nov 03, 2005 10:12 pm    Post subject: Re: Caution SONY Music CDs have trojan Malware Sony Music CDs install Malware wrote: Quote: No, it's SONY that should be ashamed. You should read the lic. agreement for the nasty thing. There's no way anyone would realize they were installing software that uses sophisitcated rootkit techniques. And, yes, it is very difficult to remove. Simply deleting the files [once their cover's been torn off] usually renders the CD-ROM drive unusable. One "fix", for instance, was recently published by SONY, but it didn't actually remove it .. it simpled made the super-hidden files visible. So, no shame on the Register .. shame on SONY. Do you know what the hell a rootkit even is? It doesn't really apply to Windows, Unix has root user, not windows. As for a virus, the sony modules do not replicate. They have no worm ability, they have no viral infection ability. IE: They aren't viruses. If you remove the files by force, and you can easily; they can't very well hide if windows isn't running, now can they? Nope, they can't. Various CDs are available to boot windows with full access to ntfs without RUNNING YOUR OS. Which means, NO hiding anything. Files can be done what you like with. When you reboot, yes, your cdrom drives are busted. Several other apps break them, it's a known problem with them and windows. Clone cd, easy cdcreator, hell, even a bad uninstall of nero will break them. It consists of two registry keys to fix it. Delete them, and reboot. now aside from a general end user not knowing how to boot from a cd such as a bart disc, or knowing how to use the registry editor, WHERE IS THE DIFFICULTY? Regards, Dustin Cook http://bughunter.atspace.org Back to top Justin Guest Posted: Thu Nov 03, 2005 10:28 pm    Post subject: Re: Caution SONY Music CDs have trojan Malware Relic, would you care to disprove the SysInternals page if you are going to insult the person warning others of this? Back to top Doug Chadduck Guest Posted: Fri Nov 04, 2005 12:54 am    Post subject: Re: Caution SONY Music CDs have trojan Malware Today's news has Sony eating the whole deal and offering software to remove what they put into peoples machines. Check their website it says Sony Music CDs install Malware wrote: Quote: Dustin Cook wrote: relic wrote: Ignore Dustin, he's a self-appointed expert on things he knows little about. Psst. Relic, get a clue, son. Look up raidslam virus writer. I know wtf viruses are, rootkits etc, I've authored many of them, you freaking idiot. :) Checkout virusbulletin sometime if you don't believe me, I'm known by fucking name (Dustin Cook/Raid) as the author of Toadie virus, Irok virus, Krile, Creed, Kremlin, etc etc etc. Better yet, Ask alt.comp.virus who I am, and if I know wtf i'm talking about. I'll make it easier, I've crossposted it to them, you fucking idiot. Okay.. Off my soapbox now... Regards, Dustin Cook Mr. Cook: We know already it's not necessarily a true virus. I put the term in my sig, more to get attention because "rootkit" wouldn't mean a thing to anyone whereas "virus" means lousy malicious software. For now on I will refer to the SONY software as "malware" or "diseased shitware". Back to top relic Guest Posted: Fri Nov 04, 2005 1:10 am    Post subject: Re: Caution SONY Music CDs have trojan Malware Justin wrote: Quote: Relic, would you care to disprove the SysInternals page if you are going to insult the person warning others of this? Following attributes is not your strong suit, is it. Re-check the thread and see if you can locate my insulting "Sony Music CDs install Malware" anywhere. Now fuck off. -- Come to us with a problem only if you want help solving it. That's what we do. Sympathy is what your girlfriends are for. Back to top Dustin Cook Guest Posted: Fri Nov 04, 2005 6:22 am    Post subject: Re: Caution SONY Music CDs have trojan Malware Sony Music CDs install Malware wrote: Quote: Hi Dustin - thanks for the reply: Well, it has been demonstarted it doesn't replicate .. yet. A better discription might have been "diseased shitware" rather than virus. My mistake. diseased shitware sounds fine to me. DRM typically wouldn't have a need to replicate. Replication is a pain in the ass, for compatability reasons. Sony did what was best in terms of overall compatability for windows. I'm not defending the stunt mind you, only respecting the intent. Quote: I don't know what you are blabbering on about vis s vis rebooting computers. The SONY diseased shitware doesn't boot the computer, rather, it infests the computer. When the authors wrote the diseased shitware they employed rootkit techniques. First of all, the blabbering was a pretty straight forward way of removing the offending software; The software cannot hide if you use ultimate boot cd, knoppix, bartpe, etc. The reason it cant hide is because your computer is operating from that cd's OS, not it's own. Since it's own OS was never loaded, neither was the offensive software. None of it. Second, It doesn't infest anything. The method it uses is actually pretty clean, and a design of windows. The software is malicious only in the sense you don't know what it's actually upto; Probably aren't warned it's installed, and it can be a slightly tedious task of removing it. But it's harm to your system isn't. It reroutes your cdrom access thru it's own drivers. CloneCD does this as well. If you remove it's drivers, windows disables cdrom; It isn't going to load just any drivers, if it cant load the ones the registry says to; no cdrom. To remove it is a matter of cleaning up the files, theirs really no need to play cat and mouse with it if you don't boot the host OS. bartpe is a nice time saver. Once the files are gone, you can run regedit from bart and mount the software hive, remove the offending keys, unmount the hive, and reboot to the host OS. Windows will reset your cdrom access back to it's own default drivers. If you have burning software, you may need to reinstall it to re-enable burning features. That's what I was blabbering about. :) Regards, Dustin Cook http://bughunter.atspace.org Back to top Dustin Cook Guest Posted: Fri Nov 04, 2005 6:29 am    Post subject: Re: Caution SONY Music CDs have trojan Malware relic wrote: Quote: Justin wrote: Relic, would you care to disprove the SysInternals page if you are going to insult the person warning others of this? Following attributes is not your strong suit, is it. Re-check the thread and see if you can locate my insulting "Sony Music CDs install Malware" anywhere. Now fuck off. -- Come to us with a problem only if you want help solving it. That's what we do. Sympathy is what your girlfriends are for. I'm still wondering what problems your feeble little mind is possibly capable of either solving or assisting in solving. You have got to be one of the dumbest little shits I've ever come across on usenet. You know, back in my Raid vx days; I didn't encounter people as mouthy and ignorant at the same time as you've been the last few days. Not even on irc. Even the fucking aolers had more brains then you. Christ. When I get a chance to meet morons like you, it brings back fond memories of vxing. Your such an ignorant shit. Callin me a liar, tellin me I don't know shit about viruses. I've written many, I would think I know a fucking thing or two about them. Whats the name of any you've written, you dumb shit? I've long since retired from vxing, and forgotten many of the routines; But I still suspect what I forgot is more then you're ever going to learn. Your not shit. Your never going to be shit. heh.. You fuckin lamer. My God... And to think I spent days trying to defend myself, to some stupid little blowhard like you. HAHAHA... Regards, Dustin Cook http://bughunter.atspace.org Back to top Grahamo@nospam.com Guest Posted: Fri Nov 04, 2005 8:50 am    Post subject: Re: Caution SONY Music CDs have trojan Malware Go Dustin GO!!!!!!!!!!!!!!!!!!!!!!! Quote: Okay.. Off my soapbox now... get back on that soap box man.... makes entertaining reading. G Back to top Geo Guest Posted: Fri Nov 04, 2005 10:10 am    Post subject: Re: Caution SONY Music CDs have trojan Malware Dustin Cook wrote: Quote: To remove it is a matter of cleaning up the files, theirs really no need to play cat and mouse with it if you don't boot the host OS. bartpe is a nice time saver. Once the files are gone, you can run regedit from bart and mount the software hive, remove the offending keys, unmount the hive, and reboot to the host OS. Windows will reset your cdrom access back to it's own default drivers. If you have burning software, you may need to reinstall it to re-enable burning features. And you think this is 'straight forward and easy', I've got no idea what you're talking about, I don't even know what a 'hive' is let alone how to [un]mount it !!!! Back to top Towelie Guest Posted: Fri Nov 04, 2005 11:25 am    Post subject: Re: Caution SONY Music CDs have trojan Malware Dustin - so don't buy Sony. Your choice. Why use the issue to try to prove your perceived intellectual superiority over others? Inferiority complex? Can't handle being contradicted? Virus writers: idiots who think they're clever cos they can write 3 lines of javascript. Virus writers who loudly claim "credit" for their supposed creations: even bigger idiots. People who claim to be virus writers when they obviously are not, then use this imaginary "skill" to present themselves as smarter than everybody else: the biggest idiots of all. Did I just hear a virus writer calling somebody "lamer"? Now that's very funny indeed. Why do people stick with writing viruses? Because its so ridiculously easy. Doesn't even require any coding skills or understanding of programming techniques whatsoever. So obviously anyone who trumpets his own virus-coding skills doesn't have any. BTW anyone who thinks the Sony DRM thing is an issue needs to google "NSA key". Back to top Kadaitcha Man Guest Posted: Fri Nov 04, 2005 1:11 pm    Post subject: Re: Caution SONY Music CDs have trojan Malware Dustin Cook, <bughunter.dustin (AT) gmail (DOT) com>, the undesirable, stoloniferous fraudster, and hermit and religious recluse, dripped: Quote: relic wrote: Justin wrote: Relic, would you care to disprove the SysInternals page if you are going to insult the person warning others of this? Following attributes is not your strong suit, is it. Re-check the thread and see if you can locate my insulting "Sony Music CDs install Malware" anywhere. Now fuck off. -- Come to us with a problem only if you want help solving it. That's what we do. Sympathy is what your girlfriends are for. I'm still wondering what problems your feeble little mind is possibly capable of either solving or assisting in solving. You have got to be one of the dumbest little shits I've ever come across on usenet. You know, back in my Raid vx days; I didn't encounter people as mouthy and ignorant at the same time as you've been the last few days. Not even on irc. Even the fucking aolers had more brains then you. Christ. When I get a chance to meet morons like you, it brings back fond memories of vxing. Your such an ignorant shit. Callin me a liar, tellin me I don't know shit about viruses. I've written many, I would think I know a fucking thing or two about them. Whats the name of any you've written, you dumb shit? I've long since retired from vxing, and forgotten many of the routines; But I still suspect what I forgot is more then you're ever going to learn. Your not shit. Your never going to be shit. heh.. You fuckin lamer. My God... And to think I spent days trying to defend myself, to some stupid little blowhard like you. HAHAHA... What a frothing rant. Foam all over the fucking joint. Quote: Regards, Dustbin k0oK http://bumhunter.atspace.org -- DISCLAIMER: The content does not reflect the thoughts or opinions of either my ISP, myself, my company or employer, my friends (if any,) my goldfish or my neighbour's mad dog; don't quote me on that; don't quote me on anything; all rights reserved; the post is distribution copyrighted to the extent that you may distribute the post and all its associated parts freely but you may not make a profit from it or include the post in commercial publications without written permission from the Prime Minister of Hutt Province; other copyright laws for specific posts apply wherever noted or not noted, either deliberately, negligently, or otherwise; posts are subject to change without notice; posts are slightly enlarged to show detail; any resemblance to actual persons, living or dead, is unintentional and purely coincidental; hand wash only, tumble dry on low heat; do not bend, fold, mutilate, or spindle; do not pass go; do not collect $200; your mileage may vary; no substitutions allowed; for a limited time only; the post is void where prohibited, taxed, or otherwise restricted; the post is provided "as is" without any warranties expressed or implied; user assumes full liabilities; not liable for damages due to use or misuse; an equal opportunity abuse employer; no shoes, no shirt; quantities are limited while supplies last; if defects are discovered, do not attempt to fix them yourself but return to an authorised post service centre; caveat emptor; read at your own risk; parental advisory - explicit words; text may contain material some readers may find objectionable, parental guidance is advised; not suitable for children; not suitable for adults; not for human consumption; keep away from sunlight, pets and small children; limit one-per-family; no money down; no purchase necessary; to approved purchasers only; facsimiles are acceptable in South Australia; you need not be present to read this post; some assembly required; batteries not included; action figures sold separately; no preservatives added; tools not included; safety goggles may be required during use; sealed for your protection, do not use if the safety seal is broken; call before you dig; for external use only; if a rash, redness, irritation or swelling develops, discontinue use; use only with proper ventilation; avoid extreme temperatures and store in a cool, dry place; keep away from open flames, naked flames and old flames; avoid inhaling fumes; avoid contact with mucous membranes; do not puncture, incinerate, or store above 60 degrees Centigrade; do not place near flammable or magnetic source; smoking the post may be hazardous to your health; the best safeguard, second only to abstinence, is the use of a good laugh; text used on the post is made from 100% recycled electrons and magnetic particles; no animals were used to test the hilarity of this post other than Synapse Syndrome; no salt, MSG, artificial colour or flavour added; may contain traces of replies to peanuts; if ingested, do not induce vomiting, if symptoms persist, consult your humourologist; post is ribbed for your pleasure; slippery when wet; must be 18 to read; possible penalties for early withdrawal; post offer valid only in participating newsgroups; slightly higher in South Australia; allow four to six weeks for delivery; damage from hurricane, lightning, tornado, tsunami, volcanic eruption, earthquake, flood, orgasm, misuse, self-abuse, neglect, unauthorised repair, damage from improper installation, broken antenna, marred cabinet, incorrect line voltage, missing or altered serial numbers, sonic boom vibrations, electromagnetic radiation from nuclear blasts or other Acts of God are not covered; incidents owing to aeroplane crash, ship sinking, motor vehicle accidents, leaky roof, broken glass, falling rocks, mud slides, forest fire, flying projectiles or dropping the item are also excluded; other restrictions may apply. If something offends you, lighten up, get a life, and move on. All conditions apply. Not available in all stores. Facts have been changed to protect the guilty. Gzdgzcgjzgckacdcnatggathkgkuazkhtojalawtltwuaz.Zookzwn,cecngkeclceawgk Pcazrgp,arbgh,bhpq,blirvgeplcdhc.Ygjcdmbgebdgqep,rbagqprazrpaepehbdpqb Back to top James Egan Guest Posted: Fri Nov 04, 2005 1:22 pm    Post subject: Re: Caution SONY Music CDs have trojan Malware On 4 Nov 2005 02:10:20 -0800, "Geo" <gg (AT) remm (DOT) org> wrote: Quote: And you think this is 'straight forward and easy', I've got no idea what you're talking about, I don't even know what a 'hive' is let alone how to [un]mount it !!!! You can pick it up easily enough from regedit help which tells you the locations of the registry hive files. Editing with (bartpe) regedit is simply a matter of selecting one of the files and loading it to a temporary name of your choice. Edit using regedit in the normal way to make the changes and unmount it simply by clicking on File->Unload_Hive. Jim. Back to top James Egan Guest Posted: Fri Nov 04, 2005 1:41 pm    Post subject: Re: Caution SONY Music CDs have trojan Malware On Fri, 4 Nov 2005 07:15:43 -0500, "Sony Music CDs install Malware" <trunk@.box.suitcase> wrote: Quote: Dustin is Wrong 1. That's not 'easy' removal DustinThat's skilled removal by someone who knows the system and registry very well as well as some of the tools that are available. Actually, he did say "aside from a general end user not knowing how to boot from a cd such as a bart disc, or knowing how to use the registry editor" before saying it was easy. With those qualifications, it *is* easy. Quote: Dustin is Wrong 2. And it is an infestation if special tools are needed for a removal. You won't find many (if any) in acv agreeing with that definition of malware "infestation". Jim. Back to top Display posts from previous: All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 Year Oldest FirstNewest First         C++Talk.NET Forum Index -> C++ language (comp.lang.c++) All times are GMT Goto page 1, 2, 3, 4, 5, 6  Next Page 1 of 6   Jump to: Select a forum C/C++----------------C LanguageC Language (Moderated)C++ Language (Moderated)C++ language (comp.lang.c++)C++ language, library and standards Non-English C/C++ Newsgroups----------------C++ (German)C++ (French)  You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum Powered by phpBB © 2001, 2006 phpBB Group SEO toolkit © 2004-2006 webmedic.