By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
428,997 Members | 1,470 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 428,997 IT Pros & Developers. It's quick & easy.

Caution SONY Music CDs have trojan Malware

P: n/a
Whether you are a web surfer or a C++ developer, if you use Windows be
cautioned about SONY music CDs. They contain 'viewer' type software that is
actually a trojan horse for a "rootkit". The licence agreement gives no
indication whatsoever that the 'viewer' software contains the implementation
of a nasty near-impossible to remove rootkit software.

http://www.sysinternals.com/blog/200...al-rights.html

http://www.techdirt.com/articles/200...514209_F.shtml

http://www.theregister.co.uk/2005/11/03/secfocus_drm/

--

Beware SONY Music CDs.
They contain "viewers" that are actually
rootkit viruses that are near impossible to
remove.
http://www.sysinternals.com/blog/200...al-rights.html
http://www.techdirt.com/articles/200...514209_F.shtml
Nov 3 '05 #1
Share this Question
Share on Google+
87 Replies


P: n/a

Sony Music CDs install Malware wrote:
Whether you are a web surfer or a C++ developer, if you use Windows be
cautioned about SONY music CDs. They contain 'viewer' type software that is
actually a trojan horse for a "rootkit". The licence agreement gives no
indication whatsoever that the 'viewer' software contains the implementation
of a nasty near-impossible to remove rootkit software.

http://www.sysinternals.com/blog/200...al-rights.html

http://www.techdirt.com/articles/200...514209_F.shtml

http://www.theregister.co.uk/2005/11/03/secfocus_drm/


Sheesh. It's not a rootkit, it's not a virus, and it's not near
impossible to remove for anybody who isn't simply an end-user. The
register should be ashamed.

Regards,
Dustin Cook

Nov 3 '05 #2

P: n/a
"Dustin Cook" <bu**************@gmail.com> wrote in message
news:11**********************@g49g2000cwa.googlegr oups.com...

Sony Music CDs install Malware wrote:
Whether you are a web surfer or a C++ developer, if you use Windows be
cautioned about SONY music CDs. They contain 'viewer' type software that
is
actually a trojan horse for a "rootkit". The licence agreement gives no
indication whatsoever that the 'viewer' software contains the
implementation
of a nasty near-impossible to remove rootkit software.

http://www.sysinternals.com/blog/200...al-rights.html

http://www.techdirt.com/articles/200...514209_F.shtml

http://www.theregister.co.uk/2005/11/03/secfocus_drm/


Sheesh. It's not a rootkit, it's not a virus, and it's not near
impossible to remove for anybody who isn't simply an end-user. The
register should be ashamed.

Regards,
Dustin Cook


No, it's SONY that should be ashamed. You should read the lic. agreement for
the nasty thing. There's no way anyone would realize they were installing
software that uses sophisitcated rootkit techniques. And, yes, it is very
difficult to remove. Simply deleting the files [once their cover's been torn
off] usually renders the CD-ROM drive unusable. One "fix", for instance, was
recently published by SONY, but it didn't actually remove it .. it simpled
made the super-hidden files visible. So, no shame on the Register .. shame
on SONY.

--

Beware SONY Music CDs.
They contain "viewers" that are actually
rootkit viruses that are near impossible to
remove.
http://www.sysinternals.com/blog/200...al-rights.html
http://www.techdirt.com/articles/200...514209_F.shtml
Nov 3 '05 #3

P: n/a
"Dustin Cook" <bu**************@gmail.com> wrote in message
news:11**********************@g49g2000cwa.googlegr oups.com...

Sony Music CDs install Malware wrote:
Whether you are a web surfer or a C++ developer, if you use Windows be
cautioned about SONY music CDs. They contain 'viewer' type software that
is
actually a trojan horse for a "rootkit". The licence agreement gives no
indication whatsoever that the 'viewer' software contains the
implementation
of a nasty near-impossible to remove rootkit software.

http://www.sysinternals.com/blog/200...al-rights.html

http://www.techdirt.com/articles/200...514209_F.shtml

http://www.theregister.co.uk/2005/11/03/secfocus_drm/


Sheesh. It's not a rootkit, it's not a virus, and it's not near
impossible to remove for anybody who isn't simply an end-user. The
register should be ashamed.

Regards,
Dustin Cook


Mr. Cook:

No, it's SONY that should be ashamed. You should read the lic. agreement for
the nasty thing. There's no way anyone would realize they were installing
software that uses sophisitcated rootkit techniques. And, yes, it is very
difficult to remove. Simply deleting the files [once their cover's been torn
off] usually renders the CD-ROM drive unusable. One "fix", for instance, was
recently published by SONY, but it didn't actually remove it .. it simpled
made the super-hidden files visible. So, no shame on the Register .. shame
on SONY.

--

Beware SONY Music CDs.
They contain "viewers" that are actually
rootkit viruses that are near impossible to
remove.
http://www.sysinternals.com/blog/200...al-rights.html
http://www.techdirt.com/articles/200...514209_F.shtml
Nov 3 '05 #4

P: n/a
Sony Music CDs install Malware wrote:
"Dustin Cook" <bu**************@gmail.com> wrote in message
news:11**********************@g49g2000cwa.googlegr oups.com...

Sony Music CDs install Malware wrote:
Whether you are a web surfer or a C++ developer, if you use Windows
be cautioned about SONY music CDs. They contain 'viewer' type
software that is
actually a trojan horse for a "rootkit". The licence agreement
gives no indication whatsoever that the 'viewer' software contains
the implementation
of a nasty near-impossible to remove rootkit software.

http://www.sysinternals.com/blog/200...al-rights.html

http://www.techdirt.com/articles/200...514209_F.shtml

http://www.theregister.co.uk/2005/11/03/secfocus_drm/


Sheesh. It's not a rootkit, it's not a virus, and it's not near
impossible to remove for anybody who isn't simply an end-user. The
register should be ashamed.

Regards,
Dustin Cook


Mr. Cook:

No, it's SONY that should be ashamed. You should read the lic.
agreement for the nasty thing. There's no way anyone would realize
they were installing software that uses sophisitcated rootkit
techniques. And, yes, it is very difficult to remove. Simply deleting
the files [once their cover's been torn off] usually renders the
CD-ROM drive unusable. One "fix", for instance, was recently
published by SONY, but it didn't actually remove it .. it simpled
made the super-hidden files visible. So, no shame on the Register ..
shame on SONY.

Ignore Dustin, he's a self-appointed expert on things he knows little about.

--
Come to us with a problem only if you want help solving it.
That's what we do. Sympathy is what your girlfriends are for.
Nov 3 '05 #5

P: n/a

relic wrote:
Ignore Dustin, he's a self-appointed expert on things he knows little about.


Psst. Relic, get a clue, son. Look up raidslam virus writer. I know wtf
viruses are, rootkits etc, I've authored many of them, you freaking
idiot. :)

Checkout virusbulletin sometime if you don't believe me, I'm known by
fucking name (Dustin Cook/Raid) as the author of Toadie virus, Irok
virus, Krile, Creed, Kremlin, etc etc etc.

Better yet, Ask alt.comp.virus who I am, and if I know wtf i'm talking
about. I'll make it easier, I've crossposted it to them, you fucking
idiot.

Okay.. Off my soapbox now...

Regards,
Dustin Cook

Nov 3 '05 #6

P: n/a

Sony Music CDs install Malware wrote:
No, it's SONY that should be ashamed. You should read the lic. agreement for
the nasty thing. There's no way anyone would realize they were installing
software that uses sophisitcated rootkit techniques. And, yes, it is very
difficult to remove. Simply deleting the files [once their cover's been torn
off] usually renders the CD-ROM drive unusable. One "fix", for instance, was
recently published by SONY, but it didn't actually remove it .. it simpled
made the super-hidden files visible. So, no shame on the Register .. shame
on SONY.


Do you know what the hell a rootkit even is? It doesn't really apply to
Windows, Unix has root user, not windows. As for a virus, the sony
modules do not replicate. They have no worm ability, they have no viral
infection ability. IE: They aren't viruses.

If you remove the files by force, and you can easily; they can't very
well hide if windows isn't running, now can they? Nope, they can't.
Various CDs are available to boot windows with full access to ntfs
without RUNNING YOUR OS. Which means, NO hiding anything. Files can be
done what you like with. When you reboot, yes, your cdrom drives are
busted. Several other apps break them, it's a known problem with them
and windows. Clone cd, easy cdcreator, hell, even a bad uninstall of
nero will break them. It consists of two registry keys to fix it.
Delete them, and reboot.

now aside from a general end user not knowing how to boot from a cd
such as a bart disc, or knowing how to use the registry editor, WHERE
IS THE DIFFICULTY?

Regards,
Dustin Cook
http://bughunter.atspace.org

Nov 3 '05 #7

P: n/a
Relic, would you care to disprove the SysInternals page if you are
going to insult the person warning others of this?

Nov 3 '05 #8

P: n/a
Dustin Cook wrote:
Sony Music CDs install Malware wrote:
No, it's SONY that should be ashamed. You should read the lic.
agreement for the nasty thing. There's no way anyone would realize
they were installing software that uses sophisitcated rootkit
techniques. And, yes, it is very difficult to remove. Simply
deleting the files [once their cover's been torn off] usually
renders the CD-ROM drive unusable. One "fix", for instance, was
recently published by SONY, but it didn't actually remove it .. it
simpled made the super-hidden files visible. So, no shame on the
Register .. shame on SONY.


Do you know what the hell a rootkit even is? It doesn't really apply
to Windows, Unix has root user, not windows. As for a virus, the sony
modules do not replicate. They have no worm ability, they have no
viral infection ability. IE: They aren't viruses.

If you remove the files by force, and you can easily; they can't very
well hide if windows isn't running, now can they? Nope, they can't.
Various CDs are available to boot windows with full access to ntfs
without RUNNING YOUR OS. Which means, NO hiding anything. Files can be
done what you like with. When you reboot, yes, your cdrom drives are
busted. Several other apps break them, it's a known problem with them
and windows. Clone cd, easy cdcreator, hell, even a bad uninstall of
nero will break them. It consists of two registry keys to fix it.
Delete them, and reboot.

now aside from a general end user not knowing how to boot from a cd
such as a bart disc, or knowing how to use the registry editor, WHERE
IS THE DIFFICULTY?

Regards,
Dustin Cook
http://bughunter.atspace.org


Hi Dustin - thanks for the reply:

Well, it has been demonstarted it doesn't replicate .. yet. A better
discription might have been "diseased shitware" rather than virus. My
mistake.

I don't know what you are blabbering on about vis s vis rebooting computers.
The SONY diseased shitware doesn't boot the computer, rather, it infests the
computer. When the authors wrote the diseased shitware they employed rootkit
techniques.

--

Beware SONY Music CDs.
They contain "viewers" that are actually
rootkit malware that are near impossible to
remove.
http://www.sysinternals.com/blog/200...al-rights.html
http://www.techdirt.com/articles/200...514209_F.shtml
Nov 3 '05 #9

P: n/a
Dustin Cook wrote:
relic wrote:
Ignore Dustin, he's a self-appointed expert on things he knows
little about.


Psst. Relic, get a clue, son. Look up raidslam virus writer. I know
wtf viruses are, rootkits etc, I've authored many of them, you
freaking idiot. :)

Checkout virusbulletin sometime if you don't believe me, I'm known by
fucking name (Dustin Cook/Raid) as the author of Toadie virus, Irok
virus, Krile, Creed, Kremlin, etc etc etc.

Better yet, Ask alt.comp.virus who I am, and if I know wtf i'm talking
about. I'll make it easier, I've crossposted it to them, you fucking
idiot.

Okay.. Off my soapbox now...

Regards,
Dustin Cook


Mr. Cook:

We know already it's not necessarily a true virus. I put the term in my sig,
more to get attention because "rootkit" wouldn't mean a thing to anyone
whereas "virus" means lousy malicious software. For now on I will refer to
the SONY software as "malware" or "diseased shitware".

--

Beware SONY Music CDs.
They contain "viewers" that are actually
rootkit like malware that are near impossible to
remove.
http://www.sysinternals.com/blog/200...al-rights.html
http://www.techdirt.com/articles/200...514209_F.shtml
Nov 3 '05 #10

P: n/a
Today's news has Sony eating the whole deal and offering software to
remove what they put into peoples machines. Check their website it says

Sony Music CDs install Malware wrote:
Dustin Cook wrote:
relic wrote:
Ignore Dustin, he's a self-appointed expert on things he knows
little about.


Psst. Relic, get a clue, son. Look up raidslam virus writer. I know
wtf viruses are, rootkits etc, I've authored many of them, you
freaking idiot. :)

Checkout virusbulletin sometime if you don't believe me, I'm known by
fucking name (Dustin Cook/Raid) as the author of Toadie virus, Irok
virus, Krile, Creed, Kremlin, etc etc etc.

Better yet, Ask alt.comp.virus who I am, and if I know wtf i'm talking
about. I'll make it easier, I've crossposted it to them, you fucking
idiot.

Okay.. Off my soapbox now...

Regards,
Dustin Cook


Mr. Cook:

We know already it's not necessarily a true virus. I put the term in my sig,
more to get attention because "rootkit" wouldn't mean a thing to anyone
whereas "virus" means lousy malicious software. For now on I will refer to
the SONY software as "malware" or "diseased shitware".


Nov 4 '05 #11

P: n/a
Justin wrote:
Relic, would you care to disprove the SysInternals page if you are
going to insult the person warning others of this?

Following attributes is not your strong suit, is it. Re-check the thread and
see if you can locate my insulting "Sony Music CDs install Malware"
anywhere.

Now fuck off.

--
Come to us with a problem only if you want help solving it.
That's what we do. Sympathy is what your girlfriends are for.
Nov 4 '05 #12

P: n/a

Sony Music CDs install Malware wrote:
Hi Dustin - thanks for the reply:

Well, it has been demonstarted it doesn't replicate .. yet. A better
discription might have been "diseased shitware" rather than virus. My
mistake.
diseased shitware sounds fine to me. DRM typically wouldn't have a need
to replicate. Replication is a pain in the ass, for compatability
reasons. Sony did what was best in terms of overall compatability for
windows. I'm not defending the stunt mind you, only respecting the
intent.
I don't know what you are blabbering on about vis s vis rebooting computers.
The SONY diseased shitware doesn't boot the computer, rather, it infests the
computer. When the authors wrote the diseased shitware they employed rootkit
techniques.


First of all, the blabbering was a pretty straight forward way of
removing the offending software; The software cannot hide if you use
ultimate boot cd, knoppix, bartpe, etc. The reason it cant hide is
because your computer is operating from that cd's OS, not it's own.
Since it's own OS was never loaded, neither was the offensive software.
None of it.

Second, It doesn't infest anything. The method it uses is actually
pretty clean, and a design of windows. The software is malicious only
in the sense you don't know what it's actually upto; Probably aren't
warned it's installed, and it can be a slightly tedious task of
removing it. But it's harm to your system isn't. It reroutes your cdrom
access thru it's own drivers. CloneCD does this as well. :) If you
remove it's drivers, windows disables cdrom; It isn't going to load
just any drivers, if it cant load the ones the registry says to; no
cdrom.

To remove it is a matter of cleaning up the files, theirs really no
need to play cat and mouse with it if you don't boot the host OS.
bartpe is a nice time saver. Once the files are gone, you can run
regedit from bart and mount the software hive, remove the offending
keys, unmount the hive, and reboot to the host OS. Windows will reset
your cdrom access back to it's own default drivers. If you have burning
software, you may need to reinstall it to re-enable burning features.

That's what I was blabbering about. :)

Regards,
Dustin Cook
http://bughunter.atspace.org

Nov 4 '05 #13

P: n/a

relic wrote:
Justin wrote:
Relic, would you care to disprove the SysInternals page if you are
going to insult the person warning others of this?

Following attributes is not your strong suit, is it. Re-check the thread and
see if you can locate my insulting "Sony Music CDs install Malware"
anywhere.

Now fuck off.

--
Come to us with a problem only if you want help solving it.
That's what we do. Sympathy is what your girlfriends are for.


I'm still wondering what problems your feeble little mind is possibly
capable of either solving or assisting in solving. You have got to be
one of the dumbest little shits I've ever come across on usenet. You
know, back in my Raid vx days; I didn't encounter people as mouthy and
ignorant at the same time as you've been the last few days. Not even on
irc. Even the fucking aolers had more brains then you. Christ. When I
get a chance to meet morons like you, it brings back fond memories of
vxing. Your such an ignorant shit. Callin me a liar, tellin me I don't
know shit about viruses. I've written many, I would think I know a
fucking thing or two about them. Whats the name of any you've written,
you dumb shit?

I've long since retired from vxing, and forgotten many of the routines;
But I still suspect what I forgot is more then you're ever going to
learn. Your not shit. Your never going to be shit. heh.. You fuckin
lamer. My God... And to think I spent days trying to defend myself, to
some stupid little blowhard like you. HAHAHA...

Regards,
Dustin Cook
http://bughunter.atspace.org

Nov 4 '05 #14

P: n/a
Go Dustin GO!!!!!!!!!!!!!!!!!!!!!!!

Okay.. Off my soapbox now...


get back on that soap box man.... makes entertaining reading.

G

Nov 4 '05 #15

P: n/a
Geo

Dustin Cook wrote:
To remove it is a matter of cleaning up the files, theirs really no
need to play cat and mouse with it if you don't boot the host OS.
bartpe is a nice time saver. Once the files are gone, you can run
regedit from bart and mount the software hive, remove the offending
keys, unmount the hive, and reboot to the host OS. Windows will reset
your cdrom access back to it's own default drivers. If you have burning
software, you may need to reinstall it to re-enable burning features.


And you think this is 'straight forward and easy', I've got no idea
what you're talking about, I don't even know what a 'hive' is let alone
how to [un]mount it !!!!

Nov 4 '05 #16

P: n/a
Dustin - so don't buy Sony. Your choice. Why use the issue to try to
prove your perceived intellectual superiority over others? Inferiority
complex? Can't handle being contradicted?

Virus writers: idiots who think they're clever cos they can write 3
lines of javascript.
Virus writers who loudly claim "credit" for their supposed creations:
even bigger idiots.
People who claim to be virus writers when they obviously are not, then
use this imaginary "skill" to present themselves as smarter than
everybody else: the biggest idiots of all.

Did I just hear a virus writer calling somebody "lamer"? Now that's
very funny indeed. Why do people stick with writing viruses? Because
its so ridiculously easy. Doesn't even require any coding skills or
understanding of programming techniques whatsoever. So obviously anyone
who trumpets his own virus-coding skills doesn't have any.

BTW anyone who thinks the Sony DRM thing is an issue needs to google
"NSA key".

Nov 4 '05 #17

P: n/a
Towelie wrote:
Dustin - so don't buy Sony. Your choice. Why use the issue to try to
prove your perceived intellectual superiority over others? Inferiority
complex? Can't handle being contradicted?

Virus writers: idiots who think they're clever cos they can write 3
lines of javascript.
Virus writers who loudly claim "credit" for their supposed creations:
even bigger idiots.
People who claim to be virus writers when they obviously are not, then
use this imaginary "skill" to present themselves as smarter than
everybody else: the biggest idiots of all.

Did I just hear a virus writer calling somebody "lamer"? Now that's
very funny indeed. Why do people stick with writing viruses? Because
its so ridiculously easy. Doesn't even require any coding skills or
understanding of programming techniques whatsoever. So obviously
anyone who trumpets his own virus-coding skills doesn't have any.

BTW anyone who thinks the Sony DRM thing is an issue needs to google
"NSA key".


The NSA key was an issue with Windows 2000. There was a comment left in the
code making reference to the an "NSA key". What it really was and what the
result of it all was no one in the public really knows. Since then though,
Microsoft has made its code available for review to gov'ts around the world.
Can the NSA and other security agencies backdoor into Windows 2000 ??
Windows XP ??

SONY wants to rule the media/computer via world DRM. And it is clear it will
go to insidious lengths to do so. The stealth software is just one attempt.
Blue Ray, of course, is one of their major thrusts. But don't to overlook
the stealth malware. It really does represent an attempt to wrest control of
the computer from its owner. And coming from the resources of SONY at that.
I know for sure I wouldn't like having my system infected with it.
Futhermore the diseased shitware is available to *other* virus/ malware
writers to opportune and leverage. The greed is so intense, eh?

SONY is off my list this Christmas .. forever. I just don't want their stuff
anymore.

--

Beware SONY Music CDs.
They contain "viewers" that are actually
rootkit like malware that are near impossible to
remove.
http://www.sysinternals.com/blog/200...al-rights.html
http://www.techdirt.com/articles/200...514209_F.shtml
Nov 4 '05 #18

P: n/a
Dustin Cook wrote:
Sony Music CDs install Malware wrote:
Hi Dustin - thanks for the reply:

Well, it has been demonstarted it doesn't replicate .. yet. A better
discription might have been "diseased shitware" rather than virus. My
mistake.


diseased shitware sounds fine to me. DRM typically wouldn't have a
need to replicate. Replication is a pain in the ass, for compatability
reasons. Sony did what was best in terms of overall compatability for
windows. I'm not defending the stunt mind you, only respecting the
intent.
I don't know what you are blabbering on about vis s vis rebooting
computers. The SONY diseased shitware doesn't boot the computer,
rather, it infests the computer. When the authors wrote the diseased
shitware they employed rootkit techniques.


First of all, the blabbering was a pretty straight forward way of
removing the offending software; The software cannot hide if you use
ultimate boot cd, knoppix, bartpe, etc. The reason it cant hide is
because your computer is operating from that cd's OS, not it's own.
Since it's own OS was never loaded, neither was the offensive
software. None of it.

Second, It doesn't infest anything. The method it uses is actually
pretty clean, and a design of windows. The software is malicious only
in the sense you don't know what it's actually upto; Probably aren't
warned it's installed, and it can be a slightly tedious task of
removing it. But it's harm to your system isn't. It reroutes your
cdrom access thru it's own drivers. CloneCD does this as well. :) If
you remove it's drivers, windows disables cdrom; It isn't going to
load just any drivers, if it cant load the ones the registry says to;
no cdrom.

To remove it is a matter of cleaning up the files, theirs really no
need to play cat and mouse with it if you don't boot the host OS.
bartpe is a nice time saver. Once the files are gone, you can run
regedit from bart and mount the software hive, remove the offending
keys, unmount the hive, and reboot to the host OS. Windows will reset
your cdrom access back to it's own default drivers. If you have
burning software, you may need to reinstall it to re-enable burning
features.

That's what I was blabbering about. :)

Regards,
Dustin Cook
http://bughunter.atspace.org


Dustin is Wrong 1. That's not 'easy' removal DustinThat's skilled removal by
someone who knows the system and registry very well as well as some of the
tools that are available.

Dustin is Wrong 2. And it is an infestation if special tools are needed for
a removal. A while-the-system-is running Reg key delete and file delete is
simple removal .. what you are describing is not .. what you are describing
is removing a diseased infection.

--

Beware SONY Music CDs.
They contain "viewers" that are actually
rootkit like malware that are near impossible to
remove.
http://www.sysinternals.com/blog/200...al-rights.html
http://www.techdirt.com/articles/200...514209_F.shtml
Nov 4 '05 #19

P: n/a
Dustin Cook wrote:
relic wrote:
Justin wrote:
Relic, would you care to disprove the SysInternals page if you are
going to insult the person warning others of this?

Following attributes is not your strong suit, is it. Re-check the
thread and see if you can locate my insulting "Sony Music CDs
install Malware" anywhere.

Now fuck off.

--
Come to us with a problem only if you want help solving it.
That's what we do. Sympathy is what your girlfriends are for.


I'm still wondering what problems your feeble little mind is possibly
capable of either solving or assisting in solving. You have got to be
one of the dumbest little shits I've ever come across on usenet. You
know, back in my Raid vx days; I didn't encounter people as mouthy and
ignorant at the same time as you've been the last few days. Not even
on irc. Even the fucking aolers had more brains then you. Christ.
When I get a chance to meet morons like you, it brings back fond
memories of vxing. Your such an ignorant shit. Callin me a liar,
tellin me I don't know shit about viruses. I've written many, I would
think I know a fucking thing or two about them. Whats the name of any
you've written, you dumb shit?

I've long since retired from vxing, and forgotten many of the
routines; But I still suspect what I forgot is more then you're ever
going to learn. Your not shit. Your never going to be shit. heh.. You
fuckin lamer. My God... And to think I spent days trying to defend
myself, to some stupid little blowhard like you. HAHAHA...

Regards,
Dustin Cook
http://bughunter.atspace.org


Justin:

Actually, Relic is right ['usually is]. I think you followed the thread
wrong.

--

Beware SONY Music CDs.
They contain "viewers" that are actually
rootkit like malware that are near impossible to
remove.
http://www.sysinternals.com/blog/200...al-rights.html
http://www.techdirt.com/articles/200...514209_F.shtml
Nov 4 '05 #20

P: n/a
Sony Music CDs install Malware wrote:
Dustin Cook wrote:
relic wrote:
Justin wrote:
Relic, would you care to disprove the SysInternals page if you are
going to insult the person warning others of this?
Following attributes is not your strong suit, is it. Re-check the
thread and see if you can locate my insulting "Sony Music CDs
install Malware" anywhere.

Now fuck off.

--
Come to us with a problem only if you want help solving it.
That's what we do. Sympathy is what your girlfriends are for.


I'm still wondering what problems your feeble little mind is possibly
capable of either solving or assisting in solving. You have got to be
one of the dumbest little shits I've ever come across on usenet. You
know, back in my Raid vx days; I didn't encounter people as mouthy
and ignorant at the same time as you've been the last few days. Not
even on irc. Even the fucking aolers had more brains then you.
Christ. When I get a chance to meet morons like you, it brings back
fond memories of vxing. Your such an ignorant shit. Callin me a liar,
tellin me I don't know shit about viruses. I've written many, I would
think I know a fucking thing or two about them. Whats the name of any
you've written, you dumb shit?

I've long since retired from vxing, and forgotten many of the
routines; But I still suspect what I forgot is more then you're ever
going to learn. Your not shit. Your never going to be shit. heh.. You
fuckin lamer. My God... And to think I spent days trying to defend
myself, to some stupid little blowhard like you. HAHAHA...

Regards,
Dustin Cook
http://bughunter.atspace.org


Justin:

Actually, Relic is right ['usually is]. I think you followed the
thread wrong.


And I just posted the reply to Justin wrong

--

Beware SONY Music CDs.
They contain "viewers" that are actually
rootkit like malware that are near impossible to
remove.
http://www.sysinternals.com/blog/200...al-rights.html
http://www.techdirt.com/articles/200...514209_F.shtml
Nov 4 '05 #21

P: n/a
Geo wrote:
Dustin Cook wrote:
To remove it is a matter of cleaning up the files, theirs really no
need to play cat and mouse with it if you don't boot the host OS.
bartpe is a nice time saver. Once the files are gone, you can run
regedit from bart and mount the software hive, remove the offending
keys, unmount the hive, and reboot to the host OS. Windows will reset
your cdrom access back to it's own default drivers. If you have
burning software, you may need to reinstall it to re-enable burning
features.


And you think this is 'straight forward and easy', I've got no idea
what you're talking about, I don't even know what a 'hive' is let
alone how to [un]mount it !!!!


Geo:

"hive" - He's making references to the Windows registry. "mount" means to
make available to the running software [usually an operating system] for
use. Windows usually detects and mounts harddisks etc. automatically. Some
systems require the user to specifically command that a disk etc. gets
mounted. A BART [Bootable Antivirus and Recovery Tools] CD, is a bootable CD
that enables you to make fixes to the system without booting it from
Windows. "keys" refers to Windows registry key. "host OS" is your Windows
operating system. "burning software" refers to software that burns [creates]
CD-R discs such as a roll-your-own music CDs or a copy of another CD.

--

Beware SONY Music CDs.
They contain "viewers" that are actually
rootkit like malware that are near impossible to
remove.
http://www.sysinternals.com/blog/200...al-rights.html
http://www.techdirt.com/articles/200...514209_F.shtml
Nov 4 '05 #22

P: n/a
Dustin Cook, <bu**************@gmail.com>, the undesirable, stoloniferous
fraudster, and hermit and religious recluse, dripped:
relic wrote:
Justin wrote:
Relic, would you care to disprove the SysInternals page if you are
going to insult the person warning others of this?

Following attributes is not your strong suit, is it. Re-check the
thread and see if you can locate my insulting "Sony Music CDs
install Malware" anywhere.

Now fuck off.

--
Come to us with a problem only if you want help solving it.
That's what we do. Sympathy is what your girlfriends are for.


I'm still wondering what problems your feeble little mind is possibly
capable of either solving or assisting in solving. You have got to be
one of the dumbest little shits I've ever come across on usenet. You
know, back in my Raid vx days; I didn't encounter people as mouthy and
ignorant at the same time as you've been the last few days. Not even
on irc. Even the fucking aolers had more brains then you. Christ.
When I get a chance to meet morons like you, it brings back fond
memories of vxing. Your such an ignorant shit. Callin me a liar,
tellin me I don't know shit about viruses. I've written many, I would
think I know a fucking thing or two about them. Whats the name of any
you've written, you dumb shit?

I've long since retired from vxing, and forgotten many of the
routines; But I still suspect what I forgot is more then you're ever
going to learn. Your not shit. Your never going to be shit. heh.. You
fuckin lamer. My God... And to think I spent days trying to defend
myself, to some stupid little blowhard like you. HAHAHA...


What a frothing rant. Foam all over the fucking joint.
Regards,
Dustbin k0oK
http://bumhunter.atspace.org


--
DISCLAIMER: The content does not reflect the thoughts or opinions of either
my ISP, myself, my company or employer, my friends (if any,) my goldfish or
my neighbour's mad dog; don't quote me on that; don't quote me on anything;
all rights reserved; the post is distribution copyrighted to the extent that
you may distribute the post and all its associated parts freely but you may
not make a profit from it or include the post in commercial publications
without written permission from the Prime Minister of Hutt Province; other
copyright laws for specific posts apply wherever noted or not noted, either
deliberately, negligently, or otherwise; posts are subject to change without
notice; posts are slightly enlarged to show detail; any resemblance to
actual persons, living or dead, is unintentional and purely coincidental;
hand wash only, tumble dry on low heat; do not bend, fold, mutilate, or
spindle; do not pass go; do not collect $200; your mileage may vary; no
substitutions allowed; for a limited time only; the post is void where
prohibited, taxed, or otherwise restricted; the post is provided "as is"
without any warranties expressed or implied; user assumes full liabilities;
not liable for damages due to use or misuse; an equal opportunity abuse
employer; no shoes, no shirt; quantities are limited while supplies last; if
defects are discovered, do not attempt to fix them yourself but return to an
authorised post service centre; caveat emptor; read at your own risk;
parental advisory - explicit words; text may contain material some readers
may find objectionable, parental guidance is advised; not suitable for
children; not suitable for adults; not for human consumption; keep away from
sunlight, pets and small children; limit one-per-family; no money down; no
purchase necessary; to approved purchasers only; facsimiles are acceptable
in South Australia; you need not be present to read this post; some assembly
required; batteries not included; action figures sold separately; no
preservatives added; tools not included; safety goggles may be required
during use; sealed for your protection, do not use if the safety seal is
broken; call before you dig; for external use only; if a rash, redness,
irritation or swelling develops, discontinue use; use only with proper
ventilation; avoid extreme temperatures and store in a cool, dry place; keep
away from open flames, naked flames and old flames; avoid inhaling fumes;
avoid contact with mucous membranes; do not puncture, incinerate, or store
above 60 degrees Centigrade; do not place near flammable or magnetic source;
smoking the post may be hazardous to your health; the best safeguard, second
only to abstinence, is the use of a good laugh; text used on the post is
made from 100% recycled electrons and magnetic particles; no animals were
used to test the hilarity of this post other than Synapse Syndrome; no salt,
MSG, artificial colour or flavour added; may contain traces of replies to
peanuts; if ingested, do not induce vomiting, if symptoms persist, consult
your humourologist; post is ribbed for your pleasure; slippery when wet;
must be 18 to read; possible penalties for early withdrawal; post offer
valid only in participating newsgroups; slightly higher in South Australia;
allow four to six weeks for delivery; damage from hurricane, lightning,
tornado, tsunami, volcanic eruption, earthquake, flood, orgasm, misuse,
self-abuse, neglect, unauthorised repair, damage from improper installation,
broken antenna, marred cabinet, incorrect line voltage, missing or altered
serial numbers, sonic boom vibrations, electromagnetic radiation from
nuclear blasts or other Acts of God are not covered; incidents owing to
aeroplane crash, ship sinking, motor vehicle accidents, leaky roof, broken
glass, falling rocks, mud slides, forest fire, flying projectiles or
dropping the item are also excluded; other restrictions may apply. If
something offends you, lighten up, get a life, and move on. All conditions
apply. Not available in all stores. Facts have been changed to protect the
guilty.

Gzdgzcgjzgckacdcnatggathkgkuazkhtojalawtltwuaz.Zoo kzwn,cecngkeclceawgk
Pcazrgp,arbgh,bhpq,blirvgeplcdhc.Ygjcdmbgebdgqep,r bagqprazrpaepehbdpqb
Nov 4 '05 #23

P: n/a
On 4 Nov 2005 02:10:20 -0800, "Geo" <gg@remm.org> wrote:
And you think this is 'straight forward and easy', I've got no idea
what you're talking about, I don't even know what a 'hive' is let alone
how to [un]mount it !!!!


You can pick it up easily enough from regedit help which tells you the
locations of the registry hive files. Editing with (bartpe) regedit is
simply a matter of selecting one of the files and loading it to a
temporary name of your choice. Edit using regedit in the normal way to
make the changes and unmount it simply by clicking on
File->Unload_Hive.
Jim.

Nov 4 '05 #24

P: n/a
On Fri, 4 Nov 2005 07:15:43 -0500, "Sony Music CDs install Malware"
<trunk@.box.suitcase> wrote:
Dustin is Wrong 1. That's not 'easy' removal DustinThat's skilled removal by
someone who knows the system and registry very well as well as some of the
tools that are available.
Actually, he did say "aside from a general end user not knowing how to
boot from a cd such as a bart disc, or knowing how to use the registry
editor" before saying it was easy. With those qualifications, it *is*
easy.

Dustin is Wrong 2. And it is an infestation if special tools are needed for
a removal.


You won't find many (if any) in acv agreeing with that definition of
malware "infestation".
Jim.

Nov 4 '05 #25

P: n/a

Towelie wrote:
Dustin - so don't buy Sony. Your choice. Why use the issue to try to
prove your perceived intellectual superiority over others? Inferiority
complex? Can't handle being contradicted?
What in the world are you talking about? I'm not trying to prove any
superiority, I'm simply wanting some individuals who should know
better, like the register, from reporting inaccurate information, thats
all.
Virus writers: idiots who think they're clever cos they can write 3
lines of javascript.
Virus writers who loudly claim "credit" for their supposed creations:
even bigger idiots.
javascript? Kiddo, Mine were exe/com infectors. I don't need to claim
credit, I'm already published by name in virusbulletin, damn near 6
years ago.
People who claim to be virus writers when they obviously are not, then
use this imaginary "skill" to present themselves as smarter than
everybody else: the biggest idiots of all.
When they are obviously not? Sigh. I don't know how to make this any
simpler for you, I am Raid; I am a former well known virus writer. Why
in the hell would anybody claim to be this individual of all people, if
they were not? If you were a coder, you could see for yourself.
BugHunter is a legitimate application, but all programmers like bomb
makers have a certain signature. You'd find the coding style used on
BugHunter matches the coding style used on viruses and other malware
(war dialers, etc) written by Raid (me).
Did I just hear a virus writer calling somebody "lamer"? Now that's
very funny indeed. Why do people stick with writing viruses? Because
its so ridiculously easy. Doesn't even require any coding skills or
understanding of programming techniques whatsoever. So obviously anyone
who trumpets his own virus-coding skills doesn't have any.
Indeed. If your writing scripts, like javascript. :) I don't.
Incidently, you don't read so well; I'm retired. Have been for a very
long time now. Aside from maintaining contact with some old friends on
both sides, I have nothing to do directly with the Vx scene. My
interests are in malware removal, not it's creation.
BTW anyone who thinks the Sony DRM thing is an issue needs to google
"NSA key".


I do not feel the sony thing is that big of an issue. It's sneaky, but
something similiar was already released on the new foo fighters. It
just didn't make such an effort to hide itself.

Regards,
Dustin Cook

Nov 4 '05 #26

P: n/a

James Egan wrote:
On Fri, 4 Nov 2005 07:15:43 -0500, "Sony Music CDs install Malware"
<trunk@.box.suitcase> wrote:
Dustin is Wrong 1. That's not 'easy' removal DustinThat's skilled removal by
someone who knows the system and registry very well as well as some of the
tools that are available.


Actually, he did say "aside from a general end user not knowing how to
boot from a cd such as a bart disc, or knowing how to use the registry
editor" before saying it was easy. With those qualifications, it *is*
easy.


heh. Hi James. Long time. :)

Dustin is Wrong 2. And it is an infestation if special tools are needed for
a removal.


You won't find many (if any) in acv agreeing with that definition of
malware "infestation".


Nope.. He sure won't. Laugh Laugh. Poor slob doesn't know what a virus
even is. Nor a rootkit, nor a worm. Sony's amusing little program
doesn't meet the criteria of any of them.

Regards,
Dustin Cook
http://bughunter.atspace.org

Nov 4 '05 #27

P: n/a
REH

Would you please remove your cross-posts to comp.lang.c++ from your
discussion?

Nov 4 '05 #28

P: n/a
Art
On 4 Nov 2005 07:49:39 -0800, "Dustin Cook"
<bu**************@gmail.com> wrote:
I do not feel the sony thing is that big of an issue. It's sneaky, but
something similiar was already released on the new foo fighters. It
just didn't make such an effort to hide itself.


I thought it was the lack of a uninstall that was the big issue. Has
that been fixed? If a typical consumer/user is faced with having to
pay a expensive repair bill to have (possibly buggy) sw removed from
his PC, I'd say it's a big deal indeed.

Other issues such as continual added overhead (cpu/RAM useage) are
perhaps minor issues which most wouldn't consider a big deal nowdays
.... providing they are minor.

Art

http://home.epix.net/~artnpeg

Nov 4 '05 #29

P: n/a
On that special day, Dustin Cook, (bu**************@gmail.com) said...
Nor a rootkit, nor a worm. Sony's amusing little program
doesn't meet the criteria of any of them.


I've seen it being named "rootkit" (behaviour) on a reputable German
site, the heise newsticker (something like register for Germans). They
used this term a bit loosely, because the original version was meant to
hide all processes and threads from the system, that begin with $sys$

That isn't exact science, of course, just meant to alert the readers
about this scumware.
Gabriele Neukam

Ga*************************@t-online.de
--
Ah, Information. A property, too valuable these days, to give it away,
just so, at no cost.
Nov 4 '05 #30

P: n/a

Art wrote:
I thought it was the lack of a uninstall that was the big issue. Has
that been fixed? If a typical consumer/user is faced with having to
pay a expensive repair bill to have (possibly buggy) sw removed from
his PC, I'd say it's a big deal indeed.


Not the uninstall per say, just the fact the program makes an active
effort to conseal some of it's files it needs. Of course, Sony didn't
tell anybody they intended to install this wonderful little program.
That probably irked most users.

Regards,
Dustin Cook
http://bughunter.atspace.org

Nov 4 '05 #31

P: n/a
Dustin Cook wrote:
Towelie wrote:
Dustin - so don't buy Sony. Your choice. Why use the issue to try to
prove your perceived intellectual superiority over others?
Inferiority complex? Can't handle being contradicted?


What in the world are you talking about? I'm not trying to prove any
superiority,


That's good. You'd be laughed out of town if you did.
Nov 4 '05 #32

P: n/a
Dustin Cook wrote:
relic wrote:
Justin wrote:
Relic, would you care to disprove the SysInternals page if you are
going to insult the person warning others of this?

Following attributes is not your strong suit, is it. Re-check the
thread and see if you can locate my insulting "Sony Music CDs
install Malware" anywhere.

Now fuck off.

--
Come to us with a problem only if you want help solving it.
That's what we do. Sympathy is what your girlfriends are for.


I'm still wondering <snip unread>


Didn't I just tell you to fuck off?

--
Come to us with a problem only if you want help solving it.
That's what we do. Sympathy is what your girlfriends are for.
Nov 4 '05 #33

P: n/a

James Egan wrote:
You can pick it up easily enough from regedit help which tells you the
locations of the registry hive files. Editing with (bartpe) regedit is
simply a matter of selecting one of the files and loading it to a
temporary name of your choice. Edit using regedit in the normal way to
make the changes and unmount it simply by clicking on
File->Unload_Hive.


I'm beginning to think after reading/responding to the posts in the
last few days, The people have only gotten dumber since I retired;
certainly not wiser. Dumb and mouthy...Stupid is as stupid does as they
say. They don't read before hitting post, they don't check "help" at
all, They don't do any background checking before they claim you don't
know this or that. They are helplessly stupid individuals.
Regards,
Dustin Cook
http://bughunter.atspace.org

Nov 4 '05 #34

P: n/a

relic wrote:
Didn't I just tell you to fuck off?


And that's supposed to get what kind of response, exactly? Am I
supposed to fear you or something, kiddo? Non coding little fucktard, I
fear nothing. Instead of telling people to fuck off, fucktard, you
should try answering their questions. It certainly doesn't help your
credibility you dumb shit. I can't decide if dumb shit or fucktard
suits you better. Keep posting, I'll figure it out. :)

Where's your big bad trolling friends now you halfwit? Heh... Lurking,
saving face? Bring it, motherfuckers, bring it. - Dope :)
Regards,
Dustin Cook
(That's Raid you Relic bitch)
http://bughunter.atspace.org

Nov 4 '05 #35

P: n/a
Dustin Cook wrote:
James Egan wrote:
You can pick it up easily enough from regedit help which tells you
the locations of the registry hive files. Editing with (bartpe)
regedit is simply a matter of selecting one of the files and loading
it to a temporary name of your choice. Edit using regedit in the
normal way to make the changes and unmount it simply by clicking on
File->Unload_Hive.


I'm beginning to think after reading/responding to the posts in the
last few days, The people have only gotten dumber since I retired;
certainly not wiser. Dumb and mouthy...Stupid is as stupid does as
they say. They don't read before hitting post, they don't check
"help" at all, They don't do any background checking before they
claim you don't know this or that. They are helplessly stupid
individuals.

While your self-analysis is spot-on, don't be so hard on yourself.

Er... on second thought, with all that self-loathing, why don't you just go
neck yourself?
Nov 4 '05 #36

P: n/a

Damian wrote:
While your self-analysis is spot-on, don't be so hard on yourself.


Your trolling skills are wearing a bit thin. If you go too much lower,
I'll need my nephew. He's 5. He would know more about rubber/glue crap
then I remember. Seems his skills and yours are about the same tho. I'm
not sure, I think he might outsmart ya. :)

Regards,
Dustin Cook
http://bughunter.atspace.org

Nov 4 '05 #37

P: n/a

Sony Music CDs install Malware wrote:
Dustin is Wrong 1. That's not 'easy' removal DustinThat's skilled removal by
someone who knows the system and registry very well as well as some of the
tools that are available.
Another poster already pointed out the sheer ease in which someone
could remove the sony material. I appreciate the compliments tho. I
don't share the concept. I don't believe what I layed out is only for
those who are skilled. If you think that's skill, then I'm sorry for
you.
Dustin is Wrong 2. And it is an infestation if special tools are needed for
a removal. A while-the-system-is running Reg key delete and file delete is
simple removal .. what you are describing is not .. what you are describing
is removing a diseased infection.


Nobody in alt.comp.virus would agree with that. You need to learn what
infection is.

Regards,
Dustin Cook
http://bughunter.atspace.org

Nov 4 '05 #38

P: n/a
Art
On 4 Nov 2005 09:48:37 -0800, "Dustin Cook"
<bu**************@gmail.com> wrote:
I thought it was the lack of a uninstall that was the big issue. Has
that been fixed? If a typical consumer/user is faced with having to
pay a expensive repair bill to have (possibly buggy) sw removed from
his PC, I'd say it's a big deal indeed.


Not the uninstall per say, just the fact the program makes an active
effort to conseal some of it's files it needs. Of course, Sony didn't
tell anybody they intended to install this wonderful little program.
That probably irked most users.


I see Sony has offered a remover:

http://cp.sonybmg.com/xcp/english/updates.html

The other concern I've seen has been the security vulnerability
issue, which Sony, of course, disclaims. Also, I have no idea how real
or valid this might be, but the fear is that if a user is hit with
another root kit the resulting low level conflicts will render the PC
unuseable. If this is true, it would seem we're heading for eventual
legislation banning so-called cloaking technology.

Art

http://home.epix.net/~artnpeg

Nov 4 '05 #39

P: n/a

Art wrote:
I see Sony has offered a remover:

http://cp.sonybmg.com/xcp/english/updates.html

The other concern I've seen has been the security vulnerability
issue, which Sony, of course, disclaims. Also, I have no idea how real
or valid this might be, but the fear is that if a user is hit with
another root kit the resulting low level conflicts will render the PC
unuseable. If this is true, it would seem we're heading for eventual
legislation banning so-called cloaking technology.


Yes. That's what bothers me. the cloaking technology per say isn't bad.
What happens if I'm using a modified copy of VNC, and It doesn't appear
in task manager? This "rootkit" nonsense would make it illegal.

Art, refresh my memory if you don't mind. Didn't we used to call
applications that hid their presence, stealth? When did this rootkit
terminology replace that?

Regards,
Dustin Cook
http://bughunter.atspace.org

Nov 4 '05 #40

P: n/a
Art
On 4 Nov 2005 14:36:25 -0800, "Dustin Cook"
<bu**************@gmail.com> wrote:
I see Sony has offered a remover:

http://cp.sonybmg.com/xcp/english/updates.html

The other concern I've seen has been the security vulnerability
issue, which Sony, of course, disclaims. Also, I have no idea how real
or valid this might be, but the fear is that if a user is hit with
another root kit the resulting low level conflicts will render the PC
unuseable. If this is true, it would seem we're heading for eventual
legislation banning so-called cloaking technology.


Yes. That's what bothers me. the cloaking technology per say isn't bad.
What happens if I'm using a modified copy of VNC, and It doesn't appear
in task manager? This "rootkit" nonsense would make it illegal.

Art, refresh my memory if you don't mind. Didn't we used to call
applications that hid their presence, stealth? When did this rootkit
terminology replace that?


I don't think stealth has been replaced by root kit and cloacking. The
old stealth viruses are still stealth viruses, for example. I suppose
one might consider root kits as a subset of stealth malware just as
some view worms as a subset of viruses. But that's just my impression.
I don't recall seeing a terminolgy discussion/debate on that subject
here.

Art

http://home.epix.net/~artnpeg

Nov 4 '05 #41

P: n/a
Dustin Cook, <bu**************@gmail.com>, the suppositional, deviant
floorwalker, and puppeteer/marionetteer, threatened:
Callin me a liar,
tellin me I don't know shit about viruses. I've written many, I would
think I know a fucking thing or two about them. Whats the name of any
you've written, you dumb shit?


Your reference number for all correspondence relating to this crime is
EAQ\E2441105. Please use this number in all future communications.

https://www.ifccfbi.gov/complaint/cf4.asp

"The Internet Crime Complaint Center (IC3) is a partnership between the
Federal Bureau of Investigation (FBI) and the National White Collar Crime
Center (NW3C).

IC3's mission is to serve as a vehicle to receive, develop, and refer
criminal complaints regarding the rapidly expanding arena of cyber crime.
The IC3 gives the victims of cyber crime a convenient and easy-to-use
reporting mechanism that alerts authorities of suspected criminal or civil
violations. For law enforcement and regulatory agencies at the federal,
state, and local level, IC3 provides a central referral mechanism for
complaints involving Internet related crimes."

File a Complaint:

Please read the following paragraphs:

The information I've provided on this form is correct to the best of
my knowledge.

I understand that providing false information could make me subject
to fine, imprisonment, or both. (Section 1001, Title 18, U.S. Code.)

The Internet Fraud Complaint Center (IFCC) is co-sponsored by the
Federal Bureau of Investigation (FBI) and the National White Collar Crime
Center (NW3C). Complaints filed via this web site are processed and may be
referred to law enforcement/regulatory agencies for possible investigation.
Any investigation opened on complaints filed on this web site is opened at
the discretion of the law enforcement/regulatory agency receiving the
complaint information.

Filing a complaint with IFCC in no way serves as notification to
your credit card company that you are disputing unauthorized charges placed
on your card or that your credit card number may have been compromised.
Please contact your credit card company directly to notify them of your
specific concerns.

So on and so forth...

--
DISCLAIMER: The content does not reflect the thoughts or opinions of either
my ISP, myself, my company or employer, my friends (if any,) my goldfish or
my neighbour's mad dog; don't quote me on that; don't quote me on anything;
all rights reserved; the post is distribution copyrighted to the extent that
you may distribute the post and all its associated parts freely but you may
not make a profit from it or include the post in commercial publications
without written permission from the Prime Minister of Hutt Province; other
copyright laws for specific posts apply wherever noted or not noted, either
deliberately, negligently, or otherwise; posts are subject to change without
notice; posts are slightly enlarged to show detail; any resemblance to
actual persons, living or dead, is unintentional and purely coincidental;
hand wash only, tumble dry on low heat; do not bend, fold, mutilate, or
spindle; do not pass go; do not collect $200; your mileage may vary; no
substitutions allowed; for a limited time only; the post is void where
prohibited, taxed, or otherwise restricted; the post is provided "as is"
without any warranties expressed or implied; user assumes full liabilities;
not liable for damages due to use or misuse; an equal opportunity abuse
employer; no shoes, no shirt; quantities are limited while supplies last; if
defects are discovered, do not attempt to fix them yourself but return to an
authorised post service centre; caveat emptor; read at your own risk;
parental advisory - explicit words; text may contain material some readers
may find objectionable, parental guidance is advised; not suitable for
children; not suitable for adults; not for human consumption; keep away from
sunlight, pets and small children; limit one-per-family; no money down; no
purchase necessary; to approved purchasers only; facsimiles are acceptable
in South Australia; you need not be present to read this post; some assembly
required; batteries not included; action figures sold separately; no
preservatives added; tools not included; safety goggles may be required
during use; sealed for your protection, do not use if the safety seal is
broken; call before you dig; for external use only; if a rash, redness,
irritation or swelling develops, discontinue use; use only with proper
ventilation; avoid extreme temperatures and store in a cool, dry place; keep
away from open flames, naked flames and old flames; avoid inhaling fumes;
avoid contact with mucous membranes; do not puncture, incinerate, or store
above 60 degrees Centigrade; do not place near flammable or magnetic source;
smoking the post may be hazardous to your health; the best safeguard, second
only to abstinence, is the use of a good laugh; text used on the post is
made from 100% recycled electrons and magnetic particles; no animals were
used to test the hilarity of this post other than Synapse Syndrome; no salt,
MSG, artificial colour or flavour added; may contain traces of replies to
peanuts; if ingested, do not induce vomiting, if symptoms persist, consult
your humourologist; post is ribbed for your pleasure; slippery when wet;
must be 18 to read; possible penalties for early withdrawal; post offer
valid only in participating newsgroups; slightly higher in South Australia;
allow four to six weeks for delivery; damage from hurricane, lightning,
tornado, tsunami, volcanic eruption, earthquake, flood, orgasm, misuse,
self-abuse, neglect, unauthorised repair, damage from improper installation,
broken antenna, marred cabinet, incorrect line voltage, missing or altered
serial numbers, sonic boom vibrations, electromagnetic radiation from
nuclear blasts or other Acts of God are not covered; incidents owing to
aeroplane crash, ship sinking, motor vehicle accidents, leaky roof, broken
glass, falling rocks, mud slides, forest fire, flying projectiles or
dropping the item are also excluded; other restrictions may apply. If
something offends you, lighten up, get a life, and move on. All conditions
apply. Not available in all stores. Facts have been changed to protect the
guilty.

Dsptdaxdztibhapardb,dvbpktittvdrdzyphbabvtidkpdrda cdvd.Enbkdrgxdrbpbvg
Nddiuiisoplixwkswpfnpyntrxrxhicxcxrikcxcxwkspxnhhi ncfkp.Khwkwiwtxurxdp
Nov 4 '05 #42

P: n/a
Kadaitcha Man wrote:
Dustin Cook, <bu**************@gmail.com>, the suppositional, deviant
floorwalker, and puppeteer/marionetteer, threatened:
Callin me a liar,
tellin me I don't know shit about viruses. I've written many, I would
think I know a fucking thing or two about them. Whats the name of any
you've written, you dumb shit?


Your reference number for all correspondence relating to this crime is
EAQ\E2441105. Please use this number in all future communications.

https://www.ifccfbi.gov/complaint/cf4.asp

"The Internet Crime Complaint Center (IC3) is a partnership between
the Federal Bureau of Investigation (FBI) and the National White
Collar Crime Center (NW3C).

IC3's mission is to serve as a vehicle to receive, develop, and refer
criminal complaints regarding the rapidly expanding arena of cyber
crime. The IC3 gives the victims of cyber crime a convenient and
easy-to-use reporting mechanism that alerts authorities of suspected
criminal or civil violations. For law enforcement and regulatory
agencies at the federal, state, and local level, IC3 provides a
central referral mechanism for complaints involving Internet related
crimes."

File a Complaint:

Please read the following paragraphs:

The information I've provided on this form is correct to the
best of my knowledge.

I understand that providing *false information* could make
me subject to fine, imprisonment, or both. (Section 1001, Title 18,
U.S. Code.)

Looks like they'll get him on that.

--
Come to us with a problem only if you want help solving it.
That's what we do. Sympathy is what your girlfriends are for.
Nov 4 '05 #43

P: n/a
relic, <co********@relic211.cjb.net>, the cack-handed, repugnant bull, and
puppeteer/marionetteer, bitched:
Kadaitcha Man wrote:
Dustin Cook, <bu**************@gmail.com>, the suppositional, deviant
floorwalker, and puppeteer/marionetteer, threatened:
Callin me a liar,
tellin me I don't know shit about viruses. I've written many, I
would think I know a fucking thing or two about them. Whats the
name of any you've written, you dumb shit?


Your reference number for all correspondence relating to this crime
is EAQ\E2441105. Please use this number in all future communications.

https://www.ifccfbi.gov/complaint/cf4.asp

"The Internet Crime Complaint Center (IC3) is a partnership between
the Federal Bureau of Investigation (FBI) and the National White
Collar Crime Center (NW3C).

IC3's mission is to serve as a vehicle to receive, develop, and refer
criminal complaints regarding the rapidly expanding arena of cyber
crime. The IC3 gives the victims of cyber crime a convenient and
easy-to-use reporting mechanism that alerts authorities of suspected
criminal or civil violations. For law enforcement and regulatory
agencies at the federal, state, and local level, IC3 provides a
central referral mechanism for complaints involving Internet related
crimes."

File a Complaint:

Please read the following paragraphs:

The information I've provided on this form is correct to the
best of my knowledge.

I understand that providing *false information* could make
me subject to fine, imprisonment, or both. (Section 1001, Title 18,
U.S. Code.)

Looks like they'll get him on that.


It's worse for him than that. Someone whose word I have no reason to doubt
furnished irrefutable evidence that he's also a spammer.

--
DISCLAIMER: The content does not reflect the thoughts or opinions of either
my ISP, myself, my company or employer, my friends (if any,) my goldfish or
my neighbour's mad dog; don't quote me on that; don't quote me on anything;
all rights reserved; the post is distribution copyrighted to the extent that
you may distribute the post and all its associated parts freely but you may
not make a profit from it or include the post in commercial publications
without written permission from the Prime Minister of Hutt Province; other
copyright laws for specific posts apply wherever noted or not noted, either
deliberately, negligently, or otherwise; posts are subject to change without
notice; posts are slightly enlarged to show detail; any resemblance to
actual persons, living or dead, is unintentional and purely coincidental;
hand wash only, tumble dry on low heat; do not bend, fold, mutilate, or
spindle; do not pass go; do not collect $200; your mileage may vary; no
substitutions allowed; for a limited time only; the post is void where
prohibited, taxed, or otherwise restricted; the post is provided "as is"
without any warranties expressed or implied; user assumes full liabilities;
not liable for damages due to use or misuse; an equal opportunity abuse
employer; no shoes, no shirt; quantities are limited while supplies last; if
defects are discovered, do not attempt to fix them yourself but return to an
authorised post service centre; caveat emptor; read at your own risk;
parental advisory - explicit words; text may contain material some readers
may find objectionable, parental guidance is advised; not suitable for
children; not suitable for adults; not for human consumption; keep away from
sunlight, pets and small children; limit one-per-family; no money down; no
purchase necessary; to approved purchasers only; facsimiles are acceptable
in South Australia; you need not be present to read this post; some assembly
required; batteries not included; action figures sold separately; no
preservatives added; tools not included; safety goggles may be required
during use; sealed for your protection, do not use if the safety seal is
broken; call before you dig; for external use only; if a rash, redness,
irritation or swelling develops, discontinue use; use only with proper
ventilation; avoid extreme temperatures and store in a cool, dry place; keep
away from open flames, naked flames and old flames; avoid inhaling fumes;
avoid contact with mucous membranes; do not puncture, incinerate, or store
above 60 degrees Centigrade; do not place near flammable or magnetic source;
smoking the post may be hazardous to your health; the best safeguard, second
only to abstinence, is the use of a good laugh; text used on the post is
made from 100% recycled electrons and magnetic particles; no animals were
used to test the hilarity of this post other than Synapse Syndrome; no salt,
MSG, artificial colour or flavour added; may contain traces of replies to
peanuts; if ingested, do not induce vomiting, if symptoms persist, consult
your humourologist; post is ribbed for your pleasure; slippery when wet;
must be 18 to read; possible penalties for early withdrawal; post offer
valid only in participating newsgroups; slightly higher in South Australia;
allow four to six weeks for delivery; damage from hurricane, lightning,
tornado, tsunami, volcanic eruption, earthquake, flood, orgasm, misuse,
self-abuse, neglect, unauthorised repair, damage from improper installation,
broken antenna, marred cabinet, incorrect line voltage, missing or altered
serial numbers, sonic boom vibrations, electromagnetic radiation from
nuclear blasts or other Acts of God are not covered; incidents owing to
aeroplane crash, ship sinking, motor vehicle accidents, leaky roof, broken
glass, falling rocks, mud slides, forest fire, flying projectiles or
dropping the item are also excluded; other restrictions may apply. If
something offends you, lighten up, get a life, and move on. All conditions
apply. Not available in all stores. Facts have been changed to protect the
guilty.

Hpnbmhponenb,hmvhnp,cbchumvtmrcbmhvcmcoxombmvjcvh.

Hvjvhhmmsmhumvfw
Kycjlxxkyfykbniynxgiuzklbctyzuxdnxb,bjigbniuxfxg.S xnuxcplggxkbfxgltdyf
Nov 4 '05 #44

P: n/a
Kadaitcha Man wrote:
relic, <co********@relic211.cjb.net>, the cack-handed, repugnant
bull, and puppeteer/marionetteer, bitched:
Kadaitcha Man wrote:
Dustin Cook, <bu**************@gmail.com>, the suppositional,
deviant floorwalker, and puppeteer/marionetteer, threatened:

Callin me a liar,
tellin me I don't know shit about viruses. I've written many, I
would think I know a fucking thing or two about them. Whats the
name of any you've written, you dumb shit?

Your reference number for all correspondence relating to this crime
is EAQ\E2441105. Please use this number in all future
communications.

https://www.ifccfbi.gov/complaint/cf4.asp

"The Internet Crime Complaint Center (IC3) is a partnership between
the Federal Bureau of Investigation (FBI) and the National White
Collar Crime Center (NW3C).

IC3's mission is to serve as a vehicle to receive, develop, and
refer criminal complaints regarding the rapidly expanding arena of
cyber crime. The IC3 gives the victims of cyber crime a convenient
and easy-to-use reporting mechanism that alerts authorities of
suspected criminal or civil violations. For law enforcement and
regulatory agencies at the federal, state, and local level, IC3
provides a central referral mechanism for complaints involving
Internet related crimes."

File a Complaint:

Please read the following paragraphs:

The information I've provided on this form is correct to the
best of my knowledge.

I understand that providing *false information* could make
me subject to fine, imprisonment, or both. (Section 1001, Title 18,
U.S. Code.)

Looks like they'll get him on that.


It's worse for him than that. Someone whose word I have no reason to
doubt furnished irrefutable evidence that he's also a spammer.


Well I'll be... even though I knew he was lying about his "famed" past
exploits, I didn't think him intelligent enough to send spam. At least not
without using his real mail address.

--
Come to us with a problem only if you want help solving it.
That's what we do. Sympathy is what your girlfriends are for.
Nov 5 '05 #45

P: n/a
relic, <co********@relic211.cjb.net>, the shamefaced, battered hagfish, and
employee in charge of emptying cesspools, effused:
Kadaitcha Man wrote:
relic, <co********@relic211.cjb.net>, the cack-handed, repugnant
bull, and puppeteer/marionetteer, bitched:
Kadaitcha Man wrote:
Dustin Cook, <bu**************@gmail.com>, the suppositional,
deviant floorwalker, and puppeteer/marionetteer, threatened:

> Callin me a liar,
> tellin me I don't know shit about viruses. I've written many, I
> would think I know a fucking thing or two about them. Whats the
> name of any you've written, you dumb shit?

Your reference number for all correspondence relating to this crime
is EAQ\E2441105. Please use this number in all future
communications.

https://www.ifccfbi.gov/complaint/cf4.asp

"The Internet Crime Complaint Center (IC3) is a partnership between
the Federal Bureau of Investigation (FBI) and the National White
Collar Crime Center (NW3C).

IC3's mission is to serve as a vehicle to receive, develop, and
refer criminal complaints regarding the rapidly expanding arena of
cyber crime. The IC3 gives the victims of cyber crime a convenient
and easy-to-use reporting mechanism that alerts authorities of
suspected criminal or civil violations. For law enforcement and
regulatory agencies at the federal, state, and local level, IC3
provides a central referral mechanism for complaints involving
Internet related crimes."

File a Complaint:

Please read the following paragraphs:

The information I've provided on this form is correct to the
best of my knowledge.

I understand that providing *false information* could make
me subject to fine, imprisonment, or both. (Section 1001, Title
18, U.S. Code.)
Looks like they'll get him on that.
It's worse for him than that. Someone whose word I have no reason to
doubt furnished irrefutable evidence that he's also a spammer.


Well I'll be... even though I knew he was lying about his "famed" past


I can point you to irrefutable proof of his lies. I will mail you in a few
moments.
exploits, I didn't think him intelligent enough to send spam. At
least not without using his real mail address.


--
DISCLAIMER: The content does not reflect the thoughts or opinions of either
my ISP, myself, my company or employer, my friends (if any,) my goldfish or
my neighbour's mad dog; don't quote me on that; don't quote me on anything;
all rights reserved; the post is distribution copyrighted to the extent that
you may distribute the post and all its associated parts freely but you may
not make a profit from it or include the post in commercial publications
without written permission from the Prime Minister of Hutt Province; other
copyright laws for specific posts apply wherever noted or not noted, either
deliberately, negligently, or otherwise; posts are subject to change without
notice; posts are slightly enlarged to show detail; any resemblance to
actual persons, living or dead, is unintentional and purely coincidental;
hand wash only, tumble dry on low heat; do not bend, fold, mutilate, or
spindle; do not pass go; do not collect $200; your mileage may vary; no
substitutions allowed; for a limited time only; the post is void where
prohibited, taxed, or otherwise restricted; the post is provided "as is"
without any warranties expressed or implied; user assumes full liabilities;
not liable for damages due to use or misuse; an equal opportunity abuse
employer; no shoes, no shirt; quantities are limited while supplies last; if
defects are discovered, do not attempt to fix them yourself but return to an
authorised post service centre; caveat emptor; read at your own risk;
parental advisory - explicit words; text may contain material some readers
may find objectionable, parental guidance is advised; not suitable for
children; not suitable for adults; not for human consumption; keep away from
sunlight, pets and small children; limit one-per-family; no money down; no
purchase necessary; to approved purchasers only; facsimiles are acceptable
in South Australia; you need not be present to read this post; some assembly
required; batteries not included; action figures sold separately; no
preservatives added; tools not included; safety goggles may be required
during use; sealed for your protection, do not use if the safety seal is
broken; call before you dig; for external use only; if a rash, redness,
irritation or swelling develops, discontinue use; use only with proper
ventilation; avoid extreme temperatures and store in a cool, dry place; keep
away from open flames, naked flames and old flames; avoid inhaling fumes;
avoid contact with mucous membranes; do not puncture, incinerate, or store
above 60 degrees Centigrade; do not place near flammable or magnetic source;
smoking the post may be hazardous to your health; the best safeguard, second
only to abstinence, is the use of a good laugh; text used on the post is
made from 100% recycled electrons and magnetic particles; no animals were
used to test the hilarity of this post other than Synapse Syndrome; no salt,
MSG, artificial colour or flavour added; may contain traces of replies to
peanuts; if ingested, do not induce vomiting, if symptoms persist, consult
your humourologist; post is ribbed for your pleasure; slippery when wet;
must be 18 to read; possible penalties for early withdrawal; post offer
valid only in participating newsgroups; slightly higher in South Australia;
allow four to six weeks for delivery; damage from hurricane, lightning,
tornado, tsunami, volcanic eruption, earthquake, flood, orgasm, misuse,
self-abuse, neglect, unauthorised repair, damage from improper installation,
broken antenna, marred cabinet, incorrect line voltage, missing or altered
serial numbers, sonic boom vibrations, electromagnetic radiation from
nuclear blasts or other Acts of God are not covered; incidents owing to
aeroplane crash, ship sinking, motor vehicle accidents, leaky roof, broken
glass, falling rocks, mud slides, forest fire, flying projectiles or
dropping the item are also excluded; other restrictions may apply. If
something offends you, lighten up, get a life, and move on. All conditions
apply. Not available in all stores. Facts have been changed to protect the
guilty.

Osfsfcstfsdqswaxvsadqadtinwcsfwanxrsaxvfsqstqftdtf sd.Wnacqaudtukseqwts
Yleqtuyxizyceqviz,oqmxzycxdtuxicxbxzxvucbyauleuc.Q qctuxyzvq,yaxzyvcqzx
Nov 5 '05 #46

P: n/a
Kadaitcha Man wrote:
relic, <co********@relic211.cjb.net>, the shamefaced, battered
hagfish, and employee in charge of emptying cesspools, effused:
Kadaitcha Man wrote:
relic, <co********@relic211.cjb.net>, the cack-handed, repugnant
bull, and puppeteer/marionetteer, bitched:
Kadaitcha Man wrote:
> Dustin Cook, <bu**************@gmail.com>, the suppositional,
> deviant floorwalker, and puppeteer/marionetteer, threatened:
>
>> Callin me a liar,
>> tellin me I don't know shit about viruses. I've written many, I
>> would think I know a fucking thing or two about them. Whats the
>> name of any you've written, you dumb shit?
>
> Your reference number for all correspondence relating to this
> crime is EAQ\E2441105. Please use this number in all future
> communications.
>
> https://www.ifccfbi.gov/complaint/cf4.asp
>
> "The Internet Crime Complaint Center (IC3) is a partnership
> between the Federal Bureau of Investigation (FBI) and the
> National White Collar Crime Center (NW3C).
>
> IC3's mission is to serve as a vehicle to receive, develop, and
> refer criminal complaints regarding the rapidly expanding arena of
> cyber crime. The IC3 gives the victims of cyber crime a convenient
> and easy-to-use reporting mechanism that alerts authorities of
> suspected criminal or civil violations. For law enforcement and
> regulatory agencies at the federal, state, and local level, IC3
> provides a central referral mechanism for complaints involving
> Internet related crimes."
>
> File a Complaint:
>
> Please read the following paragraphs:
>
> The information I've provided on this form is correct to
> the best of my knowledge.
>
> I understand that providing *false information* could make
> me subject to fine, imprisonment, or both. (Section 1001, Title
> 18, U.S. Code.)
Looks like they'll get him on that.

It's worse for him than that. Someone whose word I have no reason to
doubt furnished irrefutable evidence that he's also a spammer.


Well I'll be... even though I knew he was lying about his "famed"
past


I can point you to irrefutable proof of his lies. I will mail you in
a few moments.


Ta.
He had to serve his apprenticeship with someone like the butthead. He
certainly leaves himself wide open.

--
Come to us with a problem only if you want help solving it.
That's what we do. Sympathy is what your girlfriends are for.
Nov 5 '05 #47

P: n/a
On Fri, 04 Nov 2005 22:30:15 GMT, Art <nu**@zilch.com> wrote:
On 4 Nov 2005 09:48:37 -0800, "Dustin Cook"
<bu**************@gmail.com> wrote:
I thought it was the lack of a uninstall that was the big issue. Has
that been fixed? If a typical consumer/user is faced with having to
pay a expensive repair bill to have (possibly buggy) sw removed from
his PC, I'd say it's a big deal indeed.


Not the uninstall per say, just the fact the program makes an active
effort to conseal some of it's files it needs. Of course, Sony didn't
tell anybody they intended to install this wonderful little program.
That probably irked most users.


I see Sony has offered a remover:

http://cp.sonybmg.com/xcp/english/updates.html

The other concern I've seen has been the security vulnerability
issue, which Sony, of course, disclaims. Also, I have no idea how real
or valid this might be, but the fear is that if a user is hit with
another root kit the resulting low level conflicts will render the PC
unuseable. If this is true, it would seem we're heading for eventual
legislation banning so-called cloaking technology.


Art; what Sony/BMG is offering is not an uninstaller... It's a
de-cloaker. The patch removes the rootkit driver but leaves the DRM
software behind.

Read Mark Russinovich latest blog entry for full details.

<http://www.sysinternals.com/blog/2005/11/more-on-sony-dangerous-decloaking.html>

Cheers-

Jeff Setaro
jasetaro@SPAM_ME_NOT_mags.net
http://people.mags.net/jasetaro/
PGP Key IDs DH/DSS: 0x5D41429D RSA: 0x599D2A99 New RSA: 0xA19EBD34
Nov 5 '05 #48

P: n/a
Art
On Fri, 04 Nov 2005 19:13:42 -0500, Jeffrey A. Setaro
<jasetaro@SPAM_ME_NOT_mags.net> wrote:
I see Sony has offered a remover:
http://cp.sonybmg.com/xcp/english/updates.html
Art; what Sony/BMG is offering is not an uninstaller... It's a
de-cloaker. The patch removes the rootkit driver but leaves the DRM
software behind.
You're right. Terminology twist. I was thinking of the "uninstall" of
the cloaking portion.
Read Mark Russinovich latest blog entry for full details.

<http://www.sysinternals.com/blog/2005/11/more-on-sony-dangerous-decloaking.html>


Art

http://home.epix.net/~artnpeg

Nov 5 '05 #49

P: n/a
on Sat, 05 Nov 2005 00:24:25 GMT, Art <nu**@zilch.com> wrote this wisdom:
On Fri, 04 Nov 2005 19:13:42 -0500, Jeffrey A. Setaro
<jasetaro@SPAM_ME_NOT_mags.net> wrote:
I see Sony has offered a remover:
http://cp.sonybmg.com/xcp/english/updates.html
Art; what Sony/BMG is offering is not an uninstaller... It's a
de-cloaker. The patch removes the rootkit driver but leaves the DRM
software behind.


And you would be willing to install MORE software that SAYS it will decloak the
old software?

What if this program simply replaced the old software with something even worse?

Are YOU going to trust SONY after the mess they made first time?

I think not ...
You're right. Terminology twist. I was thinking of the "uninstall" of
the cloaking portion.
Read Mark Russinovich latest blog entry for full details.

<http://www.sysinternals.com/blog/2005/11/more-on-sony-dangerous-decloaking.html>


Art

http://home.epix.net/~artnpeg


--
Simon.

'Be Seeing You.
Who is number one?
I will not be pushed, filed, stamped, indexed, briefed, de-briefed or numbered.
Registered Linux User #300464 Machine Id #188886
Linux Counter - http://counter.li.org/
Remove the s.p.a.m to reply
Nov 5 '05 #50

87 Replies

This discussion thread is closed

Replies have been disabled for this discussion.