ntang (ntang) wrote,

  • Mood:
  • Music:

Sony/BMG Music Rootkit

If you run Windows and have purchased any copy-protected Sony/BMG cd's, you may have a rootkit installed.

Long story short: it's a piece of software that hides itself from you, makes unauthorized access to the Sony site, and stays resident in memory where it takes up RAM and CPU cycles. And that's the good news. :P

You can read all about it here:

To see if you're running it, download, unzip, and run RootkitRevealer:

If you see any entries with text like aries.sys, crater.sys, $sys$aries, $sys$crater, $sys$cor, you've been compromised. The good news is you can stop it from running by going to Start -> Run and typing "sc delete $sys$aries", which will remove the driver from the Registry so it won't be loaded when you boot your machine anymore; at this point you can safely delete the files (if you want). But don't take my word for it, read the articles I mentioned above.

  • Where I am nowadays

    I haven't updated this in a million years... in case you're wondering why, it's because I've mostly moved on to other places. You can find my…

  • DSL

    I've been a loyal Megapath customer for years. (Something like 8 or 10, crazy, in that range...) They've had great service (and a great service -…

  • MySQL failover

    So we're running some MySQL at work, which is a little unusual for us, but is probably long overdue. (Specifically, it's for some Wordpress…

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 1 comment