| reply to K McAleavey
Re: Handyperson's guide to removal of SONY ROOTKIT! It has recently come to our attention that some individuals and companies are offering various instructions and tools to uninstall the XCP content protection software from computers. Please be advised that we have already made available a proper uninstaller at »cp.sonybmg.com/xcp/english/updates.html. This is the only safe and secure method for removing the protection components of which SONY BMG is aware. SONY BMG assumes no responsibility for use of any other uninstaller tool or instructions.
For any questions about XCP content protection software used on SONY BMG discs please go to »cp.sonybmg.com/xcp/english/home.html.
Thank you.
SONY BMG |
|
| Re: Handyperson's guide to removal of SONY ROOTKIT That's a gutsy post! It has *recently* come to your attention?
Woof! I would not want to be in your damage control shoes, but good luck to you.
Does this one actually work without creating more security vulnerabilities?
--
It takes a disaster to make a woman out of a female
Microsoft MVP/Windows Security 2003-2006
Proud Member of ASAP (Alliance of Security Analysis Professionals) |
|
 jbobReach Out and Touch SomeonePremium
join:2004-04-26
Little Rock, AR | reply to sonybmg
And from recent events I don't think many people would want anything from Sony/BMG on or near their computers.
So you are accepting responsiblity for the other uninstallers that Sony/BMG has put out that caused even more issues?
This has to be a troll post! |
|
| said by jbob:This has to be a troll post! No, I think it is really a *Sony* post, but I would be surprised if he posts a reply to our questions really. It sounds pretty canned and not very informative or interactive...as in *damage control*
We've been out here for weeks with no solution other than those that we have been able to come up with (no thanks to Sony)
Has someone tested this tool put out by Sony that they recently concocted?
--
It takes a disaster to make a woman out of a female
Microsoft MVP/Windows Security 2003-2006
Proud Member of ASAP (Alliance of Security Analysis Professionals) |
|
davePremium,MVM
join:2000-05-04
not in ohio
kudos:7 Reviews:
 ·Verizon FiOS
 ·Verizon Online DSL
| reply to sonybmg
said by sonybmg:This is the only safe and secure method for removing the protection components of which SONY BMG is aware. Ah, it was implemented by the same engineering team that built your other uninstallers, then? Checked out by the same QA team?
I'm sure we're all filled with confidence that it's "safe and secure", since it's got the trustworthy Sony BMG seal of approval! |
|
 catseyenuAck PfftPremium
join:2001-11-17
Fix East | reply to sonybmg
Keep him covered boys while I go get a rope... |
|
 EGeezerSummertimePremium
join:2002-08-04
Midwest
kudos:7
 ·Callcentric
| reply to sonybmg
Until I see proof positive from recognised independent sources that the newest remover works to my satisfaction, I'll just stick with their recommendations.
Also, with no EULA posted on the provided link, I have no idea what that I'm agreeing to with that uninstaller until I've opened that untrusted zip file. that's too late for me. If there is a EULA for the uninstaller, please provide it. If you have no helpful answer, I consider this a troll post.
--
In Memoriam -NRK 1 FEB 1918 - 6 NOV 2005B-17 pilot -50 missions over Europe and North Africa - 347th Squadron, 99th Bomb Group - Husband, Father, Grandfather, Great Grandfather, friend --- A knight and gentleman gone to peace |
|
1 edit | reply to sonybmg
said by sonybmg:It has recently come to our attention that some individuals and companies are offering various instructions and tools to uninstall the XCP content protection software from computers. Please be advised that we have already made available a proper uninstaller at » cp.sonybmg.com/xcp/english/updates.html. This is the only safe and secure method for removing the protection components [|] of which SONY BMG is aware. SONY BMG assumes no responsibility for use of any other uninstaller tool or instructions. For any questions about XCP content protection software used on SONY BMG discs please go to » cp.sonybmg.com/xcp/english/home.html. Thank you. SONY BMG [Emphasis and [|] added]
Just what do they really mean by "of which SONY BMG is aware"? What part of the sentence is it modifying?
1) Sony is aware that people will have liquids in their mouths while reading their above post.
2) Sony is also aware that damage to electronic equipment, work product papers, other valuable property, and nasal tissue, can, and will be caused by liquids expelled under pressure from such post readers mouths, and noses... 
Assuming this most ridiculous "assistance" flows from Sony, of course.....
[edit: clarity, after wiping down monitor]
--
How to Secure (and Keep Secure) My (New) Computer(s): A Layered Approach |
|
|
|
Reviews:
·Verizon Online DSL
| reply to sonybmg
Based upon your challenge to *MY* honor with your post, I made it a point to test and examine your claim as to this "removal tool's functionality" and as a result, I am *compelled* by your comments to reply. I am greatly dishonored. 
We took a pristine "lab rat" and installed the Van Zant album, "Get right with the man" once again. After installation was completed, we then applied the "complete removal" tool liked to in YOUR reply. And, after applying our own internal BOClean monitoring lab tools, we then followed the instructions to reboot.
IMMEDIATELY upon a reboot, after your "program" had completed its "removal" of the rootkit (we did not bother to opt for "removal of the cloaking" but rather opted for COMPLETE removal as claimed) BOClean INSTANTLY detected the existence of "SONYXCP" TROJAN (CDPROXYSERV.EXE) as SOON as the machine was rebooted, purportedly following COMPLETE removal. Repeated second detection occurred, whereupon it was removed.
*ALL* of the other files detected by BOClean remained, as well as ALL of the registry entries described in my written "Handyperson's guide to removal of SONY rootkit" REMAIN valid, and the alleged "removal" program offered by SONY/BMG is an absolute *LIE* ... your "removal tool" *FAILS* to remove the offending trojan.
For those who have our software, the reality remains that any claims that the official SONY removal tool is preferable to the use of BOClean or the manual removal steps we outlined, PARTICULARLY our insistence that if you are uncomfortable with registry editing, to LEAVE the "$sys$crater" and "$sys$cor" entries alone as they have no meaning unless your rootkit remains functional are *BOGUS* with respect to this so-called "removal tool."
It DOES NOT remove your rootkit, in fact it leaves it *COMPLETELY* operable.
BOClean HAS (since the summer of 2004) defeated this madness and defecation on people's computers. We are not ABOUT to remove detection and defeating of your trojan, particularly after this "dishonor" to my former employer's spirit.
PERMISSION GRANTED to post this to other sites regarding this nonsense.
--
Kevin McAleavey support@nsclean.com (Makers of BOClean - BOClean means never having to do an HJT log again)»www.nsclean.com |
|
4 edits | reply to sonybmg
Re: Handyperson's guide to removal of SONY ROOTKIT! said by sonybmg:Please be advised that we have already made available a proper uninstaller at » cp.sonybmg.com/xcp/english/updates.html. This is the only safe and secure method for removing the protection components of which SONY BMG is aware. Hey, thanks!
Everybody has had a field day with Sony BMG's handling of this issue but, of course, it's very reassuring to know that you are the only ones to provide a guaranteed cure for your infection.
We might as well ask the Sober guys for an AV signature for their product. It'd most surely be the most "safe and secure method".
Thanks a lot, but I've stopped buying Sony BMG's CDs, and so are my relatives, friends, neighbours and everybody I know who is interested in music. Some of them even say it's safer to download music from P2P than buying one of your CDs, what do you know?
At the end of the day, your masters might have done P2P the biggest favour since the original Napster.
Best regards
--
From the GSV "Ethics Gradient" |
|
hamlet
join:2001-05-23
Naval Air Station/ Jrb, TX | Re: Handyperson's guide to removal of SONY ROOTKIT Thanks Kevin. I was looking at that Sony "removal program" site this morning and wondering whether it actually would work or not. Now I don't have to wonder.
Yes, I have a Sony computer infected with the Sony rootkit from the VanZant cd. I am also a BOClean user. I started to follow the manual removal instructions posted by Kevin, but found it a bit over my head after a while.
Oh, I also live in Texas, where the attorney general filed a lawsuit against Sony. Right now, I am waiting to see what happens with that lawsuit. Then I am going to simply reformat my computer and start from scratch.
This is very frustrating.  |
|
jbobReach Out and Touch SomeonePremium
join:2004-04-26
Little Rock, AR
1 edit | reply to K McAleavey
said by K McAleavey:BOClean HAS (since the summer of 2004) defeated this madness and defecation on people's computers. We are not ABOUT to remove detection and defeating of your trojan, particularly after this "dishonor" to my former employer's spirit. PERMISSION GRANTED to post this to other sites regarding this nonsense. What's up with the removal of detection and defeating remark?
Whoops just noticed I misread the statement. I thought it said ABOUT to remove. I missed the NOT! Whew. I'm relieved. |
|
 WFOPremium
join:2001-08-27
San Ramon, CA | reply to K McAleavey
Thanks Kevin! I was waiting for you or Mark to test the new removal tool and you confirmed my suspicions.  |
|
davePremium,MVM
join:2000-05-04
not in ohio
kudos:7 Reviews:
·Verizon FiOS
·Verizon Online DSL
| reply to K McAleavey
I sure hope sonybmg  comes back here to discuss your findings in technical detail!
On the other hand, he's sure looking a lot like a drive-by poster... |
|
| said by dave:On the other hand, he's sure looking a lot like a drive-by poster... Yep, same canned response by a new member Sony BMG posted in a lot of other Security Forums last night.
--
It takes a disaster to make a woman out of a female
Microsoft MVP/Windows Security 2003-2006
Proud Member of ASAP (Alliance of Security Analysis Professionals) |
|
 mers2Premium,MVM
join:2004-03-20
USA
kudos:8 | said by CalamityJane:said by dave:On the other hand, he's sure looking a lot like a drive-by poster... Yep, same canned response by a new member Sony BMG posted in a lot of other Security Forums last night. Doesn't exactly help their blackened tarnished image does it? They don't have any feet left to shoot...
--
God put me on this Earth to accomplish a certain number of things. Right now, I am so far behind I will never die. |
|
EGeezerSummertimePremium
join:2002-08-04
Midwest
kudos:7 Reviews:
·Callcentric
| reply to dave
This user has apparently been on the site - last on 13h34m as of this typing. My assumption will be that the user is
1) Somehow authorized by the company
2) Unable or unwilling to satisfactorily address the concerns of this security and IT community.
Or,
3) Troll poster.
I lean toward believing 1) and 2) - in that case, it only tends to reinforce my doubts about this company and the quality and reliability of its products. I have other vendors I trust more and who I feel are better suited to provide my goods and services.
On the bright side, their products have provided me with some paid work. 
--
In Memoriam -NRK 1 FEB 1918 - 6 NOV 2005B-17 pilot -50 missions over Europe and North Africa - 347th Squadron, 99th Bomb Group - Husband, Father, Grandfather, Great Grandfather, friend --- A knight and gentleman gone to peace |
|
 salzanExperienced OptimistPremium
join:2004-01-08
WA State | said by EGeezer:This user has apparently been on the site - last on 13h34m as of this typing. My assumption will be that the user is 1) Somehow authorized by the company 2) Unable or unwilling to satisfactorily address the concerns of this security and IT community. Or, 3) Troll poster. I lean toward believing 1) and 2) IMO, Poster is an underpaid person (or persons) that has been given the task of spreading the "word" to all google responses to the search for "Sony Rootkit". This person has no answers. If anybody responds to questions regarding this thread, it will be another underpaid staffer with a new canned message. |
|
davePremium,MVM
join:2000-05-04
not in ohio
kudos:7 Reviews:
·Verizon FiOS
·Verizon Online DSL
| reply to EGeezer
said by EGeezer:This user has apparently been on the site - last on 13h34m as of this typing. One visit only, according to the member info. Which is to say, the only visit they made here was the visit in which they posted their drivel in this thread. |
|
1 edit | reply to salzan
said by salzan :
IMO, Poster is an underpaid person (or persons) that has been given the task of spreading the "word" to all google responses to the search for "Sony Rootkit". This person has no answers. If anybody responds to questions regarding this thread, it will be another underpaid staffer with a new canned message. I understand what you mean, but submit that anyone who is paid _anything_ is _overpaid_ by at least as much as they receive, for participating in the creation, dissemination, propagation and/or placing in a positive light,_any_ such marketing/PR prestidigitation (in other words, _lies_ of varying degrees), be it at the level of high-power, war-chest backed professional information/damage control and management "team leaders" like John Rendon or Victoria Clark (under what ever rock she presently habituates), or professional mouthpieces like S. McClellan, A. Fleischer, J. Lockhart, D. Myers, R. Ziegler, L. Speakes, or mouthpiece-stenographer-hacks like J. Miller/NYT, B. Woodward/Wash Post, Wolf Blitzer/CNN, or way down here, or on a bathroom stall wall for some swag...
There should be little doubt that SONY/BMG quickly (though not quick enough) hired a high-powered, well-connected "damage control" team. Text, along with IP and browser agent data comparisons can sometimes be illuminating in such situations, for those with access to such data.
--
How to Secure (and Keep Secure) My (New) Computer(s): A Layered Approach |
|
