IronBits
11-01-2005, 10:07 AM
Last week when I was testing the latest version of RootkitRevealer (RKR) I ran a scan on one of my systems and was shocked to see evidence of a rootkit. Rootkits are cloaking technologies that hide files, Registry keys, and other system objects from diagnostic and security software, and they are usually employed by malware attempting to keep their implementation hidden (see my “Unearthing Rootkits” article from thre June issue of Windows IT Pro Magazine for more information on rootkits). The RKR results window reported a hidden directory, several hidden device drivers, and a hidden application:
http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html
I closed the player and expected $sys$DRMServer’s CPU usage to drop to zero, but was dismayed to see that it was still consuming between one and two percent. It appears I was paying an unknown CPU penalty for just having the process active on my system.
Question begs to be asked, how many people bring music CDs to work and play them on company computers?
From another article...
The CD Get Right with the Man by the Van Zant brothers installed some Malware which prompty cloaked itself and started to use a chunk of the computer's resources.
http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html
I closed the player and expected $sys$DRMServer’s CPU usage to drop to zero, but was dismayed to see that it was still consuming between one and two percent. It appears I was paying an unknown CPU penalty for just having the process active on my system.
Question begs to be asked, how many people bring music CDs to work and play them on company computers?
From another article...
The CD Get Right with the Man by the Van Zant brothers installed some Malware which prompty cloaked itself and started to use a chunk of the computer's resources.