Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Sony-BMG ROOTKIT [RESOLVED]


  • This topic is locked This topic is locked

#1
happyrock

happyrock

    Tech Moderator

  • Retired Staff
  • 9,285 posts
hijackthis found
C:\WINDOWS\CDProxyServ.exe
search says its Sony-BMG ROOTKIT...also heard the removing it (using their tool ) makes the music cds unplayable...any work around for this...
  • 0

Advertisements


#2
BHowett

BHowett

    OT Moderator

  • Moderator
  • 4,642 posts
Hi happyrck,

Its my understanding that C:\WINDOWS\CDProxyServ.exe is legit and part of the digital rights management system utilized on certain Sony CDs. If you remove this service, you may no longer be able to play certain CDs from Sony on your computer. However its not the actual rootkit.

If your computer is infected with the Sony / XPC Rootkit there will be a visible service installed on your computer called XCP CD Proxy. This service is not the rootkit and should be left alone, but rather an indication that the rootkit is installed on your computer.

The following steps will allow you to check whether or not this service is installed:

Click on the Start button.


Click on the Run option.


In the Open: field type services.msc and press the OK button.


The services control panel window will open. You will see a list of services installed on your computer. Scroll down and look for a service called XCP CD Proxy. If you have this service, then you most likely have the rootkit installed as well.


Close the control panel window, and let me know if you have the XCP CD Proxy service. If you do have it I have a link with detailed removal instruction that says the rootkit will be removed and you will still be able to use the CD on your computer.
  • 0

#3
happyrock

happyrock

    Tech Moderator

  • Topic Starter
  • Retired Staff
  • 9,285 posts
its on a clients computer...sent him your instructions...thanks
  • 0

#4
BHowett

BHowett

    OT Moderator

  • Moderator
  • 4,642 posts
no problem….just keep me posted :)
  • 0

#5
happyrock

happyrock

    Tech Moderator

  • Topic Starter
  • Retired Staff
  • 9,285 posts
after checking services...he does not have the rootkit...thanks for the help... :)
  • 0

#6
BHowett

BHowett

    OT Moderator

  • Moderator
  • 4,642 posts
No problem… I will mark this topic resolved :)
  • 0

#7
BHowett

BHowett

    OT Moderator

  • Moderator
  • 4,642 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP