Rootkits now on DVDs (German users beware)

Did a search and could find nothing so if already posted sorry. I read this and though I would post to give heads up to our German friends. It seems they idn’t learn from the Sony case:

Security firm F-Secure confirmed yestarday the presence of a rootkit on two german DVDs.The rootkit comes from a new copy protection scheme that needs to be installed into a Windows PC to play two german video-DVDs.

The copy protection mechanism called Alpha-DVD was developed by Settec, a Korean company spun off from electronics giant LG.

Alpha-DVD installs three files to system32 directory and loads into memory. The copy protection hides from the Task Manager by injecting a library into all running user level processes.

There is no simple way for Windows users to know whether Alpha-DVD is installed on their machines.This library can easily be misused by third-party software for malignant purposes therefore it creates security risk fpr Windows PCs.

The main purpose of the Alpha-DVD copy protection is to block all attempts to launch DVD burning and copying applications as long as the original DVD-Video is present in the computer’s drive. However, Heise claims it has found that Alpha-DVD also manages to affect the operation of CD/DVD burning applications with some DVD writers, regardless of whether the copy-protected disc is present or not.

Alpha-DVD can currently be found on two German DVD titles: Mr. & Mrs. Smith, and Edison.

In this case it would be recommended to disable autoplay and it should be fine.

Spy Sweeper now detects/blocks/repairs root kits. I’m sure spybot and adaware will follow suit soon!

The last time i downloaded the latest definition file from adaware i saw that they’ve the rootkit removal feature.

Here is something from snapfiles.com that might be handy. It’s free so YMMV.

RootkitRevealer