Although so many people get movies streamed right to them a host of different ways, occasionally, some do still venture forth into that old brick and mortar building called a video store. So, there you are, it’s a Friday night and you go to your local Blockbuster, grab a movie, dreams of relaxing with some popcorn and the latest “must see” dancing in your head. Run home, pop it in your laptop to watch, and that’s when all hell breaks loose.
“The Proposal” by Sony starts it all off
Well, at least it did for me this past weekend after renting the new release “The Proposal”, distributed by Buena Vista, a division of Sony. When I first popped the DVD into my drive, it sounded like it was having a bit of a hard time reading the disk. I initially thought that the disk might have been dirty or scratched, but after removing and checking it, I could see it was fine.
After several more attempts to play the DVD, I was about to give up when all of a sudden, I got a pop-up from one of my anti-virus programs (Kaspersky) telling me that the disk was attempting to play as a document file. What the heck? Then, the video did start playing, sort of. I could hear it, although the sound was going in slow motion, and there was no video playing. I once again ejected the DVD, and that’s when I saw we’ve got problems.
The Rootkit begins to do its thing on my system
First, my computer locked up. I did a hard boot, and when it logged back in, I didn’t hear that familiar little “Windows chime.” Uh-oh. I went to my desktop and immediately boxes were popping up like mad telling me all kinds of programs are failing to respond. Everything from Firefox to Yahoo Messenger to explorer.exe. It looked like some kind of “you’re really screwed” video game going off, where you had to figure out in seconds what to do with all the things flying at you before you see what happens next.
The system mess continues
What happened next wasn’t any prettier. I could not access my control panel, my start button, and any of my anti-virus programs on the desktop just wouldn’t launch. The only thing vaguely reassuring at that point, was that somehow, Kaspersky was still running, and I was able to click on it in my toolbar, and have it perform a scan.
Although nothing came up in the system scan, when I had it check for vulnerabilities, it named everything and its brother that is on my system. Then, it showed me where it all began. Which drive, what time. Yep, the Buena Vista movie I attempted to play “The Proposal.” It showed as containing several keyloggers and a rootkit. Just great. Now what?
Now, to add to the fun, my computer would not do anything in regular mode, so I went into safe mode to see what I could do. Pretty much the same nothing. I had never before come across any virus or malware that so thoroughly disabled and messed up my system. Right then, I was good and ticked at both Blockbuster and Sony. Heck, I was even mad at Sandra Bullock for starring in the stupid movie.
Rootkit removal tools
After downloading a number of rootkit removal tools, I tried to access the files on my laptop. Through a weird quirk, I was able to get into Microsoft Word and drag a copy of the removal tools to my desktop. From the desktop, I was able to run the programs. Even after running the rootkit removal tools, my system was still affected. After a system restore and malware scans, it looked like smooth sailing except for the lack of internet connection.
After a while, I realized that somehow, the stupid thing simply managed to turn off the wireless connection on my laptop. This was probably the easiest fix I dealt with through the whole fiasco. I just had to hit the reset button on my laptop for wireless internet connection.
Sidenote for Acer Aspire owners
I just had to hit the reset button on my laptop for wireless internet connection. For anyone who runs into this problem and you don’t know where that is, it is usually a small button on the front of the laptop. In my case, using an Acer Aspire, the reset button for wireless connection is at the top of your keyboard, under the on/off button. You will see a row of keys. The internet connection key is the one on the far left.
The Bottom Line
Be very, very careful what movies you are putting into your computer. If it’s distributed by Sony/Buena Vista, I would strongly urge you to think twice before doing so. Unless you consider hours of trying to bring your computer back to life more fun than the relaxing with a movie you were initially looking forward to that is.
Image Source: sevensheavens
Love the picture. I have found that keeping rootkit/antivirus tools an a jumpdrive can really help in case you fall victim to a rootkit attack. Since most rootkits disable the control panel and literally take control of most of the administrative controls of your computer, opening Windows Explorer is next to impossible to access the tools needed to remove rootkits and their brethren. In order to get gain access to the tools that would be on the jumpdrive, I have found that opening Microsoft Word allows you to access files outside of the scope of what MS Word is used. Drag your rootkit removal tools from the jumpdrive to your desktop and you should be able to run them.
Jodie,
I head up the malware / reverse engineering team for a large online company, my team would love to tear this apart and submit it to the appropriate authorities for blacklisting and AV definitions. Do you still have the disc (or at least an ISO image of it) that you could send me?
Cheers!
Chris
sporto…I did mention about using MS Word to access jumpdrive files, thanks for your input though.
Chris…No, I don't still have the DVD "The Proposal" that caused the whole computer mess. I did return it, though I also made a point to call the video store and let them know what happened. I don't know if they put it on ALL DVDs of this title or not, to try looking at a different copy. Let me know if there is anything I can do to help, this kind of stuff shouldn't be allowed to happen.
Jodie
I forever support them to get up at least a basic electronic path to further their information and expect to carry in extra profits for them. Thanks
<a href="Perth" rel="nofollow">http://www.antennabrigade.com.au/">Perth Antenna