11,915 Registry Entries?

Window spyware is getting installed via the “download DRM licence” feature of Windows Media Player files distributed over P2P networks (from Slashdot).

“On a fresh test computer, I pressed Yes once to allow the installation. My computer quickly became contaminated with the most spyware programs I have ever received in a single sitting.

All told, the infection added 58 folders, 786 files and an incredible 11,915 registry entries to my test computer.”

I don’t have much sympathy for people who break the law and end up having their computer trashed as a result. But that’s a mindblowing amount of spyware. Why on earth does a DRM system involve the execution of remotely-downloaded code?

4 thoughts on “11,915 Registry Entries?

  1. It’s doesn’t. According to the article it’s because the users are redirected to a site which has spyware etc.
    So it’s not a hole in Windows Media Player or DRM, but in Internet Explorer. Nothing new really.

  2. Gerv, could you remove my e-mail address from the post? (the link from my name) I really don’t need spam on my work address.

    Once again, someone tried to follow the rules and will be punished for it…

  3. Ethan: Oops, I deleted the entire post :-(

    Here’s what he said:

    “Break the law”???

    Windows Media Player requires you to download licenses to _legally_ play protected files.

    In other words, people who break the law aren’t affected. People who try to follow the law get reamed.