I have found this link using Google. I don't know whether it will be useful to you or not. I avoid copy protected stuff as the plague.

Here is an article at The Register.

There is also this Removal Tool but use it with caution.

I might be stoopid but I fail to see anything here that indicates that a root-kit got installed.

I agree. I've heard of the Sony rootkit, but there's no indication in KAN's post of any nefarious activity. It looks like his WMP has been screwed around with and it's probably his own fault.

mp2v files are not audio they are video
you need dvd playing software like powerdvd ect

dh4rm4 wrote:

I agree. I've heard of the Sony rootkit, but there's no indication in KAN's post of any nefarious activity. It looks like his WMP has been screwed around with and it's probably his own fault.

Normally, you should be able to play RedBook audio CD (plain audio CD) in Windows regardless whether you are connected to the internet or not.

Now, I can only play audio CD when my computer is connected to the internet. Also, it doesn't really matter whether I use WinAmp or Windows Media Player, so I believe it is not WMP-specific problem. Instead, it seems that my CD-ROM driver (firmware?) has been overwritten with something else --something that keeps me from playing RedBook audio CD when my computer is not connected to the internet.

It happens after I inserted the Moby album I've mentioned in the OP, so I believe it is a rootkit.

You probably won't like to hear that, but i believe the most efficient solution for the problem would be to reinstall your OS. This is based on the fact that, no matter what exactly happened to your system, you will have a _very_ hard time finding out what the problem exactly is, not to mention fixing it. If it's really a "Rootkit" (the term is actually not really appropriate for the Sony-crap-copy-protection), then chances are you won't be able to completely get rid of it at all.

See? That's what you get for listening to Moby. Hope that teaches ya. 😎

ADDiCT wrote:

You probably won't like to hear that, but i believe the most efficient solution for the problem would be to reinstall your OS.

I knew it. Somehow I knew that I have to reinstall the whole thing. 😢 😵

Well maybe I should try the rootkit removal tool pointed by eL_PuSHeR first (thanks, eL_PuSHeR!). If the worst happens, I can always reinstall.

ADDiCT wrote:

This is based on the fact that, no matter what exactly happened to your system, you will have a _very_ hard time finding out what the problem exactly is, not to mention fixing it. If it's really a "Rootkit" (the term is actually not really appropriate for the Sony-crap-copy-protection), then chances are you won't be able to completely get rid of it at all.

It is not Sony, actually --it is MUTE Records. Is it a subsidiary of Sony BMG?

ADDiCT wrote:

See? That's what you get for listening to Moby. Hope that teaches ya. 😎

Heathen! Moby is cool! 😜 😁

Well actually I have stopped listening to "mainstream" music (radio top fourties) anymore; right now I only listen to Electronica. But maybe it's also the reason why I have never encountered such rootkit before. See, albums like Buddha Bar, Ibiza compilations, and Cafe del Mar are never protected by such DRM. It seems Moby is an exception.... 😢

IMHO Moby IS commercial Top 40 and he's CRAP and he's DERIVATIVE and he's so last decade....

Regarding the rootkit, this app doesn't act at all like Sony's does. Firstly, you installed a DVD Helper app and secondly you were notified that a license was to be downloaded. A rootkit is silent and Sony's doesn't rely on licenses but rather denies the usage of known copy tools, such as Daemon Tools etc.

What's far more likely is that WMP got screwed by the license for the video that was downloaded. It's MS Software and these things sometimes happen - owners of the T2 Special Edition DVD that used the WMV HD portion had similar licensing issues when it was first released too.

ADDiCT : The Sony rootkit is in actual fact a rootkit.

dh4rm4 wrote:

IMHO Moby IS commercial Top 40 and he's CRAP and he's DERIVATIVE and he's so last decade....

He is one of those few Electronica artists whose songs manage to reach mainstream audience, but he is still an Electronica artist --same case with Oakenfold.

(but of course, I still pick Nick Warren all the way to Sunday).

dh4rm4 wrote:

Regarding the rootkit, this app doesn't act at all like Sony's does.

You're correct in this matter. In fact, I have executed cmd /k sc delete $sys$aries, and nothing happened.

dh4rm4 wrote:

Firstly, you installed a DVD Helper app and secondly you were notified that a license was to be downloaded.

The problem is that I never installed a DVD Helper app, and I was not notified that a license was to be downloaded anyway. See, I didn't bother with the DVD at all --the sole reason I bought the album above is the bonus CD; the 18 B-Sides that contains the song Landing.

dh4rm4 wrote:

A rootkit is silent and Sony's doesn't rely on licenses but rather denies the usage of known copy tools, such as Daemon Tools etc.

Well, the problem is that I never executed the specific audio player embedded with the bonus CD. All I did was choosing "Open folder to view files" when prompted to do so; just like I said on the OP.

The next thing I knew is that I cannot play RedBook audio CD if I'm not connected to the net.

dh4rm4 wrote:

What's far more likely is that WMP got screwed by the license for the video that was downloaded.

But like I said, the very same thing happened when trying to play audio CD with WinAmp, so I suspected that it is my CD-ROM driver that has been overwritten --not my WMP.

Furthermore, I also have two "virtual" CD-ROM drive provided by Nero (Nero Image Drive), and they also suffered from the very same problem, so I guess it is something that infects every CD drives on my system to prevent them playing audio CD when I'm not connected to the internet.

Data CDs, on the other hand, work just fine whether I'm connected or not.

Oh god, you're not going to put Oakie and Moby in the same discussion are you? To compound that with rambling of Nick Warren is almost criminal....

Moby is a commercial artist and sample raper who stands on the shoulders of real innovators and those who've really striven and starved for their art. Paul Oakenfold is one of the MOST commercial dance producers around while Nick Warren is probably the only real innovator of the the three you discussed. That said I'd take both over Moby's egoTESTICAL self flattering garbage any day. I'm speaking of my personal taste here....

If you really want to listen to innovators of electronica try Daft Punk, Simian Mobile Disco (SIMIAN) and Justice among others. The latter two are more about the sound of now, whereas Daft Punk really changed the electronic landscape in the late 90s to early 2000s.

Also get your ears around "MAAS Attacks" by Timo Maas to see what a real sample guru can do....

Back on topic : You may not have ran an app, but unless you can show ALL sessions on the CD I can only assume that something was run via autorun....

That readme and the files you show don't indicate ANY form of DRM btw....

Better stick to the topic, and don't flame about music stuff.

There seem to be several rootkit detection tools around, see if they
find anything. Look through the hijackthis logs if there's anything odd.
Boot in safe mode and look at cdrom-related filess in the device manager
and in the system32/drivers directory (examine manufacturer strings,
look at file creation/manipulation dates).
No idea if it helps, but maybe better than reinstalling even if the second
is necessary after that 😀

wd wrote:

Better stick to the topic, and don't flame about music stuff.

Agree. It seems a thread split is needed.

dh4rm4 wrote:

Back on topic : You may not have ran an app, but unless you can show ALL sessions on the CD I can only assume that something was run via autorun....

Hmmm... Maybe that's the reason why something malicious had probably installed itself to my system despite the fact I did not execute the embedded player.

dh4rm4 wrote:

That readme and the files you show don't indicate ANY form of DRM btw....

The readme clearly says that I need to get connected to the internet to play the music CD. The WMP error message I posted clearly shows that now I need to get connected to the internet to play a plain RedBook Audio CD --and it is also what precisely happens to my system now.

wd wrote:

There seem to be several rootkit detection tools around, see if they find anything. Look through the hijackthis logs if there's […]
Show full quote

There seem to be several rootkit detection tools around, see if they
find anything. Look through the hijackthis logs if there's anything odd.
Boot in safe mode and look at cdrom-related filess in the device manager
and in the system32/drivers directory (examine manufacturer strings,
look at file creation/manipulation dates).
No idea if it helps, but maybe better than reinstalling even if the second
is necessary after that 😀

Thanks. I'll start tinkering with them after next Monday, as well as trying the rootkit removal tool El Pusher had posted.

Dude. This is not a rootkit. It is an "Enhanced CD".

But what infected my system as such, then?

Your system is not infected with anything. At least, not from this CD. Windows Media Player sucks and obviously has other issues beyond supposedly wanting to connect to the Internet since it was complaining about, among other things, invalid file formats.

Where is the disconnect coming from that you're having between a program called "Link To Website" needing an Internet connection to work?

Snover wrote:

Your system is not infected with anything. At least, not from this CD. Windows Media Player sucks and obviously has other issues beyond supposedly wanting to connect to the Internet since it was complaining about, among other things, invalid file formats.

Where is the disconnect coming from that you're having between a program called "Link To Website" needing an Internet connection to work?

But Snov, it also happens when I'm using WinAmp --even WinAmp won't play audio CD if my laptop is not connected to the internet (saying No CD despite the fact I have inserted the CD). Previously, I can always play RedBook audio CD whether my laptop is connected or not --as it is supposed to be.

If it says there is no disc, it is either:
1. Broken CD,
2. Broken CD drive,
3. Enhanced CD,
4. Maybe a problem with the CDDB plugin.

WinAmp does not read low-level disc structure and cannot play Enhanced CDs. The only software that I know of that will read the additional non-data tracks on a mixed mode disc are the original CD Player for Windows 9x and ripping software like EAC.

Snover wrote:

If it says there is no disc, it is either:
1. Broken CD,

Well I have tried various audio CDs, and they ain't broken CDs. Those CDs still works perfectly in other computer.

The weird thing is that the content of the audio CD (the .cda files) are still shown in the Windows Explorer, but WinAmp just keeps saying "No CD".

Oddly, after I connected the laptop to the internet, WinAmp recognizes those tracks again. And when I disconnected, the CD disappeared again from WinAmp.

Snover wrote:

2. Broken CD drive,

I have tested with data CDs as well, and they work fine.

Snover wrote:

3. Enhanced CD,

The Moby album is an enhanced CD, but I've also tested it with plain (RedBook) audio CD; the results have been always the same: no internet connection, no audio CD can be recognized.

Snover wrote:

4. Maybe a problem with the CDDB plugin.

I have disabled CDDB plugin right after I installed WinAmp --CDDB popup is kinda annoying.

Well this whole thing is annoying --the need to connect to the internet to play audio CD. What actually happened?

Is there some strange entry in device manager -> multimedia -> [audio/video]codecs -> properties?