My Chinese Mp3 player is infected... Hmm

This may or may not be incredible news, but a person who I work with gave me an mp3 player that his niece bought in China and it is infected with a virus or spyware in a file in it called sysnote.exe. This is on the mp3 player itself. The CD is comes with also contains spyware although I haven't looked at it in depth yet. I haven't backtraced or analyzed this completely but I'm thinking that the Chinese government may have a hand in this.

This really amazes me, coming from the POV of a computer geek and hopeful entrepreneur. It's an mp3 player from China that also plays video, and it is a pure knockoff of the Ipod Nano. Notice the funny similar logo "Ipoa". Interestingly, It comes in VERY well designed packaging, much better than the actual Nano packaging actually. But whereas the hardware is totally up to date the software sucks, really, I mean I don’t know how so much attention can be put into hardware and the software still suck so much...





Anyway, what is this? It's obviously a knockoff. But I know that at least 50 thousand of these must have been made, in order to be profitable, based on my knowledge of certain manufacturing factors like plastic molding costs. More imprtantly, is this spyware being used by the Chinese government. I seriously don't think businessmen would have a motive for installing spyware. Okay, time for me to start looking out for black helicopters....

probably has better methods of surveillance than putting spyware on a cheap, obvious knockoff iPod. And they probably have more valuable surveillance targets than owners of cheap, obvious knockoff iPods.

I'm a simple computer geek. Maybe I have trouble understanding complex social issues. I see a virus/spy-ware on this device and wonder what it is. At least a million dollars were spent on producing this device. I do not think the manufacturer of this device has a motive for putting a virus on their own product -- it would reduce sales. You are saying it is impossible that the government may have a hand in this, the same ones who promote censorship with Google and other search engines. The idea of Communist Chinese people using IPods is a revolutionary concept, something that a Communist government cannot let lose uncontrolled. So I find the reflexive dismissal of this idea hard to believe.

You don't think a manufacturer has a motive for putting some form of malware in its own products? What about Sony? (Pun definitely intended.)

Consider a few things:

Almost every pre-built computer system you purchase from companies like Dell, Compaq, etc. come pre-loaded with software that reputable removal tools categorize as, at least, spyware. Many, possibly most, broadband companies provide installation discs (that aren't needed, btw) that install what detects as both spyware and trojans, depending on the definition being used by the particular scanning product. Internet Explorer has a default home page that, upon first execution with an active network connection, sets a tracking cookie that is used by MSNBC and its partners in the same way that much commercial spyware is used. Some virus scanners install viruses and adware simultaneously for the explicit purpose of incessantly nagging the person who installed the program of the need to "upgrade" to a new, costly version. And Sony music discs installed rootkits for purposes that have not been, and probably never will be, fully revealed. These are mainstream companies that have in no way seen their profits fall by the use of such tactics, and in some cases, profits actually depend on them.

What you have is a product manufactured by a company that isn't mainstream and is clearly in the business of doing something basically illegal. My question is, why *wouldn't* they install spyware/trojans? What's the news story going to say? Being exposed as a knockoff product is more damaging than the virus revelation, and they apparently have no worries about that.

That said, you say a co-worker had you look at this. Was the device ever, at any time, connected to a computer? And I don't even mean by the person who purchased it necessarily. If so, how do you know the infection wasn't transmitted from the computer itself?

Sysnote.exe is a standard trojan and seems to originate from Asia. It interacts with Windoze and needs to have come into contact with an MS Access database file even to run.

As for lost sales, most people do not run virus scanners, least of all on MP3 players, or if they run them, they don't keep their definitions files up to date. (I base this on personal experience. I've cleaned a dozen computers in the last couple months, some of which had virus scanners installed that hadn't actually been executed since first boot, none of which had up-to-date definitions files. The people that owned these computers had been using them months, in one case a couple years, without ever noticing. It's a risk a disreputable company is certain to take.

but the best way to get rid of stuff like this is via the program CounterSpy. You can d/l it for free and try it out for 15 days. I have this program installed on all three of my computers. It cannot be installed on one with Windows 98 1st ed. though. It it would work on one with Windows 98 1st ed. on it, believe me, I'd have it on there.

I found a few trojans that no other spy-ware program nor virus program found.

:kick: