Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Sony driver is "potentially dangerous"


  • Please log in to reply
2 replies to this topic

#1 elsinore

elsinore

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:04 AM

Posted 20 November 2009 - 02:36 AM

Hello all,

I'd like to get your opinion on something.

I'm running Kaspersky Internet Security 2010 9.0.0.736 on Windows 7 Home Premium 32bit. I'm new both to Kaspersky (I was using AVG before) and Windows 7 (I had XP before).

Today I downloaded an updated driver (for Windows 7) I need for my digital voice recorder from here:
http://www.sony.jp/products/overseas/conte...ownload_03.html

Sony makes life difficult for you by not being able to access the files in your recorder unless you have the driver, and plus they use a propriety audio format that you have to convert using their software in order to use it with any other sound program.

I scanned the file with Kaspersky, and it said that no viruses were detected. So far, so good.

A few steps into the installation process, I got the following popup warning from Kaspersky:

Suspicious Activity ... ICD-P Series Driver belonging to group 'Low Restricted' is trying to download driver in a hidden way C:\WINDOWS\SYSTEM32\DRIVERS\ICDUSB2.SYS. Kaspersky Internet Security will not be able to control application activity after installation ... Application is running in safe mode ... Potentially dangerous program ... Suspicious driver installation ... Process (PID: 3920): C:\USERS\ADMINISTRADOR\APPDATA\LO...\PDRIVER.EXE

Since I assumed that Sony was a trustworthy site, especially for one of its product drivers, I was obviously shocked by this. Furthermore, as I said, this leaves me in a rather cruddy situation, since my expensive little voice recorder effectively becomes a paperweight without their software.

I then decided to try the old driver for XP that I had on the CD that came with the recorder. Again, a Kaspersky popup appeared warning me that the program was potentially dangerous because it did not have a digital signature and had a high danger rating.

This came as a double surprise, as I had had that program installed on my other computer for several years, and AVG, Malwarebytes' and Spybot S&D never said anything about it.

So what do these messages mean? What is this suspicious driver? What makes this a dangerous program? Do you recommend that I do not install the program? Does all this mean that I might as well just throw the digital recorder in the trash if I don't want to install spyware on my computer?

Thanks in advance for any and all opinions and advice.

BC AdBot (Login to Remove)

 


#2 elsinore

elsinore
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:04 AM

Posted 20 November 2009 - 03:43 AM

This is absolutely insane.

As a way to hopefully play the file without having to install that particular software, I downloaded a Windows Media Player plugin they have which will includes a codec to play their format .dvf.

The download comes from here:
http://www.sony.jp/products/overseas/conte...ownload_01.html

I ran the Kaspersky antivirus. All okay. So far so good.

I ran the .exe in Kaspersky's Safe Run mode, and it seemed to be fine. The last step in the process was to restart the computer.

Anyway, on restart, I get the following messages:

20/11/2009 9:26:25 Task started Proactive Defense Kaspersky Internet Security
20/11/2009 9:26:33 Detected: PDM.Keylogger kernel mode memory patch Absent
20/11/2009 9:26:33 Detected: PDM.Keylogger kernel mode memory patch Action selected by user Absent

Please help. This is both baffling and frustrating.

#3 techextreme

techextreme

    Bleepin Tech


  • Members
  • 2,125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pittsburgh, PA
  • Local time:02:04 AM

Posted 20 November 2009 - 07:44 AM

Is it possible for you to uninstall the version you have right now? I found this link to a non-overseas Sony site for the same SonyŽ Player Plug-in for Windows MediaŽ Player Update.

It is not unheard of for Sony to do something that is not "really" on the up and up. The article describing what I am talking about can be read here.

Hope this helps,
Techextreme

"Admire those who attempt great things, even though they fail."

-- Seneca




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users