Jump to content
☆!Click here for PC Matic product support!☆ ×

Change Mode

RootKit

luluhifi

By luluhifi,
in Viruses, Spyware, Adware

 Share Followers 0

Recommended Posts

luluhifi

luluhifi

Posted
  • Author
Posted

The best way to make sure it is gone is to reformat.

 

If it is the Sony DRM Rootkit, there are various tools out there.

 

It was the XCP. Sony. RootKit.>>>>CDProxyServ.exe

 

I run the Pit scan and it lead me to a tool to uninstall the XCP>>>I Disable System and run the Tool>>did another Pit scan and it didnt show so I guest it must be gone :santahat:

Link to post
Share on other sites
luluhifi

luluhifi

Posted
  • Author
Posted

That is good because the removal tools first published, did not work.

 

I think they have fine tuned it by now.

 

:)

 

LoL By me reading about it I didnt have anything to lose so I just gave it a shot and things seem to be fine sofar. So glad it is not the system Iam using now it is my sister's Laptop.

Link to post
Share on other sites
TheJoost

TheJoost

Posted
Posted (edited)

Since this seems to be an increasing problem from jerks with nothing better to do, anyone concerned about being "rooted" should grab a copy of 'RootkitRevealer' from Sysinternals. It's free. B)

 

 

 

 

Ciao,

Joost

 

Let's not be playing games with the word filter--IG

 

 

1)... and do not attempt to bypass the word filter. It is there for a reason.

 

Edited by IntelGuy
Link to post
Share on other sites
Juliet

Juliet

Posted
Posted

LoL By me reading about it I didnt have anything to lose so I just gave it a shot and things seem to be fine sofar. So glad it is not the system Iam using now it is my sister's Laptop.

 

:sparkle:lulu.....keep us posted :sparkle:
Link to post
Share on other sites
stormy13

stormy13

Posted
Posted

Which "remover" did you use? reason for asking is that unless things have changed recently, all any of the removers (including Sony's own) did was to remove the cloaking part, but left the DRM software behind.

Link to post
Share on other sites
luluhifi

luluhifi

Posted
  • Author
Posted (edited)

Which "remover" did you use? reason for asking is that unless things have changed recently, all any of the removers (including Sony's own) did was to remove the cloaking part, but left the DRM software behind.

 

When I run the PitStop Scan and it show I posted and I click on it which was in Yellow and down the line it lead me to this tool call XCP2_Uninstaller>>I use it and run the Pit scan again and it was gone. :lol:

 

ok I found IT AND THIS IS WHAT i USE>>http://cp.sonybmg.com/xcp/english/updates.html :bananaxmas:

Edited by luluhifi
Link to post
Share on other sites
stormy13

stormy13

Posted
Posted

This from the Sony link,

 

Note, this uninstaller will not remove the detection tool itself. The detection tool can be deleted manually in the normal manner.

I assume by "deleted in the normal manner" means that it should show up in Add/Remove Programs (somehow doubt it). Somehow with the way that Sony handled this whole fiasco, I'm not sure that I would trust their uninstaller yet, especially with the first bit in that quote above. From what I can see, all it does is remove the cloak (and possibly patch the hole that was in the rootkit from the beginning. I would have a look at the first screen shot here,

 

http://www.sysinternals.com/blog/2005/10/s...tal-rights.html

 

and see if any of the files that are shown there are still on the computer (minus the $sys$ bit).

Link to post
Share on other sites
luluhifi

luluhifi

Posted
  • Author
Posted

This from the Sony link,

I assume by "deleted in the normal manner" means that it should show up in Add/Remove Programs (somehow doubt it). Somehow with the way that Sony handled this whole fiasco, I'm not sure that I would trust their uninstaller yet, especially with the first bit in that quote above. From what I can see, all it does is remove the cloak (and possibly patch the hole that was in the rootkit from the beginning. I would have a look at the first screen shot here,

 

http://www.sysinternals.com/blog/2005/10/s...tal-rights.html

 

and see if any of the files that are shown there are still on the computer (minus the $sys$ bit).

 

 

oK GO ahead and keep us posted please>>I also need to do that myself and take alook also.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Followers 0
Go to topic listing
×
×
  • Create New...