The best way to get rid of the Sony DRM rootkit



The SecurityFix has a great how to article for the general public on the best way to remove the Sony DRM rootkit that’s been big news the last two weeks in tech circles. First, DON’T use Sony’s removal software as that introduces more security problems. Hopefully Sony will get together a removal for THAT eventually. Right now though, Microsoft has updated it’s malicious software removal tool to remove the Sony rootkit. This link is to Windows Live Safety Center, which will give a page with, among other things, a button that says “Full Service Scan” in the lower right hand corner.


If you’ve never visited the site before, you will need to install Microsoft’s Live Safety Scanner, you will be prompted to do that and to agree to the license agreement (click next). Afterwards you should be able to choose “Quick Scan” and click next.

Sony now has a list of XCP titles, or those cds that include their XCP software that is at the middle of this rootkit problem.

Unfortunately if you’ve followed Sony’s removal instructions and have the ActiveX component on your system the removal is a bit less user-friendly…

From freedom-to-tinker.com has a way to remove it….

To see whether CodeSupport is on your computer, try our CodeSupport detector page.

If you’re vulnerable, you can protect yourself by deleting the CodeSupport component from your machine. From the Start menu, choose Run. In the box that pops up, type (on a single line)

cmd /k del “%windir%downloaded program filescodesupport.*”

That should remove the control from your local machine. The freedom to tinker link above has more info on the ActiveX control and a page up that checks to see if you’re at risk from THAT vulnerability..

–Update 11/17/05 —

Freedom-to-tinker has an article on a downloadable fix to disable the ActiveX control that is from CodeSupport. If I understand correctly it’s a registry file that will set the kill bit for that control. The link to the fix and details can be found at the page above. They suggest any and all users to apply this fix to prevent the installation of the Activex, or disable it if already installed.

For the “Backstory” on this… look for posts here on the Sony DRM rootkit story

Related Posts

Blog Traffic Exchange Related Posts
  • How To Remove Alpha Antivirus (Removal Guide) There is a new rogue among us. It appears that Alpha Antivirus has replaced Personal Antivirus as one of the latest rogue security programs. This particular rogue installs through online "scans" (popups.) The reason I say "scans" is they're essentially animations of a scan (every one that visits the site......
  • How to Remove DefendAPC | DefendAPC Removal Guide DefendAPC is the latest variation on the Wini family of rogue antivirus. It is typically promoted via the use of trojans, malware and aggressive advertising. Once installed on the system it will run supposed scans of the system claiming that you have viruses on your system and that you have......
  • How to Remove SiteVillain | SiteVillain Removal Guide SiteVillain is another new rogue security or rogue antivirus program from the Wini family. Like a couple other of the recent rogue applications from the wini group, this one sports their new user interface. Among it's claims of infected files and that the only way to fix them are to......
Blog Traffic Exchange Related Websites
  • Small Business SEO 101: The Basics SEO or search engine optimisation is a really important part of a small business website. Let me explain why… Anyone who uses Google, Yahoo! or Bing (formerly MSN) regularly, knows that they usually provide two types of results (see diagram above): 1. Sponsored links Sponsored Links (highlighted in red......
  • World Wide Web Security Essentials Is Not A Real Spyware Remover. It Resembles The Functions And Looks World wide web Security Essentials is not a real spyware remover. It resembles the functions and looks of genuine spyware removal software but has no capacity to eliminate any virus, trojan or malware. Web Security Essentials is the newest addition to the growing list of rogue Antivirus programs. Internet Security......
  • SEO Duplicate Web Content Penalty Myth Exploded The "duplicate content penalty" myth is one of the biggest obstacles I face in getting web professionals to embrace reprint content. The myth is that search engines will penalize a site if much of its content is also on other websites. Clarification: there is a real duplicate content penalty for......
en.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site