Talk:Sony DRM Rootkit

From Free Knowledge Base- The DUCK Project: information for everyone
Revision as of 18:43, 23 August 2010 by Admin (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Manual Removal

  • Must be done from the administrator - Full Control account
  • Open an MS-DOS prompt and navigate to the path c:\windows\system32\$sys$filesystem
  • Delete the ARIES.SYS file in the $sys$filesystem directory and reboot the system
  • Open REGEDT32 (not regedit) and right click on the HKEY_LOCAL_MACHINE hive and select PERMISSIONS from the dropdown menu.
  • Click on "everyone" and make sure that FULL CONTROL is checked
  • Use FIND (Control-F) to locate anything that matches "$sys$"
  • First things you'll encounter are under the HKEY_LOCAL_MACHINE files, under the SOFTWARE key, delete them (see below)
  • $sys$reference
  • ECDDiskProducers
  • SONYBMG