site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

Broadband Tech > Security > Security > Handyperson's guide to removal of SONY ROOTKIT!

Search Topic:
 Share Topic
Posting?
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
AuthorAll Replies


Snowy
mIRC unix.ro UnderNet
Premium
join:2003-04-05
Kailua, HI
kudos:5
Reviews:
·RoadRunner Cable
·Clearwire Wireless

reply to K McAleavey

Re: Handyperson's guide to removal of SONY ROOTKIT!

said by K McAleavey:

FIRST ... run REGEDT32 (*NOT* REGEDIT) and navigate down to the HKEY_LOCAL_MACHINE key. RIGHT click it and select PERMISSIONS from the dropdown menu.
Is the Sony rootkit able to install on a W98SE??
to forum · permalink · 2005-11-16 12:03:02 ·


K McAleavey
Premium
join:2003-11-12
Voorheesville, NY
Reviews:
·Verizon Online DSL
1 edit

Re: Handyperson's guide to removal of SONY ROOTKIT

Yes indeed (I still run Win95! Everything we do has to be happy on ... well ... Win 3.1 where possible).

Only difference is that the cloak doesn't work on 9X because their VXD for it is broken. We handle Win9x too.

The stuff is visible though in the registry, all it requires for Win9x is deleting the aries.sys file and in particular, $sys$ari.vxd ... that's the "rootkit" in 9x. Lose that, reboot and happy days!

--
Kevin McAleavey support@nsclean.com (Makers of BOClean - BOClean means never having to do an HJT log again)

»www.nsclean.com
to forum · permalink · 2005-11-16 12:11:04 ·


Snowy
mIRC unix.ro UnderNet
Premium
join:2003-04-05
Kailua, HI
kudos:5

Now if I can just find that W98 vs XP thread.

to forum · permalink · 2005-11-16 12:20:07 ·


K McAleavey
Premium
join:2003-11-12
Voorheesville, NY
Reviews:
·Verizon Online DSL

Heh. Like I said, for my REAL machine, I use a PRE-Internet Explorer (the copy that came with "Hover") version of Win95 with my trusty old TRUMPET Winsock ("stronger than oak and twice as thick" to instrusion) on this old tired box I use for "company business" ... none of the old (or new) exploits work here because there's no "browser/OS integration" in THIS particular box.

I predicted the future in 1997, which is why Microsoft don't like me very much ... and thus the "professional antagonism." Humors me to no end ... But if you check out old history, and head for the bottom where I warned what would become of "Browser/OS integration" which didn't exist at the time, you'll see why I'm on Microsoft's chitlist ... heh.

»www.ftc.gov/bcp/privacy/wkshp97/···lean.htm

And even more curious, Judge Jackson in his "finding of violation of antitrust" quoted the issues we raised as a basis of his decision (page 86? 87? Somewhere around there) that "harm was done" on a basis of the changes to core code to "distribute internet functions so as to be inseparable."

Only pointing this out as a basis of my awareness of *WHY* HJT logs exist.
--
Kevin McAleavey support@nsclean.com (Makers of BOClean - BOClean means never having to do an HJT log again)»www.nsclean.com

to forum · permalink · 2005-11-16 12:51:44 ·
Forums > Broadband Tech > Security > Security

Sunday, 27-May 19:40:12 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 12.5 years online © 1999-2012 dslreports.com.
Most commented news this week
Hot Topics