 ZOverLordPremium
join:2003-10-20
Minneapolis, MN
1 edit | reply to John2g
Re: Handyperson's guide to removal of SONY ROOTKIT! said by John2g:said by Paranoid20004: said by K McAleavey :
Next stop is the "Enum" area - IDE or SCSI depending on what you have...
An interesting writeup - but instead of editing registry entries to remove the crater.sys filter, why not use Windows Device Manager to delete the controller that the CD-ROM is connected to and then use "Add/Remove Hardware" to force Windows to redetect the CD-ROM and recreate the necessary registry entries? (mentioned in Castlecops: Hidden files and directories - DRM or trojan?). This should be far easier. Yeah right! Agree, you would need to make DARN sure you had NO other filters installed on that CD/DVD drive otherwise, ANY software you had, and there are MANY that use filters for Backup, and CD/DVD burning.
Those filters may or may NOT be capable of being re-installed automatically when you go to use that software.
Here is a QUICK and Dirty utility that will LIST all your filters present, you can do the same using the device manager, but this is much easier.
»www.k0lee.com/dc3000/utils/devfilter.htm
It works for all Windows 32 bit systems. It will NOT remove anything, but it will show you what you have.
--
Black, Grey and White Hats Unite here -> »testing.OnlyTheRightAnswers.com |
