Securom Removal Update – Windows 7
July 31st, 2009
Alright everyone, I’ll skip the introductions this time. Just let it be known that Securom is evil and should be destroyed. More information about this rootkit here:
http://en.wikipedia.org/wiki/Securom
In order to remove it you must first download the Securom Removal Tool from Securom themselves. After they got sued a bizillion times they were required to make a removal tool I guess… but don’t trust it so much. The link is here:
The key here is to execute the program using the command prompt in Windows so that you can initiate a full uninstall. I find that just executing the tool doesn’t actually remove all of it. Here is the play by play on how to do that:
1. Download the Securom Removal Tool using the above link
2. Extract the contents, in this example we are going extract it to D:\SRT
I would never recommend extracting the contents of a file on your root drive, try to use a USB drive if available. Plus if you using Windows 7 it won’t let you run it or extract it there anyways.
3. Run the command prompt, you can get to it by typing in CMD in the start menu search area. You will need administrative privileges to do this.
4. Navigate to the extraction directory. The code will be something like:\
“cd\ d:” enter
“cd\ SRT” enter
“SecuROM Remover.exe /fulluninstall” enter
This will launch the regular Securom remover. Proceed with the removal.
*** This is the key part that keeps this crap out ***
Go into all the directories that the Securom Remover lists as removed and replicate them. I believe there is a folder in the user’s application data directory. In order to view it you will need to set Windows Explorer to view hidden files.
1. Remove the Securom folder and make a new folder with the exact same name in the exact same position.
2. Remove all read/write/modify permissions for all users to those folders. This will prevent Securom from repopulating itself automatically. So far this has been what has stopped it from reaccuring.
Posted in Main | No Comments »
