5punk

We're All On Discord Now
https://5punk.co.uk/forum/

BioShock uses SecureROM, which in turn uses a Root Kit

https://5punk.co.uk/forum/viewtopic.php?t=12025

Page 1 of 1

BioShock uses SecureROM, which in turn uses a Root Kit

Posted: August 26th, 2007, 12:34
by Fear
**May not be strictly true, read Berk's 2nd post.**

Just thought I'd let you know.

I'm not sure if this effects the Steam version as Steam has it's own DRM.

If you perform a root kit scan you will see SecureRom, which means it's in your core code, manipulating your kernel. So, I'll be :sweep: this then, if only to ensure some code I don't trust wont get into core windows. What wankers. It's having the reverse affect.

Posted: August 26th, 2007, 12:43
by Dr. kitteny berk
Apparently that's bull and is a rumour based on a false positive from a shitty AV (i think AVG or mcafee)

Also, sophos anti rootkit shows up nothing on my machine (apart from some daemon tools keys)

the steam version does use securerom

Posted: August 26th, 2007, 12:45
by Dr. kitteny berk
cult of rapture forums wrote:Does SecuROM fingerprint my hardware? What does this mean?
SecuROM does not fingerprint the hardware. When an activation is performed, a unique ID is generated to identify the system being used for the activation process. The ID is in the form of a hash and cannot be read by any other system or operator. Its only purpose is for comparing future activations on a particular serial.



Does SecuROM send any information out to another server and collect any of my data?
No information is sent to any other servers. The only data collected is the serial being used for activation, the IP address used for activation, an identifier for the software being activated, and the hash of the machine ID. The ID cannot be read by any other system or operator. Its only purpose is for comparing future activations on a particular serial.


My anti-virus software is flagging SecuROM as an intruder program? What does this mean?
Some versions of virus software will incorrectly flag SecuROM. If so, please update the virus definition file. If you still experience issues, please contact 2K Technical Support for further advice. We would appreciate if you could please notify support@securom.com of any software conflicts so that we may work with the anti-virus companies to update their definition files.


Does SecuROM install a root kit on my computer?
No. SecuROM DOES NOT USE any root kit technology in its implementation. SecuROM Product Activation does place a folder and registry keys on your system. These folders are used only for storage of license information and information to assist with disc authentication. Please do not modify or delete these files. Tampering with these files may result in authentication issues.

Posted: August 26th, 2007, 12:50
by Fear
*sits corrected*

For something to be flagged as a 'rootkit' it needs to give different answers when reading something raw (disk, or registry hive) and through windows api - so it's entirely possible that something changing fast enough will produce this. The rootkit is detected because it has interfered with answer the api gives (and we know this because it'd different to what the raw file says)

Posted: August 26th, 2007, 12:56
by Dr. kitteny berk
Just poked with sysinternals' rootkitrevealer too.

Does show a Securom key with the complaint "Key name contains embedded nulls (*)" - From the explanation in the app, it looks like this is just to stop people fucking with it.

I'm happy enough with those results to say probably no rootkit infection.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited