Results 1 to 15 of 15

Thread: A tool to help you remove SecuROM...

  1. #1
    Join Date
    Sep 2007
    Posts
    6

    A tool to help you remove SecuROM...

    Hi everybody,

    If you have already played through and uninstalled the game, here is a little help to remove SecuROM... that nasty little rootkit.

    http://forums.guru3d.com/showthread.php?threadid=203200


    Hope it helps,

    Hogg


    Great game / horrible protection

  2. #2
    Join Date
    Jul 2007
    Location
    Parts Unknown
    Posts
    1,821
    Note that this does not work on Vista.

  3. #3
    Join Date
    May 2007
    Location
    Australia
    Posts
    2,197
    Quote Originally Posted by Hoggles View Post
    Hi everybody,

    If you have already played through and uninstalled the game, here is a little help to remove SecuROM... that nasty little rootkit.
    well my labyrinth dwelling friend, im still yet to see where its a rootkit ive only been shown speculation... also HOW MANY games use securom? i have AT LEAST 5 securom protected games installed atm

  4. #4
    Join Date
    Sep 2007
    Posts
    6
    Hi Lurchibald,

    I'm not sure what labyrinth dwelling friend means... but thanks, sounds cool

    Here is all the info you should need to end your "speculation" on the matter.

    [URL="http://www.microsoft.com/technet/sysinternals/utilities/RootkitRevealer.mspx"][/http://www.microsoft.com/technet/sysinternals/utilities/RootkitRevealer.mspxURL]


    It will explain to you what a rootkit is and then feel free to install rootkit revealer, you will see SecuROM is a rootkit by definition and implementation.

    Peace,

    Hogg

  5. #5
    Join Date
    Sep 2007
    Posts
    6
    Sorry not sure what happened with that link above, here ya go...

    [URL="http://www.microsoft.com/technet/sysinternals/utilities/RootkitRevealer.mspx"]


    Peace

  6. #6
    Join Date
    Aug 2007
    Location
    Somewhere, under the sea.
    Posts
    129
    Quote Originally Posted by Hoggles View Post
    Hi Lurchibald,

    I'm not sure what labyrinth dwelling friend means... but thanks, sounds cool

    Here is all the info you should need to end your "speculation" on the matter.

    [URL="http://www.microsoft.com/technet/sysinternals/utilities/RootkitRevealer.mspx"][/http://www.microsoft.com/technet/sysinternals/utilities/RootkitRevealer.mspxURL]


    It will explain to you what a rootkit is and then feel free to install rootkit revealer, you will see SecuROM is a rootkit by definition and implementation.

    Peace,

    Hogg
    Hoggles, if you knew what a rootkot really was then you would know that SecuROM is not a rootkit. That tool gives a false positive (in this case) and anyway it only looks for possible rootkit behaviour, it does not "detect" rootkits in the truest sence.

    I would, however, like a SecuROM removal tool for Vista. At least I can bypass it was YASU (which does work on Vista, both x86 and x64).

  7. #7
    Join Date
    Jul 2007
    Location
    Parts Unknown
    Posts
    1,821
    We all already know it behaves like a rootkit but you won't call a duck a duck. You want it to be a sparrow.

  8. #8
    Join Date
    May 2007
    Location
    Australia
    Posts
    2,197
    Quote Originally Posted by Hoggles View Post
    Hi Lurchibald,

    I'm not sure what labyrinth dwelling friend means... but thanks, sounds cool

    Here is all the info you should need to end your "speculation" on the matter.

    [URL="http://www.microsoft.com/technet/sysinternals/utilities/RootkitRevealer.mspx"][/http://www.microsoft.com/technet/sysinternals/utilities/RootkitRevealer.mspxURL]


    It will explain to you what a rootkit is and then feel free to install rootkit revealer, you will see SecuROM is a rootkit by definition and implementation.

    Peace,

    Hogg
    http://us.imdb.com/title/tt0091369/ look at the cast you'll see

    also it may be a rootkit.... but it could just as easily be a false positive but hey not many people reply with a link of some sort so thanks

  9. #9
    Join Date
    Sep 2007
    Posts
    6
    Hi iJacks,

    I'm not sure how you think SecuROM is not a rootkit? SECUROM adds to the registry what is commonly called a NULL Registry Key, this means it will bypass all OS protection and you cannot delete it in any way, not in SAFE MODE, not by giving Permission. nothing will work. That duck sure tastes like duck to me

    iJacks you can give it what ever name you want, but SecuROM does everything that by definition a rootkit does.

    Peace,

    Hogg

  10. #10
    Join Date
    Sep 2007
    Posts
    6
    HAHAHA nice Lurchibald,

    Thats an awesome reference, great movie that I forgot I was in!!!!

    Peace,

    Hogg

  11. #11
    Join Date
    Aug 2007
    Location
    Lodi, CA, USA
    Posts
    94
    Quote Originally Posted by Hoggles View Post
    Hi iJacks,

    I'm not sure how you think SecuROM is not a rootkit? SECUROM adds to the registry what is commonly called a NULL Registry Key, this means it will bypass all OS protection and you cannot delete it in any way, not in SAFE MODE, not by giving Permission. nothing will work. That duck sure tastes like duck to me

    iJacks you can give it what ever name you want, but SecuROM does everything that by definition a rootkit does.

    Peace,

    Hogg
    Well, if you really knew anything, you could remove that supposedly non-deleteable registry key. Of course, you'd then also know that installing a NULL registry key does not make SecuROM a rootkit, by definition or in any other way.

    This issue has already been argued ad infinitum...those of you that are whiner infants will continue to whine, while those of you with any brains/sense will move on.

  12. #12
    Join Date
    Mar 2007
    Location
    I'm from Brooklyn!!!
    Posts
    7,129
    Play nice guys.
    We're all friends here, right?

  13. #13
    Join Date
    Sep 2007
    Posts
    100
    Quote Originally Posted by reholli View Post

    This issue has already been argued ad infinitum...those of you that are whiner infants will continue to whine, while those of you with any brains/sense will move on.
    I agree.

    It's a rootkit...

    movin' on...

  14. #14
    Join Date
    Sep 2007
    Posts
    6
    Well, if you really knew anything, you could remove that supposedly non-deleteable registry key. Of course, you'd then also know that installing a NULL registry key does not make SecuROM a rootkit, by definition or in any other way.

    This issue has already been argued ad infinitum...those of you that are whiner infants will continue to whine, while those of you with any brains/sense will move on.
    Hi Reholli,

    Over the years I've always thought that forums are in place so people can have a free and open dialog about all sorts of issues. I'm sorry to see you attacking people personally on these forums, not sure how it serves any purpose? I do know that there are several ways to remove rootkits via the command prompt, regnull and with the help of the nice little utility in my first post.

    I might not be able to convince you otherwise but just in case you have not seen the rootkit revealer Microsoft website that explains it definitions of a rootkit installed on their operating systems:

    "What is a Rootkit:
    The term rootkit is used to describe the mechanisms and techniques whereby malware, including viruses, spyware, and trojans, attempt to hide their presence from spyware blockers, antivirus, and system management utilities. There are several rootkit classifications depending on whether the malware survives reboot and whether it executes in user mode or kernel mode. "

    I would classify it as a persistent rootkit.

    "Persistent Rootkits:
    A persistent rootkit is one associated with malware that activates each time the system boots. Because such malware contain code that must be executed automatically each system start or when a user logs in, they must store code in a persistent store, such as the Registry or file system, and configure a method by which the code executes without user intervention."


    Reholli, I would be very interested to see the information that you have explaining how SecuROM is not a rootkit. There are a handful of online articles that say it's not, but they have yet to show me any proof that Microsoft and countless others, are wrong in their definition. SecuRom's official statement on this as well as 2k's is that it's not a rootkit. I have to take that with a grain of salt as many tech related people who don't work for either company... say otherwise. Keep in mind, to remove the version of SecuROM that Bioshock installs you have to do all the steps needed to remove a rootkit... strange

    Have a great day,

    Hogg

  15. #15
    Join Date
    Aug 2007
    Posts
    195
    I think one of the key points there is that Microsoft states that a rootkit may execute in user mode. People who claim that SecuROM is not a rootkit point out that it runs in ring 3. Obviously, Sony and 2k use a different definition.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •