Results 1 to 19 of 19

Thread: Securom installing Malware, Viruses or Rootkits?

  1. #1
    Join Date
    Aug 2007
    Posts
    9

    Securom installing Malware, Viruses or Rootkits?

    Help, I installed the Bioshock Demo and after uninstalling I found I had a Securom folder in Docs and Settings\Admin\AppData\Securom which contains files that do NOT Delete, even though I have full Admin rights on my machine.

    Additionally I have found two Registry entries which will NOT Delete, Current User\Software\Securom and Users\S-1-5-21-1275210071-1715567821-682003330-500\Software\Securom

    Please don't tell me this is going to be another Starforce nightmare, with all responsible parties saying there is nothing dangerous about installing Rootkits in gamers machines causing massive problems that will all be blamed on the gamers, naturally

    Thanks for any suggestions.

  2. #2
    Join Date
    Aug 2007
    Posts
    7
    Like, you hit delete, and they say "access denied"? Uh oh. Well maybe try rebooting into safe mode and delete them there. And if that fails...maybe grab a Linux live cd (like Damn Small Linux) and remove the files from there

  3. #3
    Join Date
    Aug 2007
    Posts
    14
    I would like to try the demo because I hear this game is amazing; however, knowingly installing a rootkit is something I'm not inclined to do unless there's a clearly defined method of removing it after I uninstall the game.

    SONY's has not instilled any trust as far as rootkits are concerned and I am not at all inclined to re-install my OS just to get rid of it.

    Aside from the obvious: what on earth is Secure-ROM doing on the freely given away demo in the first place? Does anyone know how to remove this? Thanks in advance for your time.

  4. #4
    That's odd. I'm running the demo and have NO Securom folders. I did a system search and... Nothing.

  5. #5
    Join Date
    Aug 2007
    Posts
    543
    Quote Originally Posted by Fumz View Post
    I would like to try the demo because I hear this game is amazing; however, knowingly installing a rootkit is something I'm not inclined to do unless there's a clearly defined method of removing it after I uninstall the game.

    SONY's has not instilled any trust as far as rootkits are concerned and I am not at all inclined to re-install my OS just to get rid of it.

    Aside from the obvious: what on earth is Secure-ROM doing on the freely given away demo in the first place? Does anyone know how to remove this? Thanks in advance for your time.
    According to everything I have read there is no way to get rid of it. And I am sure none of the mods here will even bother with an answer. Their attitude seems to be "You bought bioshock and therefore gave us the right to include anything we want on your PC."

  6. #6
    Join Date
    Aug 2007
    Posts
    14
    After a little sleuthing I am not sure I even want to try the demo and what sounded like a great game, unfortunately, now seems out of the question. It really sucks these guys put this in their game.

    To the OP,

    It seems you can get rid of only half your problem.

    Greetings.

    Thank you for your email.

    The registry entry is needed to save the digital rights information. If a
    demo software is protected by SecuROM then it should only work for, as an
    example, 30 days. The necessary license is stored in the registry.
    Therefore, please understand that it is not possible to delete such a
    entry.

    Please be informed that the User Access Service is used to launch a SecuROM
    protected application in a non-administrator mode, and has nothing to do
    with spyware or any kind of software like that. If you want to uninstall it
    please follow the instructions below. Please understand that any
    application you launch that uses User Access Service will restart it.

    1. Open a command line window (Start > Run, type "cmd", click OK).

    2. Go to the System32 folder in your main Windows folder (e.g. type "cd
    C:\winnt\system32", then press enter).

    3. Remove User Access Service (Type "UAService7.exe - remove", then press
    enter).

    If you have any other questions, please feel free to ask.

    The folder should now be deleted. Please understand that any SecuROM
    application that uses UserData will rebuild these files and folders with
    future launches.

    Best regards,

    SecuROM Support Team
    http://forum.sysinternals.com/forum_...ID=38923#38923

  7. #7
    Join Date
    Aug 2007
    Posts
    543
    Quote Originally Posted by Fumz View Post
    After a little sleuthing I am not sure I even want to try the demo and what sounded like a great game, unfortunately, now seems out of the question. It really sucks these guys put this in their game.

    To the OP,

    It seems you can get rid of only half your problem.



    http://forum.sysinternals.com/forum_...ID=38923#38923
    In other words. "Here is a way to kinda uninstall our rootkit. Thanks for being dumb enough to install it. Without a reformat of your PC you wont get rid of us.

  8. #8
    Join Date
    Aug 2007
    Posts
    6
    Here's another way to get rid of files that claim "Access Denied", and won't delete even in Safemode.

    Download "MoveOnBoot" from http://www.snapfiles.com/get/moveonboot.html

    It lets you set a file to be moved / copied / cut / deleted as Windows is starting- so there is no way it will give out that annoying Access Denied bull****.

    I've deleted many files after I've completely uninstalled programs that claimed Access Denied with this program.

  9. #9
    Rootkits need to be criminalized. Game executives jailed will make them reconsider using rootkits in the future.

  10. #10
    Join Date
    Apr 2007
    Location
    U.K
    Posts
    886
    This is ☺☺☺☺ing appalling there is no other word for it. And here was me scared to install the full game that I have sitting here when all along the bastards got me via a 'free' demo... boy oh boy.

    And I wouldn't be at all suprised to see my freshly installed/newly built system blow a gasket now this is on it.... if that's the case.

    Thanks 2K you really know how to treat us well.

    /off to prepare for an reinstall of previous ghost image and never to touch 2k games again

    ------

    GOING BACK - no 2 ways about it

    And just in case you think i'm ☺☺☺☺☺☺☺☺ting you or something I've provided a handy reference picture.

    This shows my sealed copy of the game, my post in this thread (to confirm it's my picture) and something called a "widescreen monitor" for future reference. Now do I send it back or risk 'infection' by installing it (knowing that I prob can't play it for at least another 2 days) - Wouldn't want to play it on my monitor with a fkd up field of view - luckily there is that icon on the right (under the bioshock demo icon) that we refer to as Racer_s's FOV fix... try it you might like it

    click to enlarge:
    http://img204.imageshack.us/img204/5...lockiq6.th.jpg

  11. #11
    Join Date
    Jul 2007
    Location
    Parts Unknown
    Posts
    1,821

  12. #12
    Join Date
    Aug 2007
    Posts
    20
    Whoop-dee-doo, you got a registry entry. I guess it's time to sue just about everyone who makes software for Windows now.

  13. #13
    Join Date
    Aug 2007
    Posts
    305
    WOW. The ☺☺☺☺ing demo installed securom on my PC as a hidden folder and I can't delete it! Is this even ☺☺☺☺ing legal?

  14. #14
    Join Date
    Aug 2007
    Posts
    28
    Quote Originally Posted by shiznit View Post
    WOW. The ☺☺☺☺ing demo installed securom on my PC as a hidden folder and I can't delete it! Is this even ☺☺☺☺ing legal?
    hahahahahahahahaha, your kidding right???? Spyware and other protections do this ALL THE TIME as well as tons of other stuff. Just look hard enough youll probably find tons and tons if you are just discovering that securom does it. And boohoo it installs a bit of extra software to make sure you dont pirate their game thats so awful =P and as for the field of view its just so the people without widescreen i don't get how anyone can even tell. So the non widescreen people get to see a bit more of the dudes arm, what the hells the difference??

  15. #15
    Join Date
    Aug 2007
    Posts
    543
    Quote Originally Posted by shiznit View Post
    WOW. The ☺☺☺☺ing demo installed securom on my PC as a hidden folder and I can't delete it! Is this even ☺☺☺☺ing legal?
    Actually in some states it isnt but nobody ever gets prosecuted. This BS "if you even install my demo I can do whatever I want to your machine" mentality that devs have has to go.

    Until 2K games removes this junk I will boycott all of their games and encourage everyone else to boycott them as well.

  16. #16
    I will be seeing 2k games in court in the UK in the next 14 days , will bring this matter up then ..

  17. #17
    Join Date
    Aug 2007
    Posts
    305
    Guess what my computer is clean, i havent had a virus in months (and it was intercepted by Nod32 and never did any harm), I use an army of programs to make sure i dont get infected, and i use ip blockers and even a proxy sometimes. this is the first infection i've had in a long long time. Thanks 2k, way to please potential buyers, infect their pc with rootkit through the ☺☺☺☺ing demo.

  18. #18
    Join Date
    Aug 2007
    Posts
    305
    dude sign me up for that class action this is ☺☺☺☺☺☺☺☺.

  19. #19
    Join Date
    Aug 2007
    Posts
    543
    Quote Originally Posted by shiznit View Post
    Guess what my computer is clean, i havent had a virus in months (and it was intercepted by Nod32 and never did any harm), I use an army of programs to make sure i dont get infected, and i use ip blockers and even a proxy sometimes. this is the first infection i've had in a long long time. Thanks 2k, way to please potential buyers, infect their pc with rootkit through the ☺☺☺☺ing demo.
    Just what do they think they are protecting by installing a rootkit with a demo anyhow?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •