- Mar 8, 2003
- 38,416
- 4
- 0
Rootkit and Invasive DRM Information Thread
- Thread starter Schadenfroh
- Start date
- Nov 30, 2005
- 50,231
- 118
- 116
Nice job Schad! Here's a few more for you.
Spywarefree: rootkit reviews
How To Remove Rootkits with IceSword
McAfee Rootkit Detective Beta
Gromozon Rootkit Removal Tool
Spywarefree: rootkit reviews
How To Remove Rootkits with IceSword
McAfee Rootkit Detective Beta
Gromozon Rootkit Removal Tool
- Mar 8, 2003
- 38,416
- 4
- 0
- Mar 8, 2003
- 38,416
- 4
- 0
Draft2 is now up for everyone to review, changes include:
[*]Text fixes
[*]Content expansion and addition
[*]Links added as evidence of problems with SecuROM
[*]Layout improvements
[*]Clarification of what this thread is intended to focus on
Enjoy and do give feedback
[*]Text fixes
[*]Content expansion and addition
[*]Links added as evidence of problems with SecuROM
[*]Layout improvements
[*]Clarification of what this thread is intended to focus on
Enjoy and do give feedback
I dont really have much of a problem with securom7, i run nwn2 from an image and have no issues.
However, Atari patched it into nwn2 without telling anyone, which isnt cool for those of us that do care.
However, Atari patched it into nwn2 without telling anyone, which isnt cool for those of us that do care.
Jaxidian
Platinum Member
Great post!! I don't know if it would be appropriate but perhaps it would be a good idea to add to the post some counter-rootkit techniques? I'm very ignorant to them but I've heard of somebody spoofing the SecuROM system somehow.
Thanks!!
Thanks!!
I think this tidbit really needs to be added about rootkits:
They can run at ring-0 (kernel level) and intercept crucial system calls. This makes them hard to detect and in some cases they may be completely undetectable. They could introduce bugs and cause hardware problems (like StarForce). It's important to realize that these kernel rootkits essentially have control over your whole system, not just your hard disk. They have access to your CPU, its memory timings, and direct access to the BIOS too. Most of them are infact drivers and since drivers have these capabilities, so do the rootkits. The rootkits will be loaded as drivers first and then intercept enumeration calls (the OS will ask for a list of drivers, to be presented to the user, and the rootkit will just take itself out of the list and pass it on). It appears unharmed to the receiving application.
They can run at ring-0 (kernel level) and intercept crucial system calls. This makes them hard to detect and in some cases they may be completely undetectable. They could introduce bugs and cause hardware problems (like StarForce). It's important to realize that these kernel rootkits essentially have control over your whole system, not just your hard disk. They have access to your CPU, its memory timings, and direct access to the BIOS too. Most of them are infact drivers and since drivers have these capabilities, so do the rootkits. The rootkits will be loaded as drivers first and then intercept enumeration calls (the OS will ask for a list of drivers, to be presented to the user, and the rootkit will just take itself out of the list and pass it on). It appears unharmed to the receiving application.
Also note that Securom-7 doesnt run at the kernel level, it runs at ring 3, with is the lowest level of control.
apoppin
Lifer
although it may be not as *invasive* as StarFarce it is still plays havok with many installed and legitimate programs ...
:thumbsdown:
i would avoid it whenever possible
and it is becoming impossible ... my new *strategy* is to have *suspect programmes and games* on a separate HD
I believe they added it with patch 1.02 and onward. Very deceptive behavior... they were using an earlier version of SecuRom in the retail release, which was less invasive, and then "upgraded" it via the patch to the most recent version. v7 has been around for a while, so you have to wonder about their intentions here.
apoppin
Lifer
Originally posted by: apoppin
although it may be not as *invasive* as StarFarce it is still plays havok with many installed and legitimate programs ...
:thumbsdown:
i would avoid it whenever possible
and it is becoming impossible ... my new *strategy* is to have *suspect programmes and games* on a separate HD
Thats actually not a bad idea, i may break my stripe array to do just that.
apoppin
Lifer
Originally posted by: Acanthus
Originally posted by: apoppin
although it may be not as *invasive* as StarFarce it is still plays havok with many installed and legitimate programs ...
:thumbsdown:
i would avoid it whenever possible
and it is becoming impossible ... my new *strategy* is to have *suspect programmes and games* on a separate HD
Thats actually not a bad idea, i may break my stripe array to do just that.
thank-you
i have been pondering this for awhile ... i had "weirdness" with some of these mentioned games -- especially NWN2 and FEAR's xpack ... and they DO cause problems with some legitimate installed programs. ... and i HATE reinstalling OSes or editing the registry to rid myself of this junk.
By keeping SecureCrap and StarFarce infected apps on a separate HD [or separate RAID array] will keep them from interacting with my *regular* programs.
... still looks like i have a long weekend coming up
[but i have my Sapphire x1950p coming today!]
. . . at least till all programs have it
:Q
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 23K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter