Go Back   Hardware Canucks > SOFTWARE > Gaming

    
Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old April 16, 2010, 06:53 PM
LaughingCrow's Avatar
MVP
F@H
 
Join Date: Feb 2010
Location: Southern Ontario
Posts: 387
Default SecuRom and Rootkits Question

I ran into an unexpected problem and luckily figured a way out, but wanted input.

Here's what happened.

Picked up Crysis: Warhead (20.00)
Researched it out and found out it has SecuRom in it. Wasn't too happy finding that, AFTER after I bought it, but that's my fault for not researching it out properly.

So on SecuRom's site I read where they don't install a Rootkit:
"There is no rootkit in SecuROMô. Our understanding is that there is one rootkit detector that incorrectly flags SecuROMô as containing a rootkit. This is an incorrect detection by one software program. To our knowledge, no other rootkit detectors do so."

So, I downloaded the patch for Crysis and the so-called SecuRom removal tool.

I did a full image backup (Windows 7) to drive D

Installed the game (firewall/virus checker noted a trojan on install - probably detecting the DRM/Rootkit)
Installed the patch.

The graphics were exceptional. But I wasn't happy with remapping the keyboard for a lefty. (Mass Effect 1 & 2 worked out pretty good). So reluctantly, I shut down the machine, rebooted with the Win 7 repair disk and used the recent backup to restore drive C:

Except, on reboot - (one beep from the m/b) the system started from the BIOS screen (showed the drives, etc. as normal) and scrolled a bit then just hung - nothing. Waited, nothing. Tried that several times, hung in the same place. Attempted again, trying to go into the BIOS - still hung on the same spot.

On a weird hunch, I yanked out Drive C: and replaced it with an identical spare drive. With the Windows 7 repair disk still in the DVD, I rebooted. NO PROBLEM. Restored the backup and rebooted back into Windows exactly as it was before I had installed Crysis -- except it for the loss of time from whatever Crysis installed on the drive.

My guess is that SecuRom DOES plant a Rootkit or at least messes up the boot sector that prevented the original C: drive from rebooting after using the Windows repair disk to restore a backup.

1) Anyone have a similar problem?

2) Anyone know if this was a RootKit for certain or something else that SecuRom does? I think they are lying on their website.

3) Can I expect that reformatting the original messed up drive C: will clear out whatever problem I got from SecuRom?

Maybe if I had uninstalled the game and used the SecuRom removal tool, that might have fixed it, but I doubt it. This whole DRM nonsense really bugs me.
Reply With Quote
  #2 (permalink)  
Old April 16, 2010, 07:21 PM
headsh0t's Avatar
Hall Of Fame
F@H
 
Join Date: May 2009
Location: Winnipeg, MB
Posts: 2,568

My System Specs

Default

Maybe it was your removal tool that messed things up. I can't see SecuRom itself being the issue.The quote you mentioned said only ONE program detects SecuRom as containing a rootkit, is it the program that you have? I'm thinking maybe your AV was detecting a trojan or malware from the removaltool. Maybe not though cause yo usaid it picked it up during install of the game itself and not the patch... Never experienced such a thing.
Reply With Quote
  #3 (permalink)  
Old April 16, 2010, 07:27 PM
LaughingCrow's Avatar
MVP
F@H
 
Join Date: Feb 2010
Location: Southern Ontario
Posts: 387
Default

Quote:
Originally Posted by headsh0t View Post
Maybe it was your removal tool that messed things up. I can't see SecuRom itself being the issue.The quote you mentioned said only ONE program detects SecuRom as containing a rootkit, is it the program that you have? I'm thinking maybe your AV was detecting a trojan or malware from the removaltool. Maybe not though cause yo usaid it picked it up during install of the game itself and not the patch... Never experienced such a thing.
Never used the Removal Tool or uninstalled - thought that the Backup image would restore it to the original state..

The quote was from SecuRom's website. I have no idea which RootKit detector they are talking about and I didn't run any - I took them at their word that it didn't install a RootKit (SecuRom, BTW is a division of SONY - well noted for Rootkits)
Reply With Quote
  #4 (permalink)  
Old April 16, 2010, 07:41 PM
headsh0t's Avatar
Hall Of Fame
F@H
 
Join Date: May 2009
Location: Winnipeg, MB
Posts: 2,568

My System Specs

Default

I don't doubt that there may be a rootkit included with securom because I thought thats actually what they did was stick it on your computer and it was there for good until you formatted, but I just can't understand why it would cause any corruption to any windows files not allowing it to boot. Where exactly does the machine start hanging during boot?
Reply With Quote
  #5 (permalink)  
Old April 16, 2010, 08:17 PM
LaughingCrow's Avatar
MVP
F@H
 
Join Date: Feb 2010
Location: Southern Ontario
Posts: 387
Default

Quote:
Originally Posted by headsh0t View Post
I don't doubt that there may be a rootkit included with securom because I thought thats actually what they did was stick it on your computer and it was there for good until you formatted, but I just can't understand why it would cause any corruption to any windows files not allowing it to boot. Where exactly does the machine start hanging during boot?
Not a very good image but this is where it hangs after the initial bootup:


Reply With Quote
  #6 (permalink)  
Old April 17, 2010, 01:12 PM
EaGle1337's Avatar
MVP
 
Join Date: Aug 2008
Posts: 419

My System Specs

Default

I can't see securom causing that one, try setitng achi to ide? the drive might be having some issues too try error checking it on another computer.
__________________

Reply With Quote
Reply


Thread Tools
Display Modes