Before I start I will say again that Securom is not a Rootkit. It may have Rootkit like behaviour but IT IS NOT a rootkit.

I comeback to list more issues, except for 2 or 3 people, I´m getting some good feedback so I think its worth listing Securom issues. This time I´ll try to simplify my report

Simple Windows Operating structure:

A device in Ring 0 has more authority than anything in any other run level.

So any checks or interception in Run level 2 or 3 can be easily bypassed by Stealthed CD/DVD emulation. Running in Ring 0.

When stealthed, unless the DRM also runs in Ring 0, it cannot find it. If it does manage to find one or more of it's services. The likes of Daemon Tools or Alcohol 120% quickly write an update patch to compensate for this.

You can feed false data from Ring-0 to Ring-3 not the other way around.

in this link the picture of the Intel Ia32 protection rings is self explained:

http://www.extremetech.com/article2/0,1697,1156611,00.asp


Level 0 : Operating system Kernel (highest privilege)
Level 1 : Operating System Services (Device Drivers.etc)
Level 2 : " " As above
Level 3 : Applications (lowest Privilege)

As we know Virtual devices emulating hardware by definition, so the O/S sees it is easily as a genuine hardware.

Well:
DevStudio ASM

#ESC00000004: Sony MAPI Layer 2.4.17.1 *rooted to WinAPI (explorer.exe)
#ESC00000121: SSECROM DLApi v8.2.2 *rooted to WinAPI (explorer.exe)
#ESC000002C1: SSECDLL Miniport services *rooted to core (kernel Win32 layer)

The last one, a Minicom driver? hmm what would be the purpose of a Minicom driver other than communicate a Virtual Device with the Kernel? This Device is a virtual Network Interface Card, ans my point is that is used for activation purposes.

Ask yourselves?
What would be the purpose of this driver if is not working as I have said? How would be useful if this Minicom driver runs at Ring-3, and installing a Virtual Device NIC in ¿Ring3? and anyone of the higher Rings can false feed data to this driver rendering this useless?

All this drivers may SIT in ring-3, but that´s just a smoke screen as the basic O/S structure PROOFS (yes AJ crowd, for honest readers this is a proof, common sense, logic etc.). So it SITS at ring-3 but it has RING0 access because....

Before I say the reason I will speak about emulation.

To allow the emulation to run faster on lower end systems, most code writers code as HLE (High level emulation) in which you only emulate what is specifically needed in the hardware at any given point in time.

The PC based N64 emulator is good example of HLE in use.

Because of this HLE approach, Any DRM running as a (Virtual App) , with higher access in Ring 0 can expose the lack of the other registers if they look in the right place at the right time.

You cannot do this from Ring 2 or 3 as your driver/application does not have the authority to make such enquiries of the hardware from there. Normal Window Security protocols prevent it.

Although not impossible to do form those run levels. If you circumvent the windows security protocols. Then your DRM stops being a DRM and is legally classified as a virus and you will be prosecuted.

So Securom has 2 options: Running in Ring0 or circumvent Windows Security protocols.

AJ, I would like your answer other than "proof this" or similar troll response.

Warmest Regards
Sblade

I loled.

10 chars.

Thanks, Sblade, nice and somehow disturbing article.

hmmmmmmmmmmmmmmmmm

Thanks, Sblade, nice and somehow disturbing article.

QFT, my exact thoughts.

I loled.

10 chars.

you lol`d ?

i started lolling here >
yes AJ crowd,

and almost fell of me chair here

AJ, I would like your answer other than "proof this" or similar troll response.

even released a lidda bidda wee wee here


Warmest Regards
Sblade



i get the feeling,somewhere in his house is a large collection of shopping bags,toothpicks and used toilet paper.
maybe even glass jars filled with his excretions from the last 5 years :o

AJ, I would like your answer other than "proof this" or similar troll response.


Well he ignored that bit. Guess that means he agrees with you seeing as he has absolutely no answer of substance.

Well:
DevStudio ASM

#ESC00000004: Sony MAPI Layer 2.4.17.1 *rooted to WinAPI (explorer.exe)
#ESC00000121: SSECROM DLApi v8.2.2 *rooted to WinAPI (explorer.exe)
#ESC000002C1: SSECDLL Miniport services *rooted to core (kernel Win32 layer)
What program produced this output? Looks like pure BS to me. Post screenshots.

Well he ignored that bit. Guess that means he agrees with you seeing as he has absolutely no answer of substance.
i did NOT ignore it..as you can see by opening your eyes abd looking above.

he asked for my opinion,and in the same sentence tells me what i am not allowed to answer with.

and as i stated..i almost fell orf me chair laughing.


its like someone asking..."whats 1 + 1...but dont tell me its 2"



and also notice i am not even mentioning that this is just more reguritation that ended when people asked for proof of the nefarious claims.:rolleyes:

Your example isn't a good one AJ, because opinions are not truths.

Your example isn't a good one AJ, because opinions are not truths.

not quite right

its also my opinion that plopped your testicles in a sleeping lions mouth and flicking his testicles with a wet towel is not a good idea.

is that not an opinion and truth ? :D

I was hoping you would say that...

I recall him saying he asked for an opinion...not an opinion/truth for which we will from now on call a goob for the sake of non-confusion.

Had he said "in your goob..." we would have been blessed by your knowledge; instead of something that isn't so blessing like (in his opinion that is to say, and not a goob).

Opinions are not truths...but they can be congruent with a truth.

Yet it is entirely possible that you're going to ask me..."But I think what I initially said is very congruent with a truth Anti"...

Just how congruent they are with a truth is also a matter of opinion...for the indeterminable such as say "are viruses alive?" you can never achieve such definitive endings to the argument.

Now we find ourselves at a quandary, does the opinion have value if a lot of people feel the same way? If not, where did the original morals upon which society is held to this day come from? And if so, does that mean that morals have no value because they are merely popular opinions? And if so what does that say for the very laws of the land, laws which were inspired by such morals?

Wait...So is SecuROM Ring3 or Ring0, or a bit of everything?
*Noob, sorry*

And if so what does that say for the very laws of the land, laws which were inspired by such morals?

ahhhh..but laws are inspired and forged from greed and dishonesty.

the common man doesnt make the laws,its ony those with gains in mind who ever make the laws.

for example....

we cannot tax the weed,
we cannot control the weed,
we must stop the common man using the weed.

write some new laws,
persecute the common man.

sooth,verily and a hey nonny nonny :D

i did NOT ignore it..as you can see by opening your eyes abd looking above.

he asked for my opinion,and in the same sentence tells me what i am not allowed to answer with.

and as i stated..i almost fell orf me chair laughing.


its like someone asking..."whats 1 + 1...but dont tell me its 2"



and also notice i am not even mentioning that this is just more reguritation that ended when people asked for proof of the nefarious claims.:rolleyes:

/yawns. Yeah whatever mate.

What program produced this output? Looks like pure BS to me. Post screenshots.
What? You mean you've never heard of the immensely (http://www.google.com/search?q=%22DevStudio+ASM%22) popular (http://en.wikipedia.org/wiki/Special:Search?search=DevStudio&go=Go) 'DevStudio ASM'?

Next you're going to say that crucial software elements he's 'discovered' like the Sony MAPI Layer (http://www.google.com/search?q=%22Sony+MAPI+Layer%22) and the SSECROM DLApi (http://www.google.com/search?q=%22SSECROM+DLApi%22) aren't being more widely discussed in the world of computer security.

Face it, this Sblade is talking out of his arse, creating seemingly convincing-sounding screeds of jargon which are quite effective at confusing concerned games-players. But, IT DOESN'T MEAN ANYTHING. More importantly, SBLADE IS A TROLL, POSTING UTTER RUBBISH. PLEASE IGNORE HIM, AND HE WILL GO AWAY.

Thank you.

lol AJ you're a trip to argue with I enjoyed it thoroughly =)

It seems you have more companions than I thought.
I didn´t ask for your opinion, I never ask for anyone´s opinion. I expected counter arguments.

Well in fact theré is no counter arguments other than insults from Aj or his crowd.

Come on they pay you so work in counter arguments. Study, research like I did.

And comeback with technical responses, otherwise give up your evil ways.

Your avatar creeps me the hell out AJ.

Your avatar creeps me the hell out AJ.

fear not...for i have protective herbs,balms ,beans and pulses for thee.

i need them too,for this sblade creeps me out too,with targeting me,i feel like i`m being offered sweeties and puppies by a wierdo in the park.
:D

What? You mean you've never heard of the immensely (http://www.google.com/search?q=%22DevStudio+ASM%22) popular (http://en.wikipedia.org/wiki/Special:Search?search=DevStudio&go=Go) 'DevStudio ASM'?

Next you're going to say that crucial software elements he's 'discovered' like the Sony MAPI Layer (http://www.google.com/search?q=%22Sony+MAPI+Layer%22) and the SSECROM DLApi (http://www.google.com/search?q=%22SSECROM+DLApi%22) aren't being more widely discussed in the world of computer security.

Face it, this Sblade is talking out of his arse, creating seemingly convincing-sounding screeds of jargon which are quite effective at confusing concerned games-players. But, IT DOESN'T MEAN ANYTHING. More importantly, SBLADE IS A TROLL, POSTING UTTER RUBBISH. PLEASE IGNORE HIM, AND HE WILL GO AWAY.

Thank you.

My thoughts exactly.

Don´t think I will go away until AJ crowd gives up or when someone counter arguments with other things than trolling.

You can write a Bible full of insults, and be sure I´ll come back.

with no further to say suckers, I go play Bioshock, haven´t finished it yet...

Don´t think I will go away until AJ crowd gives up or when someone counter arguments with other things than trolling.

You can write a Bible full of insults, and be sure I´ll come back.

with no further to say suckers, I go play Bioshock, haven´t finished it yet...
nobody was asking you to "go away",until they asked fo proof and you went all bipolar on people.

the only thing people have actually asked you for is to show one single piece of proof.
you cant find any...which is making you angry,and thus revert to name calling.

lets hope you take a longggggggggggggggggggggggggggg time to finish the game.

When it was found that Starfarce ran from Ring 3 to Ring 0 by emulating hardware by creating device drivers, everyone accepted it, because the proof was there, the OP, has provided some details, and the purported revealing of a minicom dvr is indeed worrying, because if that is true, then Ring 3 to ring 0 communication is definitely happening, moreover, if this communication is not one way only, then there is a HUGE security risk, but even if it is one way only, its still dangerous as a simple dropper on a website could spread easily and quickly via this method.

And before anyone scoffs, a proof of concept was presented at the opening of a lawsuit against UBiSoft using Starfarce, the judge accepted the risk existed and allowed the lawsuit to continue with that evidence.

UbiSoft dropped Starfarce like a hot brick after that decision.

Oh and AJ, stop spamming the forum, 625 posts in 5 days, most of them trolling, is excessive.

I do hope the admins are watching you....

Windows doesn't use anything except Ring 0 or Ring 3 on the x86 architecture. Ring 0 is kernel mode and Ring 3 is user mode. The reason behind that is that Windows NT is designed to be portable and not all processor architectures have the concept of rings so Windows NT divides things into kernel mode and user mode. Any addition permissions such as the distinction between an administrator account and a limited user account are handled in the software and not by the hardware.

In addition, Windows Vista muddies the water a bit with the addition of protected processes and process integrity. A process cannot interact with a process of a higher integrity than itself but it can interact with processes that have a similar or lower level of integrity.

When it was found that Starfarce ran from Ring 3 to Ring 0 by emulating hardware by creating device drivers, everyone accepted it, because the proof was there, the OP, has provided some details, and the purported revealing of a minicom dvr is indeed worrying, because if that is true, then Ring 3 to ring 0 communication is definitely happening, moreover, if this communication is not one way only, then there is a HUGE security risk, but even if it is one way only, its still dangerous as a simple dropper on a website could spread easily and quickly via this method.

And before anyone scoffs, a proof of concept was presented at the opening of a lawsuit against UBiSoft using Starfarce, the judge accepted the risk existed and allowed the lawsuit to continue with that evidence.

UbiSoft dropped Starfarce like a hot brick after that decision.

Oh and AJ, stop spamming the forum, 625 posts in 5 days, most of them trolling, is excessive.

I do hope the admins are watching you....

firstly i am getting sick of people using the starforce fracas as a comparison to the securom debacle.

secondly,wether or not you think theres a risk,its normal to show an instance and then screach at people to "run run the sky is falling"

thirdly,what the hell is it to you how many times i post ?
you posted twice and one of the snippets of wisdom is this >

I'm sat here wondering which think tank they used for their protection criteria, because they have no clue about real gamers or retail law.....and its going to come back around and bite them in the rear

bit up your own arse aint ya ?..deeming to know more than they how to run thier business .

most of the post count is replying to actual trolls,see ...just went up one

AJ, get the facts straight, did I compare SecuRom to Starfarce....NO.

I posted about very similar situations, I did not compare, nor did I say the OP was right, I said "purported", look it up before you make a fool of yourself.

And as for your post count, its all been drivelly replies, and uninformed drivel at that.

I would like to know who you think you are, you turn up on this forum five days ago, and just start flaming, are you perhaps a paid shiller, there is a lot of facts which you have dissed, and then gone on to flame those who have proved you wrong, to try and deflect the topic or get it closed.

Notice, I have just posted facts....

Your reply was just a troll post +1.

I would like to know who you think you are, you turn up on this forum five days ago, and just start flaming

Well, he does call himself AJ Rimmer... ;)

Anyway, to try to wrench this back to the actual topic, here is a summary of this thread , so far, from my point of view:

What SBlade has presented appears to be disturbing, if it is true. AJ Rimmer, and everyone else who has tried to refute SBlade's post has, in fact, merely flamed it and trolled without actually explaining at all in what way it is wrong. As such, whilst the argument supporting SBlade is, in fact, very weak, due to the severe lack of evidence presented, the argument refuting him, so far, is nonexistant. Unless someone does present evidence refuting him, that only leads me to the conclusion that there is the distinct possibility what he claims is true.

Well, he does call himself AJ Rimmer... ;)

Anyway, to try to wrench this back to the actual topic, here is a summary of this thread , so far, from my point of view:

What SBlade has presented appears to be disturbing, if it is true. AJ Rimmer, and everyone else who has tried to refute SBlade's post has, in fact, merely flamed it and trolled without actually explaining at all in what way it is wrong. As such, whilst the argument supporting SBlade is, in fact, very weak, due to the severe lack of evidence presented, the argument refuting him, so far, is nonexistant. Unless someone does present evidence refuting him, that only leads me to the conclusion that there is the distinct possibility what he claims is true.
It's impossible to provide counter evidence when there's no verifiable information.
If the OP was to provide information about how to reproduce his results, then we could all attempt to verify them. Untill he does that, there's no evidence to disprove.
He's not going to, though. He'll side step the issue untill the thread is closed (like his last one).
Ohh, and as damicatz noted ring levels 2 and 1 are not used on Windows. Claiming they do clearly shows his level of technical expertise.

I would like to know who you think you are, you turn up on this forum five days ago, and just start flaming, .

you have 3 posts,and 2 are flaming me...go figure
and in both you dont even have the dececy to say why.

not the brightest star in the sky are ya ?

another for the ignore function...see ya :D

It's an easy mistake to make. The article in question that was linked was discussing virtualization and virtual machines, where the rules are different. But on a standard system, where you aren't running the operating system inside a virtual machine, Rings 1 and 2 aren't used.

It's impossible to provide counter evidence when there's no verifiable information.
If the OP was to provide information about how to reproduce his results, then we could all attempt to verify them. Untill he does that, there's no evidence to disprove.
He's not going to, though. He'll side step the issue untill the thread is closed (like his last one).
Ohh, and as damicatz noted ring levels 2 and 1 are not used on Windows. Claiming they do clearly shows his level of technical expertise.

It's an easy mistake to make. The article in question that was linked was discussing virtualization and virtual machines, where the rules are different. But on a standard system, where you aren't running the operating system inside a virtual machine, Rings 1 and 2 aren't used.
Depends on your frame of reference. If you had to google what a ring level is, then yeah.

and also notice i am not even mentioning that this is just more reguritation that ended when people asked for proof of the nefarious claims.:rolleyes:

Is this idiot back?

Actually AJ it ended when I asked him to confirm or deny that he had invented the whole "trojankit" crap in his previous so-called "expertise" thread. Turns out it *was* completely fictitious, as there's no such thing as a "trojankit".

He slunked off, waited around to see if we'd forget about him, and now he's back to try and prove himself right.

Wonder if he'll produce any links to any of his claims this time or just ignore such requests like he did last time.

Is this idiot back?

Actually AJ it ended when I asked him to confirm or deny that he had invented the whole "trojankit" crap in his previous so-called "expertise" thread. Turns out it *was* completely fictitious, as there's no such thing as a "trojankit".

He slunked off, waited around to see if we'd forget about him, and now he's back to try and prove himself right.

Wonder if he'll produce any links to any of his claims this time or just ignore such requests like he did last time.


You do know that the term 'Rootkit' was created without much aknowladgement from leading computer eggs heads back in the day?

Trojankit, Marmite Weapon or what ever Sblade calls his investigation project doesnt matter if the results he presents speak for themselves. If you need an offical Mircrosoft Help Center definition for everything you read regarding computer tech then I suggest you stick to your Xbox of tricks and leave the grey cells to recover.

Is this idiot back?

Actually AJ it ended when I asked him to confirm or deny that he had invented the whole "trojankit" crap in his previous so-called "expertise" thread. Turns out it *was* completely fictitious, as there's no such thing as a "trojankit".

He slunked off, waited around to see if we'd forget about him, and now he's back to try and prove himself right.

Wonder if he'll produce any links to any of his claims this time or just ignore such requests like he did last time.

i did some checking,apparently it worked on the youger group at another site he boasts about,so he`s trying it here now for some weird reason.

a few posts about fictional "possibilities" and the young uns took the bait,and then it just grows with the ill informed.

NOW he`s trying to say theres an "AJ gang" :D



i guess this is why 100 years ago a coal mine could be sold with a few well placed shotgun blasts of gold dust into the mine walls.

on that subject...i have a bucket of steam here going cheap ;)
will throw in a free sky hook

from now on we should throw this link up everytime he trys it

http://en.wikipedia.org/wiki/SecuROM#SecuROM_v_7.x

How about a more informative link :
http://en.wikipedia.org/wiki/Architecture_of_Windows_NT

How about a more informative link :
http://en.wikipedia.org/wiki/Architecture_of_Windows_NT

searched that for "bioshock" and "securom" but got no results,are you sure thats the right link ?

searched that for "bioshock" and "securom" but got no results,are you sure thats the right link ?

I figured everyone on both sides that claims to know about how Windows NT works should read up on it.

BTW the only services that run in kernel mode are the executive services that come with the operating system. There is no such thing as a kernel mode third party service.

http://upload.wikimedia.org/wikipedia/en/6/60/Windows_2000_architecture.PNG

are not debugging tools by default kernel mode third-party services ? if by any other supplier.

are not debugging tools by default kernel mode third-party services ? if by any other supplier.

No. Depending on the debugger a variety of methods can be used. The most advanced debuggers (e.g SoftICE) actually run underneath the operating system, so the OS isn't even aware of it's presence, whereas others use kernel mode drivers.

are you positivley sure that no debugger is ;)

are you positivley sure that no debugger is ;)

Quite sure. A lot of times, drivers are incorrectly confused with Windows services. A Windows service is simply the modern equivalent of an old DOS TSR. It is a piece of software that runs in the background with no user interaction. As such, it is subject to the same restrictions as regular software.

Trojankit, Marmite Weapon or what ever Sblade calls his investigation project doesnt matter if the results he presents speak for themselves. If you need an offical Mircrosoft Help Center definition for everything you read regarding computer tech then I suggest you stick to your Xbox of tricks and leave the grey cells to recover.

What I need is someone who doesn't present his wholly manufactured terminology (accompanied with a pseudo definition perfectly tailor-made to fit said description) as researched fact, which he did.

FACT is that SecuROM is a 2 year old DRM which has never been exploited. Everything else posited by SBlade is opinion.

Latest SecuROM Versions are all 7.x versions which are released and updated
continuously. SecuROM 7.x installs its own service to user's computer
UAService7.exe - (ring 3), which works in ring 3 of the computer's operating
system.

Explanation of ring 3 (http://en.wikipedia.org/wiki/Ring_3)

PDF file
explaining in detail the inherent security of applications installed to ring
3 of your OS (http://www.is.s.u-tokyo.ac.jp/tech-reports/TR00-02-a4.pdf)

http://exelib.org/exe/236



Threat (0 is low, 10 is high): 0

Effects: SecuROM User Access Service

Status: 'uaservice7.exe' is not critical.

Path: uaservice7.exe



uaservice7.exe is the SecuROM User Access Service which allows users to
access Secure ROM images.



__________________________________________________ _____________

http://www.proc
esslibrary.com/direct...les/uaservice7 (http://www.processlibrary.com/direct...les/uaservice7)



UASERVICE7.EXE GENERAL INFO

Part of: SecuROM Virtual Drive

Common Path(s): %system%\UAService7.exe

Security Risk (0-5): 0

Spyware: No

Adware: No

Virus: No

Trojan: No



__________________________________________________ ______________



http://en.wikipedia.org/wiki/XCP[/UR
L]



http://www.xcp-aurora.com/



[URL="http://en.wikipedia.org/wiki/MediaMax_CD-3"]http://en.wikipedia.org/wi
ki/MediaMax_CD-3 (http://en.wikipedia.org/wiki/XCP)



http://en.wikipedia.org/wiki/Sec
urom (http://en.wikipedia.org/wiki/Securom)
__________________________________________________ _____________

Voila. Links backing my research. Let Sblade provide his. He's been asked multiple times to do so and has not, because it's extremely difficult to provide verification of one person's opinion.

As for you...you can go back to being oblivious to the real world now.

I might also add that it is possible to hack Windows to allow other services to run in kernel mode but it would require the modification of core operating system files, specifically the SSDT or System Services Descriptor Table. And even then, it's only possible in 32-bit Windows and not 64-bit. This is what a lot of rootkits do. But you'll never find legitimate 3rd party software that modifies the SSDT unless it's one of those crappy security suites like Norton (which is why Norton and Co are throwing a fit over Microsoft's decision to end that practice in 64-bit Windows).

64-bit versions of Windows require all kernel mode drivers to be signed and prevent modification of the kernel or core operating system files by a third party (PatchGuard).

you have 3 posts,and 2 are flaming me...go figure
and in both you dont even have the dececy to say why.

not the brightest star in the sky are ya ?

another for the ignore function...see ya :D

Because I was replying to your flames....rocket science not your major then :rolleyes:

If you flame someone, you WILL get flamed back, maybe you should step away from the keyboard for a second and wonder why people get annoyed with you, lets see, you came in and immediately started with your flames and accused me of comparing it to starforce, which I hadn't, you were in the wrong.

I then replied to another flame post that you made replying to me, and pointed out the facts, you are the one in the wrong again, you are the person who is too busy spamming flames to read whats been posted, and now you say I flamed you...

Grow up kid

Before I start I will say again that Securom is not a Rootkit. It may have Rootkit like behaviour but IT IS NOT a rootkit.

It's an Application Layer Rootkit.

You guys are running around in circles with mis and dis information. Your whole argument is either what ring it operates from, or it must be "hidden" to be a rootkit.

ALRs don't need to be hidden, it's in plain sight.

If you flame someone, you WILL get flamed back, maybe you should step away from the keyboard for a second and wonder why people get annoyed with you, lets see, you came in and immediately started with your flames and accused me of comparing it to starforce, which I hadn't, you were in the wrong.

Treat Rimmer as a red-headed step child. ;)

Example of Rimmer in action is: He's concerned that his 4 year-old kid will see the adult content of BS, but it fine playing the game in front of her in the first place.

He's a world of contradictions.

A Windows service is simply the modern equivalent of an old DOS TSR.

And if you experienced TSR proggies back then, you killed them as they took limited resources (especially when you had only 2KB of memory).

Today kids don't mind having 100MB services (let alone screensavers) running in the background, but older computer users will kill any proggie not needed as a habit -- I kill 500[b]byte[b] background proggies, not only to clear the memory, but to eliminate a wasted thread.

So terrible, terrible, terrible example.

..... Wikipedia..... For a reference..... LOL..... You guys do realize that anyone can mod those definitions right? :rolleyes: Also to those individuals who have already written several hundred posts on this forum.... Did it ever occur to you to get a life. :eek:

..... Wikipedia..... For a reference..... LOL..... You guys do realize that anyone can mod those definitions right? :rolleyes: Also to those individuals who have already written several hundred posts on this forum.... Did it ever occur to you to get a life. :eek:

The architecture of Windows NT isn't exactly a hot target for vandalism. And all changes are recorded in the history.

And if you experienced TSR proggies back then, you killed them as they took limited resources (especially when you had only 2KB of memory).

Today kids don't mind having 100MB services (let alone screensavers) running in the background, but older computer users will kill any proggie not needed as a habit -- I kill 500[b]byte[b] background proggies, not only to clear the memory, but to eliminate a wasted thread.

So terrible, terrible, terrible example.

Um, you didn't kill TSRs. They stayed loaded into memory until you rebooted the computer. It was always fun trying to juggle around programs to free up conventional memory needed to launch the latest game. Or using Memmaker and rebooting the computer about a dozen times before you got a configuration that allowed your game to launch.

Second, the Securom Service isn't 100MB. I don't approve of the DRM but that kind of nonsense only makes the opposition look foolish.

Third, randomly killing processes is a good way to screw up your computer. If a 500 byte background process is taking up too much memory, then you need to upgrade your computer (because any computer made within the last 5 years wouldn't be affected by such a small process, RAM wise).

True enough.

Also to those individuals who have already written several hundred posts on this forum.... Did it ever occur to you to get a life. :eek:

This is the second post I've come across mentioning post count. Why the hell do you care?

Um, you didn't kill TSRs. They stayed loaded into memory until you rebooted the computer.

Actually, you could kill TSRs. If you couldn't, your system would've crashed.

Second, the Securom Service isn't 100MB.

No one said it was. How about reading first, before dumper diving?

Third, randomly killing processes is a good way to screw up your computer.

If you knew your computer, you'd know what processes to kill without any problems. For gamers, you really need to learn it, unless you want to go with the whole mess of creating profiles.

I use GameXP. That does it all for me. :) Although restarting PC every time is annoying...

1.You cannot kill TSRs. You can remove them from autoexec.bat and then they won't load on the next boot but you can't stop them once they've already been loaded like you can do with a Windows service.

2.The 100mb quote had the implication that you were talking about Securom or similar services.

3.It has nothing to do with knowing your computer so much as it has to do with understanding the internals of Windows and what is and isn't safe to kill. And killing a 500byte process will provide no performance benefit.
Actually, you could kill TSRs. If you couldn't, your system would've crashed.



No one said it was. How about reading first, before dumper diving?



If you knew your computer, you'd know what processes to kill without any problems. For gamers, you really need to learn it, unless you want to go with the whole mess of creating profiles.

1.You cannot kill TSRs. You can remove them from autoexec.bat and then they won't load on the next boot but you can't stop them once they've already been loaded like you can do with a Windows service.

Stop reading Wikipedia for the info, as obviously you never worked on a computer until Windows.

Remove them from autoexec.bat? lololol No, you ADD commands to it to PREVENT the TSR to LOAD IN MEMORY. Those that can't be simply KILLed, can be removed FROM MEMORY in the same fashion (except for some that's system related, unless you're into bona fide hacking).

2.The 100mb quote had the implication that you were talking about Securom or similar services.

You assumed, and got caught. Don't assume it will get you nowhere.

3.It has nothing to do with knowing your computer so much as it has to do with understanding the internals of Windows and what is and isn't safe to kill. And killing a 500byte process will provide no performance benefit.

Many processes can be terminated from the task manager or service panel without harming your computer, let alone your work. Those really involved in ultra tweaking for that extra 10fps in benchies, will even terminate Windows services (or install a Windows lite version), all without problems.

Next thing you're going to tell me is that editing the Registry will destroy my computer completely. :rolleyes:

Next thing you're going to tell me is that editing the Registry will destroy my computer completely. :rolleyes:

No, that's the sort of tripe you're going to hear from the "SecuROM can't be removed UNLESS YOU REFORMAT YOUR HARD DRIVE!!!!!" idiots.

What I need is someone who doesn't present his wholly manufactured terminology (accompanied with a pseudo definition perfectly tailor-made to fit said description) as researched fact, which he did.

FACT is that SecuROM is a 2 year old DRM which has never been exploited. Everything else posited by SBlade is opinion.

Latest SecuROM Versions are all 7.x versions which are released and updated
continuously. SecuROM 7.x installs its own service to user's computer
UAService7.exe - (ring 3), which works in ring 3 of the computer's operating
system.

Explanation of ring 3 (http://en.wikipedia.org/wiki/Ring_3)

PDF file
explaining in detail the inherent security of applications installed to ring
3 of your OS (http://www.is.s.u-tokyo.ac.jp/tech-reports/TR00-02-a4.pdf)

http://exelib.org/exe/236



Threat (0 is low, 10 is high): 0

Effects: SecuROM User Access Service

Status: 'uaservice7.exe' is not critical.

Path: uaservice7.exe



uaservice7.exe is the SecuROM User Access Service which allows users to
access Secure ROM images.



__________________________________________________ _____________

http://www.proc
esslibrary.com/direct...les/uaservice7 (http://www.processlibrary.com/direct...les/uaservice7)



UASERVICE7.EXE GENERAL INFO

Part of: SecuROM Virtual Drive

Common Path(s): %system%\UAService7.exe

Security Risk (0-5): 0

Spyware: No

Adware: No

Virus: No

Trojan: No



__________________________________________________ ______________



http://en.wikipedia.org/wiki/XCP[/UR
L]



http://www.xcp-aurora.com/



http://en.wikipedia.org/wi
ki/MediaMax_CD-3 (http://en.wikipedia.org/wiki/XCP)



http://en.wikipedia.org/wiki/Sec
urom (http://en.wikipedia.org/wiki/Securom)
__________________________________________________ _____________

Voila. Links backing my research. Let Sblade provide his. He's been asked multiple times to do so and has not, because it's extremely difficult to provide verification of one person's opinion.

As for you...you can go back to being oblivious to the real world now.

WE have another social engineer. Did you teach him AJ? or it was Rasmusrc?

This service is not used on admin accounts. Tell me about the REAL Securom service.

But you won´t, it will only confirm my claims.

The proof of your lie is in Securom own´s page:

[url]http://www.securom.com/support_enduser.asp?t=3

Oh and AJ, stop spamming the forum, 625 posts in 5 days, most of them trolling, is excessive.

I do hope the admins are watching you....

That´s why I targeted him as the Boss. Do you have LOT of free time, didn´t you? Or do you work HERE and in other forums trolling?

You know Wizards of the Coast is releasing the 4th Edition of Dungeons & Dragons, they accept and need cooperation. Show them how a troll looks like. You are the master.

www.wizards.com

Soon I will add surprises, for now I will enjoy this. Your flames prove which side have you taken, without any evidence on the contrary I´m stating.

Continue, this time I´m enjoying this. :cool:

Tell me about the REAL Securom service.


Ah yes, the REAL securom service, you know, that super-secret one that so well hidden and deeply embedded into you Windows installation that even SBlade has only been able to find the merest hints of it's existence! The rest of the world lives in complete ignorance of this dastardly plot against mankind.

But you need to beware - you know what happens to people who get too close to the secret of the REAL securom service, don't you? They get disappeared. That's because *they* are watching! They can see when you're getting too close and with posts like these on a public forum it's only a matter of time until they find you! The evidence is irrefutable - no-one has ever spoken of the REAL securom service, that must mean they've been silenced. ALL of them! There can be no other credible explanation!

Just because you're paranoid doesn't mean they're not out to get you....

*dons tin-foil hat, packs bag and runs from the house before the men in black cars arrive*

Well I don´t know why but the fact is that Securom DOES NO LONGER STOP DAEMON TOOLS EMULATION AT LEAST IN MY COMPUTER

This only applies to Bioshock version. Because all lower versions of Securom continue stopping DT.

About Packard bastard question: I will never say "Securom has been exploited" because even if you have the data to support it you get sued morons

Nice move.

For now I will shut up, because all my arguments were based on DT.


Why no one of you big trolls tested Bioshock with DT?

I have to do all the work...

REPEAT THIS APOLOGIES ARE ONLY TO BIOSHOCK´S SECUROM VERSION, I KEEP ALL WHAT I HAVE SAID ON EARLIER VERSIONS LIKE TOMB RAIDER: LEGEND, SPIDERMAN-2/3, OBLIVION: SHIVERING ISLES, HEROES OF MIGHT AND MAGIC V AND THE EXP HAMMERS OF FATE. NEVERWINTER NIGHTS 2.

This is the best proof I´m treating with kids.

To AJ crowd: check other Securom´s games and challenge my arguments if you dare. But this will be off topic by now.

To the honest posters. I will come back if I find Bioshock´s Securom issues and I apologize for any confusion resulted from my research.

PM sent
Impending Lockdown
Mods, please lock, this thread has no sense.

Sorry guys but this forum is for General Game Discussion (http://forums.2kgames.com/forums/forumdisplay.php?f=19). Hence the name of this forum. It appears this thread has turned into more of a flame war between various people, which is not what this forum is about.

Thread locked.