Author Topic: BioShock rootkit removal  (Read 965 times)

0 Members and 1 Guest are viewing this topic.

ZOldDude

  • The Unknown Rank!
  • Administrator
  • MasstKer
  • *
  • Posts: 20874
  • Old School TKC
    • View Profile
    • Admin
BioShock rootkit removal
« on: August 30, 2007, 02:07:11 am »
TakeTwo (2K) is up to it's same old crap and is using yet another version of a Sony (SecurRom) rootkit for not just the full game but ALSO the demo!

Here is BioShock rootkit removal...




Securom uninstallation instructions for Windows XP SP2
 
Disclaimer 1: Only attempt these uninstallation instructions if you are reasonably computer literate and have backed-up your entire system.
Disclaimer 2: Only attempt these uninstallation instructions if you have no games installed which require Securom to be present.
Disclaimer 3: Only attempt these uninstallation instructions if you previously had to authorised your PC with Securom before you could play a game and that game is now uninstalled.
 
* Step 1: Uninstall the Bioshock demo or full game.
 
* Step 2: Remove the Securom registry entries.
The Securom registry entries are deliberately made non-removable by default. In order to remove them goto http://www.microsoft.com/technet/ and grab RegDelNull registry editing utility from Microsoft and install it on your C partition. 
Run the following two commands from a Windows command prompt: "C:\regdelnull HKEY_CURRENT_USER\Software\SecuROM -s" and "C:\regdelnull HKEY_USERS\<Computer specific key>\Software\SecuROM -s" where "<Computer specific key>" can be determined by searching the registry for the "Securom" directory key. This "<Computer specific key>" typically has a form like "S-1-5-21-2052111302-1757341266-724545543-500". Once these two RegDelNull commands have been successfully issued the registry should be checked to confirm that these two keys have been deleted. If they are still present they will now be removeable due to the action of the RegDelNull utility.
 
* Step 3: Removal of the Securom service and related utilities.
Open a Windows command prompt and change directory to "c:\windows\system32". Type "uaservice7 /remove". This will stop the Securom user access service, and clean up its relevant registry entries. On the Windows command prompt type "regsvr32 /u cmdlineext.dll". Reboot and then manually delete the files "uaservice7.exe" and "cmdlineext.dll" from "c:\windows\system32". Note: Both of these files are Securom installed files which can be verified by checking their file properties (Right click - Properties).
 
* Step 4: Removal of Securom files under "C:\Documents and Settings".
Securom installs a hidden directory with 6 files under "C:\Documents and Settings\<Your Administrator name>\Application Data\Securom". The first 4 ordinary text files can simply be manually deleted once Windows explorer has been configured to show hidden files and folders. The two remaining malformed nominally unremoveable files require a special method to delete: Invoke a Windows command prompt with full Administrator privileges by typing the following into a Windows command prompt: "at <your current time + 1 minute> /interactive %systemroot%\system32\cmd.exe" e.g. "at 9:02pm /interactive %systemroot%\system32\cmd.exe". This will open a new Administrator command line when the time set has been attained. In this new command prompt change directory into the Securom folder e.g. "cd C:\Documents and Settings\<Your Administrator name>\Application Data\Securom". Issue the following command to show the two remaining hidden malformed files: "dir /A". To delete the two remaining hidden malformed files issue the following command: "del /F /AH *". Confirm "yes" for each of the two file deletions of the malformed files. Finally, the directory "C:\Documents and Settings\<Your Administrator name>\Application Data\Securom" can be deleted as per normal practice from within Windows explorer.

*While we crash and burn, small, low tech, agrarian societies such as the Hmong in the mountains of Laos will continue on without so much as blinking an eye.*

ZOldDude

  • The Unknown Rank!
  • Administrator
  • MasstKer
  • *
  • Posts: 20874
  • Old School TKC
    • View Profile
    • Admin
Re: BioShock rootkit removal
« Reply #1 on: August 30, 2007, 03:53:59 am »
Check this out....a developer gets his POST on the TakeTwo (2K) forums deleted!

Same old bunch of people running TakeTwo who brought you games Like Vietcong2 which NEVER gave you the stats server like they told you on the box...have been in hot water/fined by the FTC (cooking the "books" to get stock prices up) and seem to constantly be under Federal investigation and involved in Federal court actions.

Software companies need to wise up or risk failure as Pterodon and even publishing companies TakeTwo (2k/Rockstarer) owns like the now defunct Gathering of Developers...and just not use TakeTwo or ANY of it's holdings to "publish" their products.
Or...go ahaed and use them if they like to lose money and get raped.

Be sure to read some of the comments following the article:
http://www.destructoid.com/bioshock-s-big-daddy-silenced-by-2k-forum-mods-internet-fast-like-cheetah-41076.phtml#comments
« Last Edit: August 30, 2007, 04:05:23 am by ZOldDude »

*While we crash and burn, small, low tech, agrarian societies such as the Hmong in the mountains of Laos will continue on without so much as blinking an eye.*

M. O.

  • Administrator
  • MasstKer
  • *
  • Posts: 9185
    • View Profile
    • http://www.tkc-community.net
Re: BioShock rootkit removal
« Reply #2 on: August 30, 2007, 05:15:13 am »
Strange they didn't put a programmer as project leader. +Wouldn't be fun to be that mod now lol. Angry fans, and soon an angry publisher.  :icon_thumbsup
Heckling is an art, and game hacking a science.

d3dsh33p

  • Online Villain
  • ***
  • Posts: 220
  • fuck shit wtf is happening
    • View Profile
    • the harrasment authority
Re: BioShock rootkit removal
« Reply #3 on: September 07, 2007, 07:40:49 pm »

Oynky

  • Banned
  • The Central Committee
  • Master Heckler
  • *
  • Posts: 2437
  • 6f 6d 67 68 61 78
    • View Profile
    • Teamkill and cheat community
Re: BioShock rootkit removal
« Reply #4 on: September 14, 2007, 08:39:36 pm »
i dont like the game.  :icon_sad2

[TKC]Wesker

  • ArmA's Most Wanted
  • The Central Committee
  • Master Heckler
  • *
  • Posts: 2209
  • The Illusive Man
    • View Profile
    • TKC Tube
Re: BioShock rootkit removal
« Reply #5 on: September 14, 2007, 08:44:44 pm »
i dont like the game.  :icon_sad2
same here...
I thought it felt way too console port like.

The Illusive Man