Rich Fiscus
26 Aug 2007 18:56
News has been spreading through the gaming community that the PC version of the game Bioshock installs a rootkit on your computer. However, those reports aren't actually correct.
The report seems to have initially come from a website called Gaming Bob, where it was accurately reported that Microsoft's RootkitRevealer software found some suspicious registry entries after Bioshock, using SecuROM protection, was installed.
The problem is that RootkitRevealer doesn't actually identify rootkits. What it does is look for suspicious registry entries that may belong to a rootkit.
According to the SecuROM website, "SecuROM™ will install a Windows™ service module called “User Access Service” (UAService) on your system. This is a standard interface commonly used by several other applications as well. It is no spyware or rootkit at all. This module has been developed to enable users without Windows™ administrator rights the ability to access all SecuROM™ features. Please be assured that this service is installed only for security and convenience purposes. Since it is a standard Windows™ service, you can stop and delete this service, like any other Windows™ service. If deleted, the access for non-administrator users to SecuROM™ protected applications will be affected.
In other words, SecuROM is still a way for software producers to screw with you, but as of right now it's not a rootkit, and given recent public relations nightmares involving rootkits it's not likely to become one in the near future.
Source: Ars Technica