Thursday, February 02, 2006

Anti-copying malware (StarForce) installs itself with dozens of games as a hidden driver

Although not business desktop news, there are some interesting facts here: Starforce is an anti-copying program that some games covertly install when you install the game. The software causes system instability and crashes. The company that makes Starforce refuses to address the damage their software causes; instead, they blame the people on whom their malware has been forced: "According to our research those of users [sic] that do run into compatibility problems are beginner-level-hackers that try to go around our protection system." The list of games infected with Starforce is long and depressing -- there are dozens of these. If you're a gamer, you owe it to yourself to have a look and check to see if Starforce might have damaged your PC. What's more, you should join the boycott of any game that comes with this malicious software onboard. Under Windows XP, if packets are lost during the reading or writing of a disk, XP interprets this as an error and steps the IDE speed down. Eventually it will revert to 16bit compatibility mode rendering a CD/DVD writer virtually unusable. In some circumstances certain drives cannot cope with this mode and it results in physical hardware failure (Most commonly in multiformat CD/DVD writer drives). A sure sign of this step down occurring is that the burn speeds will get slower and slower (no matter what speed you select to burn at). Starforce, on a regular basis, triggers this silent step down. Until it reaches the latter stages most people do not even realise it is happening. Moreover, the Starforce drivers, installed on your system, grant ring 0 (system level) privileges to any code under the ring 3 (user level) privileges. Thus, any virus or trojan can get OS privileges and totally control your system. Since Windows 2000, the Windows line security and stability got enhanced by separating those privileges, but with the Starforce drivers, the old system holes and instabilities are back and any program (or virus) can reach the core of your system by using the Starforce drivers as a backdoor. Here is the link that shows you how to easily discover hidden drivers and also how to remove starforce.


Post a Comment

Links to this post:

Create a Link

<< Home