Detecting Daemon Tools

Quote:

Originally Posted by dyn!o

In my humble opinion the best way is to detect Daemon Tools by its MINI-PORT driver and BUS driver. If you will use window/class names then it takes fer seconds to change them and you will fail. If you will use generic like methods (drivers scanning) then you always are able to detect it. Of course do not try to detect them (drivers) by name but properties.

Correct but then you have only detected dtools not disabled the
emulation, it would be better to scan the system to find the position
of the dtools dll or exe file and disable all usefull stuff...
the question what else can you do to search for those files if changing
the registry entries failed?

[dyn!o]

A complete miss. Listen to my words, not only read

Obtaining location of exe/dll gives you nothing. Read my previous post once again. You should understand what role a driver plays in the system - notice it operates on kernel level.... You can kill/disable DaemonTools in a proper (professional) way.

"what else can you do to search for those files if changing the registry entries failed?"
Forget this idea - it is too simple and not effective.

Scanning files/directories/registry is not the way. What if I will change file name? What if I will change registry key location? What if I will change registry data?

Think about it.

Good luck.