Announcement

Collapse
No announcement yet.

Hooking Windows API

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Hooking Windows API

    Operating System: Windows 2000 Professional
    Burning Software: Nero 6.3.1.10
    Anti-virus Software: AntiVir 6.27 / VICE 2.0
    DAEMON Tools Version: 3.46

    Hello,

    I have a little question... Why does the Daemon Tools Driver hook some Windows APIs like NtOpenKey, NtEnumrateKey etc.? Some tools indentify this as a rootkit technic...

    cya
    ScriptGod

  • #2
    If it does it then obviously there IS need for it.
    Such method also is used eg by Regmon and other system applications and there is nothing unusual in it.
    It is standard way of hooking APIs and surely cannot be used as method to "identify" something. So it is problem only of those tools if they see something bad in this.

    If you have more questions on this then you can mail me to venom386@daemon-tools.cc

    Comment

    Working...
    X