this has already been mentioned here: http://www.daemon-tools.cc/dtcc/showthread.php?t=6609
the hidden entries are your virtual drives.

I just checked my older version of DAEMON 3.47 and it shows a hidden key. I tried to delete it by exporting the visible keys and then deleting the Cfg folder, but apparently RegEditX can't.

I'm also very curious as to what Daemon is doing here.

ps. I don't use Daemon to play any games.


My hidden key from RootkitRevealer
----------------------------------.
HKLM\SYSTEM\ControlSet001\Services\d347prt\Cfg\0Jf 40 2/5/2006 10:08 AM 0 bytes Hidden from Windows API.

The following letter is my PERSONAL VIEW of this
article and the motivation behind it: it does in
NO way reflect the opinion of The Daemon Tools Team,
it is only the opinion of a member, exactly: me

Apart from the technical correctness, I find it
interesting how can someone mention "DMCA" (funny,
as if the whole world live in USA!) and on the
other hand publish internal mechanisms of other
peoples software. I'm not sure, but to me it seems
like reverse engineering, although
we do not even think about lawyers here. Yes, Mr.
Russinovich, try that with other vendors and you
will see the difference. That doesn't mean
necessarily that we accept his behaviour, to me
this guy is "prey water and drink wine". Some
people seems to be "ethical more equal" then others,
seems to be entitled to use any method while others
only defend themselfes and get bashed for that
reason.

Well, yes, the technical description is in fact
not untrue.

What worries me the most is that Mark Russinovich,
whom we always respected as a honorable person,
did never contacted us to talk about our intentions
nor does he ever contacted anyone of our team.

While I have big respect for his work, it seems one
here lacks at least what I would call "honorable
behaviour, good attitude" or whatever you want to
call it.

In my personal opinion(!) it seems to me that Mark
Russinovich is hardly defending the DRM-Lobby, so
his comments about DRM and DaemonTools are under-
standable (from his point of view).

Yes, DaemonTools use Rootkit-Technology. But:
We never tried to "hide" that fact from the users.
And you must AGREE to install our software. We
are not interested in personal data. And you have
the nerves and mention DT/Alcohol and Sonys rootkit
in the same phrase? My gosh!
For what reasons? Do we harm someone here? Only because
Mr. Russinovich sees no deeper reason behind it it
makes DaemonTools a bad application which harms the user?

Do you really think we designed this for fun? I think
everyone can imagine why we had no other choice. For
gods sake, some posters here doesn't believe any word
that is written only because it is from a very honorable
person. And again: I can even understand his thoughts,
he support copyprotections, lobbyism and dmca, tcpa and
drm. Good, thats an opinion and we respect that, but I
find it really strange that without proper reason some-
one try to destruct our reputation and that without even
one single notice to US!

If there's one thing I dislike it is when without
SECURITY-reasons type in a complete articel to discredit
the DaemonTools Team.

Moreover I want to add that we always react and do not
pro-actively implement functions (hooks, if you like),
but instead often have to react to even make an
uninstallation of DaemonTools unneccessary - even if
the user plays from original!!! Imagine that, I'm pretty
sure that this behaviour alone is not fully legal, but
again, that is my opinion and you are entitled to have
your own. You are welcome to show us your new vdrive-
design which makes all this possible without RK-technology
only to satisfy some "I'm pissed off by this technology"-
guy!

I'm really curious about the next articles from Mark,
it's sad that such an intelligent person isn't even
able to write some lines to get in touch with the
authors. If something is unethical, than it is THIS
behaviour and nothing else. Apart from that in most
countries emulation is legal. At the end of the day,
our drive is nothing more or less then a hardware-drive
in a software-form. There are MORE then enough ways to
prevent piracy, f.e. serial-numbers to only mention ONE.
Now go ahead and bash against the other vdrives as well!


I really hope that in the future this is again a site
that is more neutral and Mark doesn't fight the war
for Sony and everyone else who think that all the power
should be in publishers hand and doesn't care a shit
about the users

One day, when DT is gone, maybe Mr. Russinovich will
find out what it means when noone stand in front for
your rights. But then, it seems that he doesn't care
about that rights anyway. To sum it up, the whole article
is written to discredit us. It is a shame in my point of
view. To me here someone is pissed off by reasons I can't
imagine, maybe because his "uberleet" rootkit revealer wasn't
able to open the key or whatever.

however, this is my personal view of things! Now at least
we both had our 15 minutes of fame, correct? If you
want a more serious discussion, you are welcome to contact
me by email, which is locutus@daemon-tools.cc

with best regards
LocutusofBorg


---------------------------------------------
This is (nearly) an exact copy of what I posted also
on Sysinternals.
It seems to me that there are people out there that
doesn't know the difference between "bad" behaviour
of software and a TECHNOLOGY in general.

Soon, Microsoft will use similar technologies to hotpatch
the system - I'm curious if Mark will bash them for their
technology? No, he would NOT. He is simple a big fan
of DRM - therefore we are not on his "friends" list.

The "Rootkit" from DaemonTools does NOT harm the users
machine, nor is it possible to hide malicious code.
Apart from that, the whole rootkit-discussion is so biased
that it virtually makes me feel sick to read how "experts"
warn of a big big wave of "dangerous applications"....

HELLO!!!! Someone out there? Trojan-developers will care
a shit about ethics and they will use this technology for
totally other reasons. But they will also use many other
technologies, f.e. the file-system, jpeg-compression (to
transfer screenshots f.e.).... OK, lets just forbid every
jpeg-compression, or even better every compression in general.... afaik, warez are often zipped!!!

Even F-Secure mentioned that there are also "good" applications
out there. If you think that DT is such a good tool, fine.
If you believe that we are a bad application:

We make no secret that we hook some functions (like f.e.
most copyprotections seems to do so, too)

We do not force you to install our software nor are we
interested in your personal data.

If someone thinks our technology-design is bad, well, go on..
deinstall it!

just my 2 cents!

In the sense of Mark Russinovich's definition Alcohol and Daemon Tools use rootkits. They hide their presence on systems to prevent some protections to render even their originals useless if either Daemon Tools and/or Alcohol are installed.
Unfortunately this was required due to the amazing stupidity of some protection creators, which blacklisted everything in registry what could point to either of the programs being installed - including even harmless applications like e.g. Alcoholer -, and refusing to run even with the original media unless the applications found by this blacklist-overkill were removed.
This is for sure NOT comparable to Sony's rootkit!
Daemon Tools v4.0x is not present in control panel -> software add/remove anymore due to this stupidity of some protection creators.
Anyway, Mark Russinovich's opinion is that no "good" (in the good vs. evil sense) software has to use rootkits. Greg Hoglund says "(...) the strongest technology available for protecting software is the rootkit." - now figure for yourself what Daemon Tools and Alcohol actually do.
We use rootkits to protect a) our own intellectual property, and b) the property of our customers and users they paid a lot money for, and have a right to use it even with Daemon Tools installed.

I think Mark is full of himself at this point. Seems he thinks he brought Sony to its knees single handedly.

From what I remember reading he was NOT the first one to publish the fact that Sony used a Rootkit. I'm too lazy to find the article where I read this.

Now that he's 'King of the World' he is going after the great 'RootKit conspiracy'.

I read all about this matter - -

This seems to be the classic prejudiced, brainwashing and dumb-thinking effort to bring people on the way of one's own.

Mr. Goebbels did exactly the same thing.

And, anyway, talking about DRM, TCP and the like: some people are that greedy that they ruin their own basics in the end. They are just too stupid and ignorant to reasonably think about it.

Shame on Mr. Russinovich - long live Daemon Tools!

I don't think that you can compare goebbels with a rootkit and/or russinovich. Think before posting rubish.

as locutus stated

there is a slightly difference between the sony rootkit and the "rootkit" (as I don't see it as such) daemon tools installs.

sony didn't inform the users that something was insatlled on their machines, which was in fact very bad for sony's reputation.
in the case of daemon tools you know what you are installing and if not you better deinstall it and start to inform yourselves about what you are installing before you do that for any further software you want to use.

so don't start to panic and search your reg for these keys, just to find something you can cry about.

daemon tools is a great and hard peace of work, which makes our all lives much easier.

at last I want to say, give a s**t on this article Mr. M. R. wrote because it's just out there to miscredit daemon tools and the crew. it's cleary a drm propaganda article

added my 2 cents too

Well - what do you mean by "some things should be clear"???

Remember - to communicate effectively, people have to tell each other what they think. Otherwise you're just spitting emotional puddles on my shoes . . .

Am I correct that Sony used the autorun facility to secretly install their software? If autorun is disabled what would happen?

Now as far a a program (like DT) that installs a so called RootKit do you think the EULA would specifically state it's a RootKit? Do you think even if they did people would know what it was? Oh yeah, Russinovich will let us know. Champion of the people that he appears to be at least in his own mind.

All the EULA will say is that 'something' is being installed on their computer. DUH, you are installing a piece of software. How else can you install it if not onto your computer.

I personally think EULAs are a joke. Just like fine print people don't read them. The manufacturers and lawyers know this an rely on this fact. Also they are becoming mini novels in length and full of legalese.

What I'd really like to know is:

Is it absolutely necessary to use rootkit techniques to make our legal backups run with Daemon Tools?

Rootkit techniques can impact the operating system stability, so they should be avoided at all costs.

Is there really no other way? None at all?

Regards.

GRRRRR

So many people are talking about 'Rootkits' without having the faintest idea about 'Root(s)' ...

So, here is my explanation:

Rootkits are intended to slice celery roots .

With this in mind -> Daemon Tools is really, really amazing.

I will buy a second license! (present for my mother)

Have a nice day,
blue

Hello to everyone. You are correct streetwolf. One of the ways Sony used to install its rootkit, was by using the autorun feature. You ask what would happen if a user decided to disable such a feature (and a wise decision that is)? As a matter of fact the rootkit would eventually be installed just the same. You see, in order for the cd to be played on a PC, you have to install the software that comes along with the given cd (that means you also install the rootkit). Great stuff, ain't it?
However, what most users don't know is that all those (expensive) tecnologies that these individuals have to come up with, can easily be circumvented with the use of Linux.

It's REALLY REALLY intollerable that you have to pay for a cd that isn't 100% compatible with all players, that can be copied only a given number of times and furthermore creates a huge security hole that can be (and has been) used by virus-trojan-spyware-adware writers in order for them to gain access to your system.
But the really stupid thing about it is that people continue to buy those protected cds, accepting this situation as being a normal one. Try to use the above example let's say for a book.
You go to a library, you choose a book and just when you're ready to pay it, you see a sticker on it saying "By buying this book you accept the following:
1) The font used does not guarantee this book to be leggible by all people
2) This book can be read an unlimited number of times in your living room but only up to 3 times in all other rooms or houses
3) You are not entitled to use or copy any phrases from this book
4) This book can give away your vault's combination to anyone who opens it. "
Now take away the sticker thing (a lot of cd son't even have that) and there you have it. Would anyone consider this normal? Would anyone EVER buy a book like that? Nevertheless there are people that still byu cds like that

For LocutusofBorg

I'm extremely happy to see an answer like this to Mr. Russinovich's article on Daemon Tools. I too have come across this one and it got me really angry.
However Locutus I believe you should make a more rigid stand as far as the rootkit acusation (I could have used another term but this is what this article was all about) goes.
I.e. Daemon Tools DOES NOT contain ANY FORM of rootkit.
This is an extract from the definition of rootkit in Wikipedia:

"A rootkit is a set of software tools frequently used by a third party (usually an intruder) after gaining access to a computer system. These tools are intended to conceal running processes, files or system data, which helps an intruder maintain access to a system without the user's knowledge"

As can be seen, the way Daemon Tool's functions are used, serve an entirely different purpose that is not even close to the definition of a rootkit.
Using the way that Mr. Russinovich's thinks (or tries to induce other people to think) one could say that antiviruses are using virus tecnology just by the fact they contain a portion of virus signatures. It's clearly false, and a sign of great ignorance (or perhaps something else?) on behalf of Mr. Russinovich.

This said I'm appologizing for the length of my post and end here.
Cheers to everyone!

Well said...

People usually forget that "toolkits", or whatever we could name that, are just technologies... and by the way they are not bad nor good.

Like science, it's its use which is good or bad...