Quote Originally Posted by Sblade View Post
Ring 3 detection routines still have to go into Ring 0 if the program is in stealth mode. It already hides itself in the registry in that mode otherwise it would have been easy for DRM's to circumvent the circumvention.

Securom starts in RING3 and monitors the RING0... otherwise nothing will prevent DT stealth to false registry data and fool Securom.... when I say registry data.... what data CANґT be falsified from RING0 to the naive RING3?

Ring0 overrule Ring3, thatґs a simple fact no one can deny...
the only accurate thing about your post is the last bit,, as for the 'monitoring ring 0'.. total nonsense, and 'having to go into ring 0 if the program is in stealth mode'.. that really shows your lack of checking.. have you even tried to enter ring 0 from ring 3?...

as for 'registry data.. what data cant be falsified from ring 0 to the native ring 3'.. ring 0 is native.. so you got that the wrong way around, and data is data.. data in the registry does not magically turn into ring 0 data or ring 3 data.. its identical...

so please, do some research, test your theories before you post them and look foolish when the information you claim is right turns out to be wrong..