It’s not, it is done by the DRIVER, not the application. The driver is used by multiple, but not all, applications, and therefore could not be responsible for license management. This is verified by monitoring and analyzing various activities (file, registry, network, pipe, etc. accesses) performed by the driver and the applications.

Exactly. I asked if maybe it is required to defeat some new super-protection but was once again rudely rebuffed. (In that other thread SlyFox1 is either lying or did not actually read the original thread (note the date of his post and the last post of the original thread). I suspect that alan is in fact SlyFox1 himself or a coworker of SlyFox1 at Elby/Slysoft, which would explain his irrational defensiveness.)

Sorry, I was just so upset.


The most interesting thing about it though is Elby/Slysoft’s genius in using a random (or more likely hash) value for the filename of the temp file instead of using a standard name that contains the random/hash along with the other data. This way, it is next to impossible for people to look it up and find information on it.

Think about it: try to formulate a Google query for it. You cannot use the filename you have because the file has a different name on other systems. Google does not (currently) support regular expressions, so you cannot use that either. You cannot even use Google to search for parts of words like "c:\windows\s". (This is all assuming that the person has even realized the format of the filename, which most people to inquire have not.) Most people will not have traced the file to the software that created it, so they will not likely have used the terms ElbyCDIO (although in most HiJackThis logs it comes up for obvious reasons), and probably not even SlySoft, CloneCD, AnyDVD, CloneDVDMobile, or VirtualCloneDrive. They may possibly not even have used hidden, system (the two attributes that are set on the file). The effective query is reduced to “Windows .TMP” which is more or less useless. In fact, you cannot even search on it in most forums because .TMP is “shorter than [the default] 4 letters [term-length minimum]”. Therefore it becomes really, really hard to find other pages where people have posted questions about the file.

Very clever (or should I say sneaky.)

However, if you finagle the query enough, you will find plenty of pages among the results where people have asked about it, and/or been advised to use an in-use file deleter on it, etc. Of course as time goes by and more people update to a version that causes it, and more people become more savvy and look in their Windows directories to clean out junk, it will become more visible.


Anyway, I have long since ceased using and thouroughly removed all traces of Slysoft and Elby’s apps, trial and paid ones alike. (Despite the waste, I think removing them is “worth every dime”.) Gone are anything that even remotely have to do with Slysoft or Elaborate Bytes: program files, drivers, installers, registry entires, ini files, services, web pages, pics, (file) locks, rocks, jocks, fox (and sheep), boogers, lugers, and even the kitchen sink. There are other software out there, including ones that are even better, including some open source, (read trust-worthy) ones. Thanks in fact to this very forum for leads.