can anyone explain why madExcept creates the file madExceptWizard.txt in the root of drive c: ?? What is it's purpose ??
What other hidden drivers/devices are installed by the MadCollection installer ??
I am aware of all the bpl files the installer installs, but your docs say nothing about hidden drivers for the madcodehook.
Can you explain what these are please.
The madCollection installer doesn't create any hidden files.
When calling InjectLibrary for system/user/session wide DLL injection in the NT family, madCodeHook temporarily writes a driver file into the system's temp directory. The driver is then installed and the driver file deleted again. The file is on the harddisk for just some microseconds. This method is used by other software, too, e.g. as far as I know by some of sysinternals' tools, like the process, file and registry monitors.