This is just logical suggestion. Facts:
- games use 3/4 SF drivers for copy protection when they start
- when they start, they replace all the registry values of driver services in HKEY_LOKCAL_MACHINE\SYSTEM\CurrentControlSet\ & all the sf driver files in sys32
So, 2 tactics:
- try to deny permissions 4 these files & reg values
- some bruteforcing prog to replace the driver files & their reg values every couple of seconds or less
& ur asking "replace with what"?! I say replace reg path with path to sfdrvxx.sys with path to sfcure01.sys & sf driver sys files crap with sfcure01.sys (renamed to their name, of course!)
This is just theoreticising, dunno does it work, so anyone can make bruteforcer/ hasn't got so complicated user, group & permission structure, should try this and post the results here