1. Yeah, I figured it wouldn't be possible for the driver to load (assuming it is even still installed) without the service. However, for my own personal peace of mind, I'd love to fully remove any/all files associated with HackShield.
2. I didn't use any software to find the hidden service. Doing a little research showed me that HackShield installed a hidden service with that name, so all I did was go to the appropriate registry entry and confirmed its existence after uninstalling the game. While it is possible removing the game uninstalled the driver, I have my doubts. Even when the game was running, I was still unable to locate the driver in the specified directory, which is why I believe the driver always remains hidden and could still be installed.
3. This is the following BlitzBlank script I attempted to use:
The above script just returned error codes and loaded into Windows. I then verified that the service was still installed, so this is when I attempted to manually remove it.
My main concern now is two-fold:
1) I fear the driver may still be installed, which is undesirable to me. Even if it is dormant, I'd rather not keep a useless driver that I morally disagree with on my machine.
2) Considering that HackShield is clearly trying to hide and protect itself from tampering, I can't be sure what else this junk has installed in order to ensure its own integrity on my machine. This is the primary reason why I reached out to Emsisoft, so maybe a little more research could be done and the true behavior of this application could be identified. At the very least this could be considered a PUP to most users, especially since the game installation never asked to install it and the EULA of the game says nothing at all about a third-party monitoring tool. While I might be a little paranoid, I don't see how this practice is any different from other shady companies that manage to be placed into the signature database as potentially unwanted software.
When you visit the developers website (http://hackshield.ahnlab.com/hs/site/en/TheService/management.do) you can see that they offer some sort of monitoring service with their HackShield Pro product. While they may only be monitoring game servers and such, I am a little worried this "monitoring service" extends directly to each installed copy of HackShield so they can isolate and block "zero-day exploits" within games. Such monitoring services, especially ones located in other countries with more relaxed privacy laws (South Korea), kind of scares me.
Thank you very much for taking the time to respond to my post, Elise. I appreciate your help.