> Step 1:
> You make a software pass-throw VxD driver which will catch all
> read/writes to dongle as also responses from dongle.
> It does nothing, except monitors and logs activity to file.
>
> To get the log file you need 3 components:
> 1 VxD driver that virtualizes PC ports
> 2 DLL that talks to VxD
> 3 EXE application that loads the DLL and writes to file
>
> Step 2: You analyze the logs and maybe write some special
> programs to extract "Dongle Commands" and responses
>
> Step 3: You write a VxD that emulates dongle responses.
>
> Well now it should be possible to run without the dongle.
> Testing is required to ensure all works ok.
>
> happy dongling!
>
> antti

Lets assume the dongle includes a PIC (just to get slightly back on topic).
The PIC is programed with a implementation of DES (easily found on the net).
The PC generates a 64 bit random number and sends it to the dongle.
The dongle DES encrypts the random number with a secret key and sends it
back to the PC. The PC DES encrypts the random number with the same key
and compares.
There is no way you are going to be abel to figure out the secret key by
logging. So your aproach might work on old dongles but the person who asked
the original question can easily make a dongle that cant be beaten this way.
Both the dongle and the PC program must be made to be very hard to reverse
enginere but that is a different matter.

/PL