Search found 10 matches

by Sebastiano
Tue Sep 13, 2011 4:14 pm
Forum: Basic
Topic: The Enigma Protector 3.00 BETA
Replies: 8
Views: 26837

Re: The Enigma Protector 3.00 BETA

Are u adding memory loaded dll into the PEB ? If not then what about resources inside of the dll, can i access 'em using standard resource api ?
by Sebastiano
Wed Feb 09, 2011 7:34 am
Forum: Problems
Topic: A bug ?
Replies: 6
Views: 19467

Re: A bug ?

unwake
Yep it should. Whats the compiler of ur app and res exe size ?
by Sebastiano
Sat Jan 22, 2011 12:50 am
Forum: Basic
Topic: Questions about markers
Replies: 5
Views: 15762

Re: Questions about markers

1. You should use vm in that parts of ur code what r not requring high execution speed but r critical for ur app engine 2. Not virtualized, code will be cleaned after the first execution, use it only in some init stuff that requires high execution speed, if there is no such places u should use vm in...
by Sebastiano
Sat Dec 25, 2010 12:06 pm
Forum: Basic
Topic: Trick Protection Analyzers
Replies: 11
Views: 30553

Re: Trick Protection Analyzers

No, he can't. Why u think that undetection will help in protection ?
by Sebastiano
Sat Dec 25, 2010 10:03 am
Forum: Basic
Topic: Trick Protection Analyzers
Replies: 11
Views: 30553

Re: Trick Protection Analyzers

No, u don't. Analyzer technique depends on signatures (some unique bytes sequence, one of thousands for enigma) also called as stubs. U can't hide from a scanner and hiding is not the point of the executable protection, this one goes to malware.
by Sebastiano
Sat Dec 25, 2010 9:44 am
Forum: Enigma Protector x64
Topic: Hardware ID Changes Again
Replies: 20
Views: 89509

Re: Hardware ID Changes Again

UAC at non'standard settings was always an evil. This accords to the wmi and such funcs as DeviceIoControl(), also there was strange UAC rule in vista x64 until KB_dont_remember_patch_num_ that CreateFile() needed admin rights to access some devices even with read_share & generic_read. So protected ...
by Sebastiano
Sat Dec 25, 2010 8:50 am
Forum: Basic
Topic: EXE's in Virtual Box cause Windows 7 security warning
Replies: 12
Views: 35648

Re: EXE's in Virtual Box cause Windows 7 security warning

@writer
Ofcourse exes are dropping to the hard drive cuz implementation of exe memory loading is complicated. If you want to disable this firewall popup you need to sign your executables with cert that has trusted root (for ex. verisign).
by Sebastiano
Thu Oct 14, 2010 7:26 am
Forum: Basic
Topic: Virtual Machine code mutation
Replies: 5
Views: 17165

Re: Virtual Machine code mutation

I didn't look inside of ur protector yet and don't know about vm organization :D Anyway on my opinion the best opcode set is risc-based, i used to write my own vm for few private projects, one is stack-based risc vm where im parsing each opcode into the set of add, imul etc opcodes that r not touchi...
by Sebastiano
Wed Oct 13, 2010 7:36 pm
Forum: Basic
Topic: Virtual Machine code mutation
Replies: 5
Views: 17165

Re: Virtual Machine code mutation

Thx, i hope that in every next build vm opcodes set will be different comparing with previous one, am i right ?
by Sebastiano
Wed Oct 13, 2010 2:02 pm
Forum: Basic
Topic: Virtual Machine code mutation
Replies: 5
Views: 17165

Virtual Machine code mutation

Hello, i wanna know 'bout mutation of native vm code - does it present at all ? :P