It's easier than that, but um both Themida, and identifing near EOF you can notice what version it is, by comparing your own protected applications, you know what version you've used. Use Peid for this, and try find a cool signature Database, I hear the next version of Peid will contain loads of signatures.Rheini wrote:Pretty simple? Doesn't this old version of Themida/Xtreme Protector use an aggressive ring0 driver?
And what about some tools identifying Xtreme Protector (though that one section is named Themida)?
Are both protections used?
It does not use any kernel driven driver, it use hooks allthough.
Which case, you wont have to bother now, since i supplied you with a decrypted code dll.