Notice
Recent Posts
Recent Comments
Link
- Korea times
- 끌리면 오라...BGM 광고음악 라이브러리
- KartOO visual meta search engi…
- E-Book
- Channel9
- MSDN
- 여리의 작업실
- 유경상의 .NET 블로그
- window 쪼물딱 거리기
- 블루 홈(소현이 누님)
- IT 관련 전반 내용(정환이네)
- 비너스의 정보 공유(유틸리티들)
- 형기의 자료공간(디지털ERA에서 콘텐츠ERA로)
- EzineArticles (여러 분야의 글들이 올라옴)
- Relationship을 보여주는 라이브러리
- OpenRCE
- 젠틀의 블로그(무선 통신의 모든것)
- 헐랭이와 IT보안
- 워니. 추억ㅇㅔ ㅂㅣ추ㅇㅓ.
- Computer Forensics
- 토익 광장(YBM)
- Korea Times 이용하기
- Larkware Software
- TCP/UDP
- Black Hat
- DEF CON
- Slashdot
- ReallyUsefulEbooks.com Update
- 실리콘밸리 뉴스
- Application Development Trends
- Visual Studio Hacks
- MIT OCW
- Redmond Developer News
- SecurityFocus
- Microsoft Window Hacking Porta…
- Darknet - Don't Learn to Hack …
- Windows Tips, Tricks and Hacks
- Hack In the Box
- (IN)SECURE Magazine
- SuperSite Windows Vista
- Government Security
- Life is Still Talking (Good)
- PHRACK
- Found+Read(resource for startu…
- Jonathan Boutelle
- Venture Hacks
- 스마트플레이스
- All about Intellipedia
- Undocumented Windows 2000 Secr…
- HexBlog (Decompiler)
- TED (Ideas worth spreading)
- Crash Dump Analysis and Debugg…
- Rootkit
- DDK Developers(MS)
- 미친 감자의 블로그
- The Art of Assembly Language
- Chpie (키보드 후킹)
- Drivers Online
- (음악) Delicate SONG
- Reverse Engineering Community
- Software Best Practices
- Sara Ford's WebLog
- Cheat Happens
- Debugging,Unpacking,Assembling…
- 윤석찬님 블로그
- OK 괜찮아 다 잘 될거야
- RingBlog
- Art Life :: 하늘소
- IT's Paradise
- John Robbins!
- Wintellect
- Hacked Gadgets
- 소프트웨어 이야기
- Ryan Naraine's Zero Day
- VULN
- Stay Secure
- EBS 영어 공부(블루워터)
- 101BLoG : "Bright Size Life" o…
- Hacker Challenge
- Hackers Center
- White Hat, Chicago Con
- Ethical Hacker Network
- ChaseNet (Security)
- TechTarget
- Entrepreneur
- Infopackets
- Popular Science
- Dark Reading - The Business of…
- How Stuff Works
- codeDriver - Crack (역공학)
- Gadget (Windows)
- Serious Code
- Iguacu Blog(블루문)
- SecurityProof
- Power of Community(Hacker)
- Crack ?
- Security Freak
- Data Network Resource
- FoundStone - Security Consulti…
- Google Online Security Blog
- (BOOK) Cool DogBooks
- SachaBarber (좋은 개발자)
- System Software Incorporation
- 스카이 벤처
- NewsTorrent
- 글로벌 IT 네트워크
- Ethical Hacking and Infosec
- Realms of Hacking tricks
- CodeBreakers Journal
- Anti Rootkit Blog
- The Reverse Code Engineering C…
- Anti-Debug Tools
- Reverse Code Engineering Video…
- Damn Vulnerable linux
- Security Problems
- French Reverse Engineering Tea…
- Monac
- Open Source Vulnerability Data…
- Viruschaser 검사(바이러스)
- Windows Tips
- 보안 대처 연습
- [Download] Kartz CD
- [Download] FlMS Download
- [Download] DDL2
- 중국 해킹 사이트(안전중국)
- 바이러스 분석
- Javascript 전문가
- Virus Alert Zone (바이러스 분석)
- Computer World
- 문스랩닷컴(보안)
- Unpack China
- Black Storm Reverse Engineerin…
- 역공학 Reverser
- 문화 망명지 - 시, 소설
- WPF MVP
- Research Channel
- The Problem Solver - C# MVP
- Reversing - 리버스 엔지니어링
- Nigel Spencer's Blog (.NET)
- Kirill Osenkov (.NET C# IDE Te…
- H33T (BitTorrnet 검색 사이트)
- ITL (해킹, 보안)
- ITL (Invisible Things Lab) Blo…
- ebook, pdf, chm
- 주식 - 멘토클리닉
- CherryLove - 바이러스, 백신, 악성코드
- PMP
- 영원한 해커, hacker
- 리버싱, PE
- 신호철 - dsphome
- TechEd 2009
- SHOUT
- [도서] 오디오북
- [도서] 전자책
- [도서] 국내도서요약
- [도서] 해외도서요약
- TopCorder - 프로그래밍 연습
일 | 월 | 화 | 수 | 목 | 금 | 토 |
---|---|---|---|---|---|---|
1 | 2 | |||||
3 | 4 | 5 | 6 | 7 | 8 | 9 |
10 | 11 | 12 | 13 | 14 | 15 | 16 |
17 | 18 | 19 | 20 | 21 | 22 | 23 |
24 | 25 | 26 | 27 | 28 | 29 | 30 |
Tags
- VSTS
- 해킹
- WPF
- .net framework 4
- 책
- 디버깅
- Microsoft
- debugging
- 디버그랩
- Windows
- MVP
- 마이크로소프트
- security
- Windows 7
- visual studio 2010
- 구글
- english
- VSTS 2010
- 비주얼 스튜디오
- 닷넷
- C#
- 역공학
- 보안
- Visual Studio
- .net
- 비주얼스튜디오
- .NET Framework
- hacking
Archives
- Today
- Total
NaggingMachine
PROTECTiON iD v6.1.3 본문
PROTECTiON iD v6.1.3
PROTECTiON iD v6.1.3
faster, more accurate, still better and no more beta - xmas release #2
Core Code changes:
- new: width-RESIZEABLE main window
- new: user can now choose what protection scans to skip
- new: added in new configuration item allowing the user to specify if iso, ccd, mds
etc modules are to be treated as discs (and therby subject to a sector scan)
- new: ability to scan inside microsoft cab files has been implimented
- update: we are now v0.6.1.3
- update: faster scanning core :)
- update: configuration window has a new look
- update: better 64 bit file handling support added
- update: appended data detection tweaked a little
- update: now if pid is running and an exe is scanned from the context menu, the main
window will change to the log window (looks better.. suggested by loki)
- update: lnk file resolving is now complete, if user has selected to resolve links,
the system handles this all automatically
- update: window position is now centred if a previous window location was not recorded
- update: adjusted ia64/x64 vs. machine check portion of code (thx to teddy rogers)
- update: configuration - windows product key showing is now a configuration item
- update: configuration - now 'themes' and 'flat mode' can not be selected at the same time,
this is how it should be as themes override flatmode etc... so now only one can
be selected, and the other is 'auto unselected' (suggested by syk0)
- update: configuration - addedin code to enable/disable the 'protection report bubble' after a scan is completed
- update: Memory Optimiser - the progress bar should get to the start again when user
clicked on Optimize and Purge was successful
- update: Memory Optimiser - code heavily updated, to work in chunks (if largest size requested is not available),
so, end result - more reliable, faster and optimised
- update: misc tools - added in quick uninstall tab
- update: misc tools - added in CD/DVD Filter Driver scanner tab
- update: misc tools - added in Windows Error Code Resolver tab
- update: misc tools - added in CPU Info tab
- update: misc tools - added in windows directory in the system info output
- update: misc tools - added in Folder Locations scanner
- update: misc tools - system information window now reports graphic device names (geforce, etc),
username & computername and terminal services availability also reported
- update: misc tools - windows install date (from registry) is now reported in the misc tools 'system info part',
windows install date (from folder) is now also reported.
- update: misc tools - tweaked x64 os detection code, so its a lot more reliable
- update: misc tools - windows product key reporting now also handles x64 systems
- update: nfo viewer - extra checking now added - zip, rar and mz executables will NOT be displayed,
instead, a warning message is displayed
- update: process view - added in check for terminate, dump, priority change..
if selected process is pid, the menu items are disabled (for safety and security)
- update: svf checking now reports current offset on the line when processing
- update: sfv processing now works with quoted filenames
- update: winspy - process name is now also reported (if we could obtain it.. )
- update: log window in cd/dvd operations now has a context menu, allowing for...
clear log
copy selection to clipboard
copy log to clipboard
save selection (txt)
save selection (csv)
save log (txt)
save log (csv) - bugfix: admin reflection / reporting was incorrect on 9x/ME systems
- bugfix: 'admin shield' icon is now moved, it looked out of place if the other progress bars
showing cpu usage etc were turned off.. (reported by loki)
- bugfix: Export as .txt doesn't work properly, only the first file does get saved
- bugfix: event bug fixed, which sometimes resulted in pid sticking at about 35% cpu
- bugfix: pause/resume in the queue window was sometimes wrong for the text (reported by r!co)
- bugfix: Fixed SFV bug - Click on make, don't select any files and press abort.
You can't use the complete SFV feature as it's all greyed out (reported by Blazkowicz)
- bugfix: sfv output for large files (mb, gb etc) was VERY wrong, its since corrected
- bugfix: fixed 'disappearing window' problem
- bugfix: 'large icons' issue fixed in 9x
- bugfix: sfv - abort now works
- bugfix: sfv - output issue should be 110% fixed now (new buffering system used)
- bugfix: task manager -> potential stack bug fixed
- bugfix: configuration - shortcut creation was broken
- bugfix: nfo viewer - fixed potential memory leak on drag/drop
- bugfix: bug in the code checking for digital signatures (found by blazi)
code now performs a sanity check on accessed memory areas
detection additions / changes
- new: check_activemark.asm - added version detection for v6.3.562
- new: check_alawar.asm - added Alawar Try & Buy Activation detection
- new: check_hexalock.asm - added HexaLock Copy Protection detection
- new: check_protectdisc.asm - added more Protect DiSC v8 subversions
- new: check_securom.asm - added in detection for sll modules + SecuROM Matroschka Package
- new: check_acprotect.asm - added ACProtect v2.1, v2.1.1 and v2.1.2 detection
- new: check_angelscrypter.asm - added Angel's Crypteur v0.2 detection
- new: check_antidote.asm - added AntiDote v1.4 SE detection
- new: check_armadillo.asm - added version detection v6.00 or newer
- new: check_atreprotector.asm - added AT4RE Protector v1.0 detection
- new: check_avlock.asm - added AVLock detection
- new: check_budcrypter.asm - added BUD Crypter detection
- new: check_coolcrypt.asm - added COOLcryptor 0.9 detection
- new: check_cryptwoz.asm - added CryptWOZ v1.0 detection
- new: check_darkcrypt.asm - added DarkCrypt v1.2 (Private Version) detection
- new: check_dcrypt.asm - added DCrypt Private v0.9b detection
- new: check_dotfixniceprotect.asm - added DotFix NiceProtect v1.0 detection
- new: check_dotnetreactor.asm - added dotNet Reactor v3.3 (or newer) detection
- new: check_enigmaprotector.asm - added version grabber for Enigma Protector
- new: check_execrypt.asm - added ExeCRyPT v1.0 [ReBirth] detection
- new: check_exefog.asm - added EXEFog v1.1 detection
- new: check_exewrapper.asm - added ExeWrapper v3.0 (533Soft) detection
- new: check_expressor.asm - added ExPressor v1.6 detection
- new: check_fakuscrypter.asm - added Fakus Crypter detection
- new: check_fastfilecrypt.asm - added FastFileCrypt v1.6 Public detection
- new: check_fatalzcrypt.asm - added Fatalz Crypt v2.14a detection
- new: check_flashbackprot.asm - added Flashback Protector v1.0 detection
- new: check_gieprotector.asm - added Gie Protector v0.2 detection
- new: check_imppacker.asm - added IMP-Packer v1.0 detection
- new: check_kcryptor.asm - added K!Cryptor v0.11 detection
- new: check_kgbcrypter.asm - added KGB Cypter v1.0a detection
- new: check_leetcryptor.asm - added 1337 Cryptor v2 detection
- new: check_lilithcrypter.asm - added Lilith Crypter detection
- new: check_maxtocode.asm - added MaxtoCode .Net Encryption detection
- new: check_minke.asm - added Minke v1.0.1 Executable Crypter detection
- new: check_moneycrypter.asm - added Money Crypter detection
- new: check_morphna.asm - added Morphna Beta 2 detection
- new: check_mortalteamcrypter.asm - added Mortal Team Crypter v2 detection
- new: check_mpress.asm - added MPRESS NET compressor detection
- new: check_mushroomcrypter.asm - added Mu$hr00M CryPtOR v1.0 detection
- new: check_nme.asm - added NME Executable Crypter v1.1 detection
- new: check_npack.asm - added nPack v1.1.500.2008 Beta detections
- new: check_obfuscatornet.asm - added Macrobject Obfuscator.NET detection
- new: check_privateexe.asm - added version detection for v2.00 - v2.25 and v2.30 - v2.70
- new: check_puricrypt.asm - added Puri Crypt v1.2 detection
- new: check_quickpacknt.asm - added QuickPack NT v0.1 detection
- new: check_rcryptor.asm - added RCryptor v1.6d detection
- new: check_rdgpack.asm - added RDG Pack Lite Edition v0.2 detection
- new: check_rdgtejoncrypter.asm - added RDG Tejon Crypter v0.3 detection
- new: check_rlp.asm - added ReversingLabs Protector v0.7.4 beta detection
- new: check_rlpack.asm - added RLPack v1.20 detection
- new: check_roguepack.asm - added RoguePack v3.3 detection
- new: check_russiancryptor.asm - added Russian Cryptor v1.0 detection
- new: check_securepe.asm - added SecurePE v1.5 detection
- new: check_secureshade.asm - added Secure Shade v1.8 detection
- new: check_snoopcrypt.asm - added SnoopCrypt detection
- new: check_thinstall.asm - added THInstall detection
- new: check_tstcrypter.asm - added TsT Crypter detection
- new: check_undergroundcrypter.asm - added UndergroundCrypter v1.0 detection
- new: check_unlimitedcrypter.asm - added UnLimited Crypter v1.0 detection
- new: check_unopix.asm - added UnoPiX v0.94 detection
- new: check_upxlock.asm - added UPX Lock v1.01 - v1.02 detection
- new: check_weruscrypter.asm - added Werus Crypter v1.0 detection
- new: check_wildtangent.asm - added Wild Tangent v2.1 Activation detection
- new: check_windofcrypt.asm - added WindOfCrypt detection
- new: check_wingscrypt.asm - added Wingscrypt v2.0 detection
- new: check_winutilitiesexeprot.asm - added WinUtilities EXE Protector v2.1 detection
- new: check_wlcrypt.asm - added WL-Crypt v1.0 detection
- new: check_xenocode.asm - added XenoCode .NET protector detection
- new: check_xenocode.asm - added XenoCode Postbuild 2007 + 2008 for .NET detection
- new: check_xhackercryptor.asm - added xHacker Cryptor detection
- new: check_xshell.asm - added XShell v1.5 detection
- new: check_zprotect.asm - added ZProtect v1.4.3 detection
- new: check_zylomwrapper.asm - added Zylom Wrapper Crypted Game.exe detection
- new: license_nalpeiron_scan.asm - added Nalpeiron Licensing Service detection
- new: installer_install4y.asm - added Install4j Wizard Module detection
- new: installer_installshield.asm - added InstallShield v12 BETA Version detection
- new: installer_squeezesfx.asm - added Squeeze Self Extractor Module detection
- new: installer_trymediadownload.asm - added Trymedia Systems Download Manager detection
- new: msi and 7zip file type reporting is now done to the log window (similar to the .rar, zip etc reporting)
- new: added in quick detection for starforce protected pdf file
- update: check_aspack.asm - added additional check for ASPack 2.x to avoid a false positive
when scanning a file wrapped by FlashBack with ASPack entrypoint signature
- update: check_codelok.asm - improved detection
- update: check_dotnetreactor.asm - some parts recoded to be more generic & faster
- update: check_execryptor2.asm - improved detection with heuristic checks
- update: check_laserlok.asm - updated to handle older (v3) versions of laserlok
- update: check_passlock2000.asm - improved detection
- update: check_reflexivearcade.asm - executables builds are now reported (if found)
- update: check_safedisc.asm - updated to detect safedisc lite
- update: check_securom.asm - updated to handle VERY old versions & updated to detect a modified paul.dll
- update: check_solidshield.asm - minor modifications, but results in better reporting
- update: check_starforce.asm - updated to handle the new variant (v5.5) and also report bitness of the exe
- update: check_sysiphus.asm - optimized detection
- update: check_themida.asm - updated to handle dll protected Themida files
- update: check_vmprotect.asm - added new generic detection code (catches now dlls we missed before)
- update: check_upx.asm - improved to be 'more generic'
- update: check_vob.asm.asm - updated to handle older version (4 or less)
- update: dongle_guardant.asm - added reporting of old Guardant Dongle Protections
- update: dongle_hasphlenvelope.asm - improved detection
- update: license_sentinellm - improved for better detection
- update: installer_7zip.asm - improved detection
- bugfix: check_telock.asm - fixed v1.0 detection
- bugfix: check_yzpack.asm - fixed bug resulting in non detections
- bugfix: installer_installshield.asm - fixed possible non detections
CD/DVD/Image file/sector scan
- new: b6i image added into the supported file list
- new: added in 'Extract Boot Sector', now the boot sector from the cd/dvd can
be 'extracted' to a file.. for use with something else maybe :)
- new: cddvd_cactus.scan.asm - Cactus Audio detection added to file scan in cddvd module
- new: cddvd_protectdisc.scan.asm - added in sector scan module for protectdisc / protectcd
- update: if a disk is detected as being protected when making the iso, the user will be prompted to continue or not
- update: sector stuff - updated handler to handle udf format disks (BEA01 header instead of CD001)
- update: sector scan - tweaked sector scan for tages a little
- update: sector scan - tweaked the safedisc detection code
- update: sector scan - updated to now NOT stop if a sector 16 read failure happened
- update: sector scan - securom scan updated to handle version 4.x (and probably lower),
which used a different 'fingerprint' and some minor tweaks / fixes
- update: sector scan - starforce + starforce keyless scan was heavily updated..
reducing probability of false positives as well as catching some we missed before
- bugfix: sector scan - codelok scan fixed
Download here:
h++p://pid.gamecopyworld.com/ProtectionID_v6.1.3_2k8_xmas.rar
PROTECTiON iD v6.1.3
faster, more accurate, still better and no more beta - xmas release #2
Core Code changes:
- new: width-RESIZEABLE main window
- new: user can now choose what protection scans to skip
- new: added in new configuration item allowing the user to specify if iso, ccd, mds
etc modules are to be treated as discs (and therby subject to a sector scan)
- new: ability to scan inside microsoft cab files has been implimented
- update: we are now v0.6.1.3
- update: faster scanning core :)
- update: configuration window has a new look
- update: better 64 bit file handling support added
- update: appended data detection tweaked a little
- update: now if pid is running and an exe is scanned from the context menu, the main
window will change to the log window (looks better.. suggested by loki)
- update: lnk file resolving is now complete, if user has selected to resolve links,
the system handles this all automatically
- update: window position is now centred if a previous window location was not recorded
- update: adjusted ia64/x64 vs. machine check portion of code (thx to teddy rogers)
- update: configuration - windows product key showing is now a configuration item
- update: configuration - now 'themes' and 'flat mode' can not be selected at the same time,
this is how it should be as themes override flatmode etc... so now only one can
be selected, and the other is 'auto unselected' (suggested by syk0)
- update: configuration - addedin code to enable/disable the 'protection report bubble' after a scan is completed
- update: Memory Optimiser - the progress bar should get to the start again when user
clicked on Optimize and Purge was successful
- update: Memory Optimiser - code heavily updated, to work in chunks (if largest size requested is not available),
so, end result - more reliable, faster and optimised
- update: misc tools - added in quick uninstall tab
- update: misc tools - added in CD/DVD Filter Driver scanner tab
- update: misc tools - added in Windows Error Code Resolver tab
- update: misc tools - added in CPU Info tab
- update: misc tools - added in windows directory in the system info output
- update: misc tools - added in Folder Locations scanner
- update: misc tools - system information window now reports graphic device names (geforce, etc),
username & computername and terminal services availability also reported
- update: misc tools - windows install date (from registry) is now reported in the misc tools 'system info part',
windows install date (from folder) is now also reported.
- update: misc tools - tweaked x64 os detection code, so its a lot more reliable
- update: misc tools - windows product key reporting now also handles x64 systems
- update: nfo viewer - extra checking now added - zip, rar and mz executables will NOT be displayed,
instead, a warning message is displayed
- update: process view - added in check for terminate, dump, priority change..
if selected process is pid, the menu items are disabled (for safety and security)
- update: svf checking now reports current offset on the line when processing
- update: sfv processing now works with quoted filenames
- update: winspy - process name is now also reported (if we could obtain it.. )
- update: log window in cd/dvd operations now has a context menu, allowing for...
clear log
copy selection to clipboard
copy log to clipboard
save selection (txt)
save selection (csv)
save log (txt)
save log (csv) - bugfix: admin reflection / reporting was incorrect on 9x/ME systems
- bugfix: 'admin shield' icon is now moved, it looked out of place if the other progress bars
showing cpu usage etc were turned off.. (reported by loki)
- bugfix: Export as .txt doesn't work properly, only the first file does get saved
- bugfix: event bug fixed, which sometimes resulted in pid sticking at about 35% cpu
- bugfix: pause/resume in the queue window was sometimes wrong for the text (reported by r!co)
- bugfix: Fixed SFV bug - Click on make, don't select any files and press abort.
You can't use the complete SFV feature as it's all greyed out (reported by Blazkowicz)
- bugfix: sfv output for large files (mb, gb etc) was VERY wrong, its since corrected
- bugfix: fixed 'disappearing window' problem
- bugfix: 'large icons' issue fixed in 9x
- bugfix: sfv - abort now works
- bugfix: sfv - output issue should be 110% fixed now (new buffering system used)
- bugfix: task manager -> potential stack bug fixed
- bugfix: configuration - shortcut creation was broken
- bugfix: nfo viewer - fixed potential memory leak on drag/drop
- bugfix: bug in the code checking for digital signatures (found by blazi)
code now performs a sanity check on accessed memory areas
detection additions / changes
- new: check_activemark.asm - added version detection for v6.3.562
- new: check_alawar.asm - added Alawar Try & Buy Activation detection
- new: check_hexalock.asm - added HexaLock Copy Protection detection
- new: check_protectdisc.asm - added more Protect DiSC v8 subversions
- new: check_securom.asm - added in detection for sll modules + SecuROM Matroschka Package
- new: check_acprotect.asm - added ACProtect v2.1, v2.1.1 and v2.1.2 detection
- new: check_angelscrypter.asm - added Angel's Crypteur v0.2 detection
- new: check_antidote.asm - added AntiDote v1.4 SE detection
- new: check_armadillo.asm - added version detection v6.00 or newer
- new: check_atreprotector.asm - added AT4RE Protector v1.0 detection
- new: check_avlock.asm - added AVLock detection
- new: check_budcrypter.asm - added BUD Crypter detection
- new: check_coolcrypt.asm - added COOLcryptor 0.9 detection
- new: check_cryptwoz.asm - added CryptWOZ v1.0 detection
- new: check_darkcrypt.asm - added DarkCrypt v1.2 (Private Version) detection
- new: check_dcrypt.asm - added DCrypt Private v0.9b detection
- new: check_dotfixniceprotect.asm - added DotFix NiceProtect v1.0 detection
- new: check_dotnetreactor.asm - added dotNet Reactor v3.3 (or newer) detection
- new: check_enigmaprotector.asm - added version grabber for Enigma Protector
- new: check_execrypt.asm - added ExeCRyPT v1.0 [ReBirth] detection
- new: check_exefog.asm - added EXEFog v1.1 detection
- new: check_exewrapper.asm - added ExeWrapper v3.0 (533Soft) detection
- new: check_expressor.asm - added ExPressor v1.6 detection
- new: check_fakuscrypter.asm - added Fakus Crypter detection
- new: check_fastfilecrypt.asm - added FastFileCrypt v1.6 Public detection
- new: check_fatalzcrypt.asm - added Fatalz Crypt v2.14a detection
- new: check_flashbackprot.asm - added Flashback Protector v1.0 detection
- new: check_gieprotector.asm - added Gie Protector v0.2 detection
- new: check_imppacker.asm - added IMP-Packer v1.0 detection
- new: check_kcryptor.asm - added K!Cryptor v0.11 detection
- new: check_kgbcrypter.asm - added KGB Cypter v1.0a detection
- new: check_leetcryptor.asm - added 1337 Cryptor v2 detection
- new: check_lilithcrypter.asm - added Lilith Crypter detection
- new: check_maxtocode.asm - added MaxtoCode .Net Encryption detection
- new: check_minke.asm - added Minke v1.0.1 Executable Crypter detection
- new: check_moneycrypter.asm - added Money Crypter detection
- new: check_morphna.asm - added Morphna Beta 2 detection
- new: check_mortalteamcrypter.asm - added Mortal Team Crypter v2 detection
- new: check_mpress.asm - added MPRESS NET compressor detection
- new: check_mushroomcrypter.asm - added Mu$hr00M CryPtOR v1.0 detection
- new: check_nme.asm - added NME Executable Crypter v1.1 detection
- new: check_npack.asm - added nPack v1.1.500.2008 Beta detections
- new: check_obfuscatornet.asm - added Macrobject Obfuscator.NET detection
- new: check_privateexe.asm - added version detection for v2.00 - v2.25 and v2.30 - v2.70
- new: check_puricrypt.asm - added Puri Crypt v1.2 detection
- new: check_quickpacknt.asm - added QuickPack NT v0.1 detection
- new: check_rcryptor.asm - added RCryptor v1.6d detection
- new: check_rdgpack.asm - added RDG Pack Lite Edition v0.2 detection
- new: check_rdgtejoncrypter.asm - added RDG Tejon Crypter v0.3 detection
- new: check_rlp.asm - added ReversingLabs Protector v0.7.4 beta detection
- new: check_rlpack.asm - added RLPack v1.20 detection
- new: check_roguepack.asm - added RoguePack v3.3 detection
- new: check_russiancryptor.asm - added Russian Cryptor v1.0 detection
- new: check_securepe.asm - added SecurePE v1.5 detection
- new: check_secureshade.asm - added Secure Shade v1.8 detection
- new: check_snoopcrypt.asm - added SnoopCrypt detection
- new: check_thinstall.asm - added THInstall detection
- new: check_tstcrypter.asm - added TsT Crypter detection
- new: check_undergroundcrypter.asm - added UndergroundCrypter v1.0 detection
- new: check_unlimitedcrypter.asm - added UnLimited Crypter v1.0 detection
- new: check_unopix.asm - added UnoPiX v0.94 detection
- new: check_upxlock.asm - added UPX Lock v1.01 - v1.02 detection
- new: check_weruscrypter.asm - added Werus Crypter v1.0 detection
- new: check_wildtangent.asm - added Wild Tangent v2.1 Activation detection
- new: check_windofcrypt.asm - added WindOfCrypt detection
- new: check_wingscrypt.asm - added Wingscrypt v2.0 detection
- new: check_winutilitiesexeprot.asm - added WinUtilities EXE Protector v2.1 detection
- new: check_wlcrypt.asm - added WL-Crypt v1.0 detection
- new: check_xenocode.asm - added XenoCode .NET protector detection
- new: check_xenocode.asm - added XenoCode Postbuild 2007 + 2008 for .NET detection
- new: check_xhackercryptor.asm - added xHacker Cryptor detection
- new: check_xshell.asm - added XShell v1.5 detection
- new: check_zprotect.asm - added ZProtect v1.4.3 detection
- new: check_zylomwrapper.asm - added Zylom Wrapper Crypted Game.exe detection
- new: license_nalpeiron_scan.asm - added Nalpeiron Licensing Service detection
- new: installer_install4y.asm - added Install4j Wizard Module detection
- new: installer_installshield.asm - added InstallShield v12 BETA Version detection
- new: installer_squeezesfx.asm - added Squeeze Self Extractor Module detection
- new: installer_trymediadownload.asm - added Trymedia Systems Download Manager detection
- new: msi and 7zip file type reporting is now done to the log window (similar to the .rar, zip etc reporting)
- new: added in quick detection for starforce protected pdf file
- update: check_aspack.asm - added additional check for ASPack 2.x to avoid a false positive
when scanning a file wrapped by FlashBack with ASPack entrypoint signature
- update: check_codelok.asm - improved detection
- update: check_dotnetreactor.asm - some parts recoded to be more generic & faster
- update: check_execryptor2.asm - improved detection with heuristic checks
- update: check_laserlok.asm - updated to handle older (v3) versions of laserlok
- update: check_passlock2000.asm - improved detection
- update: check_reflexivearcade.asm - executables builds are now reported (if found)
- update: check_safedisc.asm - updated to detect safedisc lite
- update: check_securom.asm - updated to handle VERY old versions & updated to detect a modified paul.dll
- update: check_solidshield.asm - minor modifications, but results in better reporting
- update: check_starforce.asm - updated to handle the new variant (v5.5) and also report bitness of the exe
- update: check_sysiphus.asm - optimized detection
- update: check_themida.asm - updated to handle dll protected Themida files
- update: check_vmprotect.asm - added new generic detection code (catches now dlls we missed before)
- update: check_upx.asm - improved to be 'more generic'
- update: check_vob.asm.asm - updated to handle older version (4 or less)
- update: dongle_guardant.asm - added reporting of old Guardant Dongle Protections
- update: dongle_hasphlenvelope.asm - improved detection
- update: license_sentinellm - improved for better detection
- update: installer_7zip.asm - improved detection
- bugfix: check_telock.asm - fixed v1.0 detection
- bugfix: check_yzpack.asm - fixed bug resulting in non detections
- bugfix: installer_installshield.asm - fixed possible non detections
CD/DVD/Image file/sector scan
- new: b6i image added into the supported file list
- new: added in 'Extract Boot Sector', now the boot sector from the cd/dvd can
be 'extracted' to a file.. for use with something else maybe :)
- new: cddvd_cactus.scan.asm - Cactus Audio detection added to file scan in cddvd module
- new: cddvd_protectdisc.scan.asm - added in sector scan module for protectdisc / protectcd
- update: if a disk is detected as being protected when making the iso, the user will be prompted to continue or not
- update: sector stuff - updated handler to handle udf format disks (BEA01 header instead of CD001)
- update: sector scan - tweaked sector scan for tages a little
- update: sector scan - tweaked the safedisc detection code
- update: sector scan - updated to now NOT stop if a sector 16 read failure happened
- update: sector scan - securom scan updated to handle version 4.x (and probably lower),
which used a different 'fingerprint' and some minor tweaks / fixes
- update: sector scan - starforce + starforce keyless scan was heavily updated..
reducing probability of false positives as well as catching some we missed before
- bugfix: sector scan - codelok scan fixed
Download here:
h++p://pid.gamecopyworld.com/ProtectionID_v6.1.3_2k8_xmas.rar
'TechnoBabbler' 카테고리의 다른 글
Visual Studio 2008 SP1으로 디버깅하기 (0) | 2009.01.02 |
---|---|
Proxy 소프트웨어인 Burp Suite가 v1.2로 업그레이드 되었습니다. (0) | 2009.01.01 |
Is SKT Dominance Under Threat? (0) | 2008.12.30 |
160GB SSD? (4) | 2008.12.27 |
백신이 오히려 해커에게 악용당한다? (0) | 2008.12.26 |