im playing with rainbox six vegas and new securom, try to apply my oepfind to work with it, new securom now runs and spaws itself with a param as new antidebug protection. when we run it with
R6Vegas_Game.exe /Sonydadc /05f0612d /05f0612d /3F3A8A87 /1
then it runs instantly without spawning another instance.
last param is time from GetTickCount to check if its not debuged, but we can write own gettickcount or use from ollyadv that will start from 0 and do +1 every call to it.
but case is olly is ring3 debuger that is using CreateProcessA with DEBUG_ONLY_THIS_PROCESS and catches with waitfordebugevent all exceptions. i dont catch any not even one. and there are 2 single_step and about 20 illegal_instruction. does anyone know what can cause that. with asprotect and other protectors i can catch all exceptions. here i cant

edit:
i figured it out we need to fool also ZwSetInformationThread