I've just tried the binary and it's running without getting detected. You need the following protections:
- IsDebuggerPresent
- CheckRemoteDebuggerPresent
- CloseHandle
- ProcessDebugFlags
- NtSetContextThread
- Caption Change
Please check that no other debugger is installed, and the only plugin is OllyExt. Some plugins are interfering with my one.
Quote:
Originally Posted by sendersu
Regarding hiding from VMProtect
whats is the set of options need to be used?
here is a sample app protected nicely by vmp and I fail to get the correct set of options on OllyExt using 2.01 release of Olly
it is either file corrupted or debugger detected
http://www.sendspace.com/file/cdq1ga
thanks
|