|
04.02.2011 VMSweeper 1.4 beta 8
Added:
1. Improved detection of transit tags.
2. Improved detection of conditional jumps.
3. Improved detection of the use of a variable when its partial re-appropriation.
4. Removal of decoding addresses unconditional jump.
5. The second algorithm for calculating CRC VMProtect version above 2.0
6. Protect DRx registers (hardware breakpoints) from VMProtect.
7. Direct Call Processing API after the coded output of the VM.
Fixed:
1. Restructuring promkoda. Sometimes a direct line after a conditional branch was not on the next block.
2. Restructuring promkoda. For a nondegenerate unconditional transition is added to the zone label.
3. Recognition of use of the register VM in line with its initialization.
4. Devirtualizatsiya instructions retn xx is no longer dependent on the number of variables in the VM stack.
5. Tag degenerate transition is not deleted if it goes the other transitions.
6. Fixed a stack overflow exception and to match the registers of the VM and the CPU cycle.
7. When automatic restart of the program is not an option avtivirovalas AntiAntiDebug.
28.01.2011 VMSweeper 1.4 beta 7
Added:
1. Option AntiAntiDebug.
2. Option Break on TLS.
3. Initial treatment AntiDump.
4. Devirtualizatsiya instructions retn xx.
5. Devirtualizatsiya instructions sub without flags.
6. Restoring the hidden procedure call (type push xx; retn)
7. Correction of bias in addressing the stack through esp.
8. Improved detection of the beginning of the cycle in the VM CodeVirtualizer.
Fixed:
1. Restructuring promkoda. Sometimes a direct line after a conditional jump was in the middle of the next block.
2. Correction pointer esp when decompiling mov esp, [esp]
3. Restoration of indirect procedure calls.
4. Recognition of Conformity CPU registers and on the instructions of the VM pop xx.
|