Main » 2011 » Март » 16 » The possibility of automatic protection Themida
10:31
The possibility of automatic protection Themida

First, about the "boring platitudes."
  • Antiotladchik. Supported as a standard detection of debuggers and kernel-level debuggers. There is also a mode of aggressive search, but in this case, the application may refuse to run on computers with active antirusami, rootkits or under Wine.
  • Antidamper. Themida protects applications constantly. Memory dump application to disk and then running does not remove the protection (who would have doubted it. ... Such primitive practices are no longer working)
  • Obfuscation entry point (OEP). Themida hides the entry point to the library or application.
  • Encryption resources. If your application is included in any of the resources (icons, files and so on), they will be encrypted and decrypted only when accessed.
  • VMWare / VirtualPC compatibility. You can activate this mode in order to secure an application to run under the hypervisor.
  • Wrapping calls to API Windows. Themida hides information about the functions of the Windows API, which calls your application. Information about the libraries required to run as an attacker is not available.
  • Protect applications from modification. Themida can check the integrity of the application when it starts, not allowing to start the modified copy of the application. You can activate a mode in which the application after the defense will be free to sign up.
  • Memory protection applications from modification in progress (useful if you develop such a game).
  • Technology mutation code. All kernel code Themida, which is associated with your application, subject to mutation and "smearing". Each time the code is regenerated using the technology of virtualization (see below).
  • Anti-monitor file and registry. Themida not allow external programs to monitor the treatment of a protected application files or registry.
  • Compression. Protection Overlay leads to a rather large increase in the size of the executable file on disk. To reduce this size Themida supports compression of both the application (with built-in code protection), and its resources.
  • Themida is able to protect the shape Delphi / C + + Builder from a special way. The contents of the forms (actually, *. dfm) file can be retrieved from both the *. exe, so at runtime.

Almost all the above features can be enabled / disabled at your request.

Views: 613 | Added by: w1zard | Rating: 0.0/0
Total comments: 0
Имя *:
Email *:
Код *: