Questions on VMProtect 3

[drlai]

1. What does 'Use Taggant System' do? I can't find it in User-Manual ?

2. when you close a project and exit VMProtect, why it takes so much time (lagging a lot)

3. the first time generate RSA Key, if you click the dropdown list '2048, 4096 bits ...' the VMProtect crashes

4. If an incorrect path specified in *.vmp but the correct file path is specified in the command line VMProtect_Con.exe, the VMProtect sill complains (It didn't report in 2.13)

5. the same project, protected by VMProtect3 cannot be registered (The COM object, using command regsvr32 to register as administrator) see below. It crashes on Windows 10 and Windows 2008 Server

[Admin]

1. About Taggant System you can read here
3. We'll fix it in next build.
4. I don't understand what you mean. Could you provide us more detailed information?
5. Could you send us a test example that shows your problem?

[drlai]

sent to build@vmpsoft.com

[Admin]

In your case you need to switch off the option "Memory protection" (or exclude segment ".text" from memory protection) because your DLL modifies own code:

Code: Select all

.text:004186D8                 push    ebx
.text:004186D9                 add     esp, 0FFFFFFC0h
.text:004186DC                 lea     eax, [esp+44h+flOldProtect]
.text:004186E0                 push    eax             ; lpflOldProtect
.text:004186E1                 push    40h             ; flNewProtect
.text:004186E3                 push    100h            ; dwSize
.text:004186E8                 mov     ebx, offset @System@Move$qqrpxvpvi ; System::Move(void *,void *,int)
.text:004186ED                 push    ebx             ; lpAddress
.text:004186EE                 call    VirtualProtect_0
.text:004186F3                 mov     eax, ebx
.text:004186F5                 cmp     byte ptr [eax], 0E9h
.text:004186F8                 jz      short loc_41875A
.text:004186FA                 cmp     word ptr [eax], 25FFh
.text:004186FF                 jnz     short loc_418716
.text:00418701                 mov     byte ptr [eax], 0E9h
.text:00418704                 mov     eax, ebx
.text:00418706                 mov     edx, ds:dword_DF41D0
.text:0041870C                 sub     edx, eax
.text:0041870E                 sub     edx, 5
.text:00418711                 inc     eax
.text:00418712                 mov     [eax], edx
.text:00418714                 jmp     short loc_41875A
.text:00418716 ; ---------------------------------------------------------------------------
.text:00418716
.text:00418716 loc_418716:                             ; CODE XREF: sub_4186D8+27j
.text:00418716                 lea     edx, [esp+44h+var_3C]
.text:0041871A                 mov     eax, ds:dword_DF41D0
.text:0041871F                 mov     ecx, 38h
.text:00418724                 call    ds:dword_DF41D0
.text:0041872A                 mov     eax, ds:dword_DF41D0
.text:0041872F                 sub     eax, ebx
.text:00418731                 add     [esp+44h+var_2E], eax
.text:00418735                 add     [esp+44h+var_28], eax
.text:00418739                 add     [esp+44h+var_1D], eax
.text:0041873D                 add     [esp+44h+var_E], eax
.text:00418741                 add     [esp+44h+var_9], eax
.text:00418745                 lea     edx, [esp+44h+var_3C]
.text:00418749                 mov     ecx, ebx
.text:0041874B                 xor     eax, eax
.text:0041874D
.text:0041874D loc_41874D:                             ; CODE XREF: sub_4186D8+80j
.text:0041874D                 movzx   ebx, byte ptr [edx+eax]
.text:00418751                 mov     [ecx+eax], bl

Access violation here:

Code: Select all

.text:00418751                 mov     [ecx+eax], bl

Memory protection disallows usage of VirtualProtect for regions controlled by VMProtect. Please notice that your code doesn't analyse the result of VirtualProtect and writes data into a read only region.

[Admin]

[drlai]

after I switch off 'memory protection'

it shows this error.

[Admin]

This error has been fixed in 3.0.1.465. Please check it.

[drlai]

Thank you for your hardwork!

Yes, I have tested and it seems working fine so far, and it passes all unit tests.

1. Could you delete the binaries I sent to you for debugging and testing purpose? I don't want trouble in the future because it is confidential. thanks

2. I tested with Hyper-V on, do you think it is possible to ignore machines with Hyper-V on as being in 'Virtual Machine'?

3. The hardware ID is changed with VMP3, but I still can decode the hardware ID string using previous method, am I right? could you confirm with this?

Thanks a lot!

This error has been fixed in 3.0.1.465. Please check it.