Hi,
I'm getting the following output from VMProtect_Con.exe:
1>
1> Loading HDe.exe... 100%
1> Loading 140004153 VMProtectMarker "..."
1> Loading 14036800C WinMainCRTStartup
1> Loading 140001B38 WinMain
1> Loading 140371664 __security_init_cookie (Op.)
1> Loading 1400159BE VMProtectMarker "IDD_CTRL_DlgProc"
1> Loading 14003B56A VMProtectMarker "ecl_show_clean"
1> Loading 140012FCC VMProtectMarker "IDD_CTRL_WM_INITDIALOG_proc"
1> Loading 1403CF860 string "This PC is not authorized to run ....."
1> Loading 1403CFD98 string " - [%s (%s)]"
1> Loading 140002EE0 activate_DlgProc(struct HWND__ *,unsigned int,unsigned __int64,__int64)
1> Loading [U] 1400032CC dlg_activate(struct HWND__ *,char *,int)
1> Loading [U] 140004670 dlg_about(struct HWND__ *)
1> Loading [U] 140003338 get_snhash(char const *)
1> Loading [U] 14000F044 read_serial(struct HWND__ *,int)
1> Loading [U] 14000356C get_url_response(char const *)
1> Loading [V] 1403CFCDC string "serial"
1> Loading [V] 1403CFCE8 string "is_license_blocked.php?hash=%s"
1> Loading [V] 1403CFD08 string "VMProtect"
1> Loading [V] 1403CFD20 string "server"
1> Loading [V] 1403CFD48 string "GET"
1> Loading [U] 14000EF7C online_thr_prc(void *)
1> Loading [V] 1403D0430 string "error- License Blocked or Unknown Error"
1> Loading [U] 14036BB8C __crtGetShowWindowMode
1> Loading [U] 14037161C __set_app_type
1> Loading [U] 14036E91C _heap_init
1> Deleting [U] 14036E91C _heap_init
1> Loading [U] 14036BFD0 _FF_MSGBANNER
1> Deleting [U] 14036BFD0 _FF_MSGBANNER
1> Loading [U] 14036C044 _NMSG_WRITE
1> Loading [U] 140365A74 __crtExitProcess
1> Deleting [U] 140365A74 __crtExitProcess
1> Loading [U] 14036F13C _mtinit
1> Deleting [U] 14036F13C _mtinit
1> Loading [U] 14036BFD0 _FF_MSGBANNER
1> Deleting [U] 14036BFD0 _FF_MSGBANNER
1> Loading [U] 140365A74 __crtExitProcess
1> Deleting [U] 140365A74 __crtExitProcess
1> Loading [U] 14036B7C8 _RTC_Initialize
1> Loading [U] 14036E5F0 _ioinit
1> Deleting [U] 14036E5F0 _ioinit
1> Loading [U] 1403681AC fast_error_exit
1> Deleting [U] 1403681AC fast_error_exit
1> Loading [U] 140371710 __crtGetEnvironmentStringsA
1> Deleting [U] 140371710 __crtGetEnvironmentStringsA
1> Loading [U] 14037122C _setargv
1> Loading [U] 140365A8C _amsg_exit
1> Deleting [U] 140365A8C _amsg_exit
1> Loading [U] 1403714E8 _setenvp
1> Loading [U] 140365A8C _amsg_exit
1> Deleting [U] 140365A8C _amsg_exit
1> Loading [U] 140365AD4 _cinit
1> Loading [U] 140365A8C _amsg_exit
1> Deleting [U] 140365A8C _amsg_exit
1> Loading [U] 140371804 _wincmdln
1> Deleting [U] 140001B38 WinMain
1> Loading [U] 140365DFC exit
1> Deleting [U] 140365DFC exit
1> Loading [U] 140365AC4 _cexit
1> Deleting [U] 140365AC4 _cexit
1> Loading [U] 140365B84 _exit
1> Deleting [U] 140365B84 _exit
1> Loading [U] 140365AB4 _c_exit
1> 1403E36DC 80813600 dd 00368180
1> [Warning] WinMainCRTStartup.1403E36DC: Processing of exceptions is not supported: 140368180
1> Compilation... 100%
1> Saving... 100%
1> Packing... 100%
1> [Information] Output file size 8487424 bytes (149%)
1>
Below the line:
1> Loading [V] 1403D0430 string "error- License Blocked or Unknown Error"
There are numerous Loading and Deleting lines with functions I did not specify.
And there is a warning about the processing of exception.
In another version of our application (other build target of VS2012), I do not see those extra lines and warning.
The compiler settings of both build targets are the same, except for some defines.
Where do these extra lines come from?
Is the resulting exe protected?
output from VMProtect_Con.exe
Re: output from VMProtect_Con.exe
Could you send us all files that you use for protection?
Re: output from VMProtect_Con.exe
P.S. It seems that you use VMP script like this. Am I right?
Re: output from VMProtect_Con.exe
Yes that's right. I use that script to protect the entrypoint. I use the script in both projects, but only one project gives this output. Am I doing something wrong?
Re: output from VMProtect_Con.exe
Why do you use this script if you don't understand how it works? 
)
)Re: output from VMProtect_Con.exe
Yes, I see. The script adds calls made from the EntryPoint and removes calls to functions with length smaller than 5.
If I disable the script, I still get:
1> 1403E36DC 80813600 dd 00368180
1> [Warning] WinMainCRTStartup.1403E36DC: Processing of exceptions is not supported: 140368180
What should I make of that?
If I disable the script, I still get:
1> 1403E36DC 80813600 dd 00368180
1> [Warning] WinMainCRTStartup.1403E36DC: Processing of exceptions is not supported: 140368180
What should I make of that?
Re: output from VMProtect_Con.exe
VMProtect doesn't support exception handling for x64 application, so it shows warnings for all functions that have exception information.
Re: output from VMProtect_Con.exe
What I still do not understand is that I have 3 almost the same exe files, which are protected by almost the same VMP projects files.
In all three projects runs the entrypoint virtualization script, but only in 2 projects I will get this output.
Do I have to conclude that in the one project where this output is not show, the entrypoint calls are not virtualized?
In all three projects runs the entrypoint virtualization script, but only in 2 projects I will get this output.
Do I have to conclude that in the one project where this output is not show, the entrypoint calls are not virtualized?
Re: output from VMProtect_Con.exe
It's possible that your third project isn't a x64 application or compiled with different options/runtime DLLs.In all three projects runs the entrypoint virtualization script, but only in 2 projects I will get this output.
Re: output from VMProtect_Con.exe
No, the projects differ only at defines (light version versus full version)
Excerpts from the vcxproj file:
This one not generate the Entrypoint messages:
Can you spot a difference which could be responsible?
Excerpts from the vcxproj file:
Code: Select all
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='ReleaseMVCEVMP|x64'">
<Midl>
<TargetEnvironment>X64</TargetEnvironment>
</Midl>
<ClCompile>
<AdditionalOptions>-nologo -W4 -favor:EM64T -MT -GF -GA -GS -Gy -Zi -fp:precise -Gs1024 -O1 -Os -Oi -Ob0 %(AdditionalOptions)</AdditionalOptions>
<Optimization>MinSpace</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>$(SolutionDir)\include;$(SolutionDir)\..\ccl;$(SolutionDir)\..\sdk;$(SolutionDir)\..\blackmagic;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>e_VMP=1;MVCE=1;e_CCPAK=0;LITE=0;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreaded</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<WarningLevel>Level4</WarningLevel>
<DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
</ClCompile>
<Link>
<AdditionalOptions>/OPT:REF,ICF /stack:0x800000,0x800000 /subsystem:windows /manifest %(AdditionalOptions)</AdditionalOptions>
<AdditionalDependencies>$(SolutionDir)lib\bm_api.lib;$(SolutionDir)..\..\H264 SDK\builds\sdk.lib;$(SolutionDir)lib\uil.lib;$(SolutionDir)lib\ddrgb32_2.lib;kernel32.lib;user32.lib;gdi32.lib;comdlg32.lib;comctl32.lib;advapi32.lib;shell32.lib;version.lib;winmm.lib;d3d9.lib;powrprof.lib;shlwapi.lib;d3dx9.lib;dxerr.lib;dxguid.lib;ddraw.lib;Winhttp.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalLibraryDirectories>$(LibraryPath);$(DXSDK_DIR)Lib\x64;%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
<GenerateDebugInformation>true</GenerateDebugInformation>
<OptimizeReferences>true</OptimizeReferences>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<TargetMachine>MachineX64</TargetMachine>
<GenerateMapFile>true</GenerateMapFile>
</Link>
<PostBuildEvent>
<Command>VMProtect_Con.exe $(TargetDir)$(TargetFileName).vmp
if %ERRORLEVEL% NEQ 0 goto failed
if exist "$(TargetDir)$(TargetFileName).org" (
del /Q "$(TargetDir)$(TargetFileName).org"
)
if exist "$(TargetDir)Cinecraft.exe" (
del /Q "$(TargetDir)Cinecraft.exe"
)
ren "$(TargetDir)$(TargetName).vmp.exe" "Cinecraft.exe"
:failed
</Command>
</PostBuildEvent>
<PostBuildEvent>
<Message>vmp</Message>
</PostBuildEvent>
</ItemDefinitionGroup>
Code: Select all
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='ReleaseVMP|x64'">
<Midl>
<TargetEnvironment>X64</TargetEnvironment>
</Midl>
<ClCompile>
<AdditionalOptions>-nologo -W4 -favor:EM64T -MT -GF -GA -GS -Gy -Zi -fp:precise -Gs1024 -O1 -Os -Oi -Ob0 %(AdditionalOptions)</AdditionalOptions>
<Optimization>MinSpace</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>$(SolutionDir)\include;$(SolutionDir)\..\ccl;$(SolutionDir)\..\sdk;$(SolutionDir)\..\blackmagic;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>e_VMP=1;MVCE=0;e_CCPAK=0;LITE=0;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreaded</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<WarningLevel>Level4</WarningLevel>
<DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
<TreatWChar_tAsBuiltInType>true</TreatWChar_tAsBuiltInType>
</ClCompile>
<Link>
<AdditionalOptions>/OPT:REF,ICF /stack:0x800000,0x800000 /subsystem:windows /manifest %(AdditionalOptions)</AdditionalOptions>
<AdditionalDependencies>$(SolutionDir)lib\bm_api.lib;$(SolutionDir)..\..\H264 SDK\builds\sdk.lib;$(SolutionDir)lib\uil.lib;$(SolutionDir)lib\ddrgb32_2.lib;kernel32.lib;user32.lib;gdi32.lib;comdlg32.lib;comctl32.lib;advapi32.lib;shell32.lib;version.lib;winmm.lib;d3d9.lib;powrprof.lib;shlwapi.lib;d3dx9.lib;dxerr.lib;dxguid.lib;ddraw.lib;Winhttp.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalLibraryDirectories>$(LibraryPath);$(DXSDK_DIR)Lib\x64;%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
<GenerateDebugInformation>true</GenerateDebugInformation>
<OptimizeReferences>true</OptimizeReferences>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<TargetMachine>MachineX64</TargetMachine>
<GenerateMapFile>true</GenerateMapFile>
</Link>
<PostBuildEvent>
<Command>VMProtect_Con.exe $(TargetDir)$(TargetFileName).vmp
if %ERRORLEVEL% NEQ 0 goto failed
if exist "$(TargetDir)$(TargetFileName).org" (
del /Q "$(TargetDir)$(TargetFileName).org"
)
if exist "$(TargetDir)Cinecraft.exe" (
del /Q "$(TargetDir)Cinecraft.exe"
)
ren "$(TargetDir)$(TargetName).vmp.exe" "Cinecraft.exe"
:failed
</Command>
</PostBuildEvent>
<PostBuildEvent>
<Message>vmp</Message>
</PostBuildEvent>
</ItemDefinitionGroup>
Re: output from VMProtect_Con.exe
I don't understand why you don't want to load each project into GUI version and to compare the functions from warning messages.
Re: output from VMProtect_Con.exe
In one project __tmainCRTStartup (and it's calls) is included automatically, in the other project it is not. The script runs in both projects.