[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[exelist] Re: Time to detect ProcDump...

To: <exelist@egroups.com>
Subject: [exelist] Re: Time to detect ProcDump...
From: "G-RoM" <g-rom@...>
Date: Fri, 23 Apr 1999 12:56:20 +0200
Delivered-to: listsaver-of-exelist@egroups.com
Delivered-to: listsaver-egroups-exelist@egroups.com
Mailing-list: contact exelist-owner@egroups.com
Reply-to: exelist@egroups.com

Hi,

Time to detect ProcDump ? Well I encountered many tricks against ProcDump
already. However they are transparent to end-user (see Neolite Erase loader
objects infos trick for example). Detecting the tracer is not new, PEshield,
PEcrypt32, PElockNT already did it. Those tools states clearly in their docs
that they have several anticode for ProcDump. The lack of support for them
is however rather a lack of time than something else. ProcDump tracers are
not designed  to fight with ADT, they only have workaround as stated Lorian.
May be a real tracer will come later ;).

Best regards,
G-RoM
"If it runs, it can be defeated."


------------------------------------------------------------------------
eGroup home: http://www.eGroups.com/group/exelist
Free Web-based e-mail groups by eGroups.com

Prev by Date: [exelist] Re: Time to detect ProcDump...
Next by Date: [exelist] protection on PKZIP?
Previous by thread: [exelist] Re: Time to detect ProcDump...
Next by thread: [exelist] protection on PKZIP?
Index(es):
- Date
- Thread