Samsung Kies with Themida?
 

Today I was trying to transfer some eBooks in PDF to a friend's Samsung Phone with Kies (version 2.5.3.13043_14) while Ollydbg was loaded and was greeted with the nasty message
"A debugger has been found running in your system. Please, unload if from memory and restart your program" with "Themida" in the Title of the message. At first I thought it was a mistake. But after a second pop up Kies was closed. I then restarted it and the same message poped up with Olly loaded. Interestingly I had used KIES some days earlier on the same computer without Olly and there was no such message.

So the question is whether Samsung is protecting KIES with Themida or a third party program inside KIES is using Themida.

Seeing that kies is freeware that would not make a lot of sense.
Check which process fires the message and check it with pid...or scan the entire kies installation folder.

no themida i am found this two only in common folder

Common
basscd.dll===Petite [unknown version] compressed !
bassenc.dll===Petite [unknown version] compressed !

bass*.dll they are from un4seen, which is author of petite :)

What does matter?
Is a freeware and IMHO is much weaker than Nokia PC Suite.

Scanning -> C:\Program Files\Samsung\Kies\External\FirmwareUpdate\CommonModule.dll
File Type : 32-Bit Dll (Subsystem : Win GUI / 2), Size : 1012176 (0F71D0h) Byte(s)
-> File Appears to be Digitally Signed @ Offset 0F5A00h, size : 017D0h / 06096 byte(s)
[File Heuristics] -> Flag : 00000000000001001101000000110111 (0x0004D037)
[!] Themida v2.0.1.0 - v2.1.8.0 (or newer) detected !
[i] Hide PE Scanner Option used
- Scan Took : 0.47 Second(s) [00000002Fh tick(s)] [229 scan(s) done]

Scanning -> C:\Program Files\Samsung\Kies\External\FirmwareUpdate\AgentModule.dll
File Type : 32-Bit Dll (Subsystem : Win GUI / 2), Size : 1626576 (018D1D0h) Byte(s)
-> File Appears to be Digitally Signed @ Offset 018BA00h, size : 017D0h / 06096 byte(s)
[File Heuristics] -> Flag : 00000000000001001101000000110111 (0x0004D037)
[!] Themida v2.0.1.0 - v2.1.8.0 (or newer) detected !
[i] Hide PE Scanner Option used
- Scan Took : 0.62 Second(s) [00000003Eh tick(s)] [229 scan(s) done]

great JeRRy you found that i was scan but there is to many files to scan

"giv" I was not comparing KIES to Nokia PC Suite.
So what is the point of you mentioning Nokia PC Suite here, knowing well that they are both meant for different products, unless perhaps you have a special version of Nokia PC Suite which also works for Samsung phones?

Nevertheless I was just surprise to see signs of Themida in a FREEWARE (as already noted by you) from Samsung.

They both do the same thing

I got-it. You think you are some smart guy.

Is not a rule that only comercial apps to be protected.

maybe Samsung wants to protect their products from eyes that want to steal their source...

Or they are (beta)testing the "technology" behind Themida. :D