Quote:
Originally Posted by Notmex
Thats what I heard in the past.. Leaked versions get detected by AVs. So I guess they submitted a method to identify a packed/protected executable and even allow access to something like a hash or so to identify a leaked/cracked version to AV companies. So it wont be good to use a leggit purchased protector to protect something evil as it prolly can be tracked back and even released/leaked versions are more evil since the AVs are able to filter them out before execution.
|
sometime AVs block virtualized protected apps just because they dont accompany a valid signature/certificate. but recently this trend has come to a stop . now a days most AVs just flag something illegal if they find out certain protector watermarks which are part of publicly compromised distributions. kaspersky and mcafee used to flag any vmp app which isnt digitally signed or has been tempered. I dont know if they still do so(i just comodo firewall nothing else since i am fed up with antiviruses triggering out now and then).
More or less if you are thinking about doing something malicious , dont rely on protectors . those days are gone.
rather learn something new by making ur own obfuscator.