it already is... in the new 6.0 beta build ;)Well, only if it supposrts the audio protections. :D

I'm so pleased with this program - just great! I saving me soo much time and I can't fault the protection identifying aspects..so grateful.

But, like most software developers I'm sure you like feedback, so here's mine...

Can you make the interface and text a little bigger so I don't have to press my nose against the screen to read it (he he, just kidding ;)). Just thinking FULL screen.

And, also, for common folk like me who don't really need to read thru the finer details, could you do something simple like change the colour of the text for when a protection type _IS_ identified? It's just that I find myself reading a paragraph of text when there was no actual protection detected. I guess what I mean is to FLAG the text when a protection mechanism is detected.

Anyhoo, I would like to think that ppl like me, complain and whinge as we might, actually DOO appreciate the work that must go in to this type of software and just thought you might like appreciate some feedback.

Keep up the FINE work,

Sara x

can't be fullscreen.it would be a crap!he could just make the window a little bigger

Hi cdkiller! :D

Firstly i'd like to say thanks for PID! as it really is an excellnt program :)

...Now onto my question, I downloaded the latest version and ran it, but the GUI on it doesn't look like the ones you have at your Home Page, showing the GUI's of PID v5.0 Final b. My one looks like the v5.0 FiNAL [public] version!? :confused: as it doesn't have the Log Filter tick box or any of the tabs :(

Thanks for any help regarding my little dilema :)

it doesn't have the Log Filter tick box or any of the tabs
the pictures on my website are screenshots of the work in progress v6.0.

the current PiD Beta Build 17072004 is near perfection in detecting all kinds of exe protectors. if anyone wants to contribute to protection id, i´m looking for the following (older) executable compressors / encrypters wich are hard to find on the net:

- Petite 2.0 / 2.1
- SD Protector v1.13 (private, for registered users only)
- EXEStealth < v2.70
- Morphine v1.1
- k.kryptor 8 + k.kryptor 9
- PE Mangle
- PE Nightmare
- DBPE 2.x
- Simple PE Crypter
- UPX Protector < v1.0e
- YodaCrypt v1.0

Thanks alot for the rapid reply. I'll have a look, and ask about for the (older) executable compressors / encrypters for you ;)

I look forward to v6.0 :D do you happen to have a rough release date?

Like I said before, you should label it Protection ID 6 and you did it... :)

Hey cdkiller what about programmerstools (http://www.programmerstools.org/) there are executable compressors / encrypters.
I think you know this site and I misunderstood you is that possible??! lol

do you happen to have a rough release date?
nope. not yet, there´s still a lot wich needs to be coded and improved.

what about programmerstools
all tools are already added from protools ;)
now i want to add the older versions as well.
if you could see the changelog you would be suprised what pid 6.0 has to offer...

Where Can One Locate Gamesxcopy (version That Dubs Xbox, Paystation Etc Not Just Pc Games)? Muchos Gracias..

Where Can One Locate Gamesxcopy (version That Dubs Xbox, Paystation Etc Not Just Pc Games)? Muchos Gracias..
how should I know? :confused:

if you show the german cd check strings I maybe could add some.

sure, you can help if you want to.
drop me a pm so we can discuss about adding new cd-check strings...

just to let you know, v6.0 is progressing very good and stop thinking there won´t be any new pid due no more recent news.
i don´t post any news because i don´t like to see ppl using our new features in their crappy tools. pid 6.0 will be a very big surprise to everyone ;)

The Scan found StarForce, so did I :)
But now that starforce is found,
isn't there a way to removing it ?
Because it sucks balls.
Can't get Beyond Divinity to run
Any tips ?

btw it would be cool if you could implement all known unwrappers or at least the unwrapper from r!sc i think. A working unsecurom for winxp would be cool, too :)

But i think its just a dream...

Hope dies at last :D

erm... there will never be an unwrapper in a version of PiD wich is available for the public due numerous reasons... one is that PiD will always be a legal tool.

boo

I scanned GTA Vice City PLAY disc with PID latest version, but it did not detect any protection. Perhaps I was using PID incorrectly? Anyway I used another program and it detected secuROM.

Any advice?

I scanned GTA Vice City PLAY disc with PID latest version, but it did not detect any protection
the last public v5.0 Final B scans a CD/DVD for Tagés only. v5.0 is a pure file/folder scanner. you can select folderscan (tray menu) and chose the cd as foldername. if it doesn´t detect a protection,always scan the game´s exe (should be gta-vc.exe in this case)

what is the progress of pid 6? :)

any information about next version?

nice tool cdkiller I love it, great work !!

but:
I am just scanning the new Sims2.exe from the MONEY DVD Release, and it says protected with SafeDisc.
Didnt the older PiD told me that it was allready cracked?

what is the progress of pid 6?
the progress is very MASSIVE so expect lots of new stuff.
but i can´t tell you now because it will be a big surprise to everyone ;)

Didnt the older PiD told me that it was allready cracked?
the new version 6.0 got some checks to validate if safedisc has been cracked or not.

when man?i think we are waiting too long.give pid to the people
we want pid

we want pid
i know... lots of ppl want it asap but our goal is to release v6.0 'with lots of new detections and also as bugfree as it can be'.
we want all users to say 'PiD rocks and we don´t need another protection scanner' ;)

soon i think i´ll upload some new pictures of the redesigned gui and much more new features + detections.

i need to get some (original, unmodified) executables and i hope someone who is reading this can help me.

World Basketball Manager (IMPORTANT !)
Baldurs Gate 2 - Throne of Baal (Spanish version only)
Biathlon 2003.exe of Update 1
Warrior Kings.exe
Warrior Kings.exe + exe of Patch v1.1/1.2/1.3
Wet Attack.exe
Worms World Party.exe + exe of Update 1
Uefa Challenge.exe
OutCast.exe
Codename: Outbrake.exe
Fallout 2.exe

kinda old games but all of them are Laserlok´ed.
if you got any of the listed exe files please pm me and you can help to make Protection ID v6.0 even better ;)

damn man.too old ones

oh codename outbreak is starforce 1 protected man

Do you only need those ? I have some laserlocked titles. Tell me if you need them:

Desperados
Dino Crisis
Messiah

damn man.too old ones
yep true but World Basketball Manager was released in 2004, think it´s Laserlok Marathon.

oh codename outbreak is starforce 1 protected man
not all versions, the GER is Laserlok.
are you sure Codename Outbreak got StarForce1 ? (do u have the game?)
btw, PiD detects SF2 just fine in the new version ;)

@Monty
i already got the Desperados.exe.
if you could rar the Dino Crisis and Messiah exe and mail it to me i can have a look "inside". check Protection ID -> Tray Icon -> Support -> E-m@il Feedback for my mail account.

I will do it on Saturday, not at home right now......

Btw, I should have Orion Burger somewhere, it is also supposed to be Laserlok....Interested..?

should have Orion Burger somewhere, it is also supposed to be Laserlok....Interested..?
u know my answer ;)

no don't have it but i remember it's starforce protected plus GCW says it's protected with starforce.eu version is starforce

I,ve been reading a little through this thread and became interested in the "Protection ID". I pasted the address shown in one of the reply's of the site where I could download the program and all I got was an empty shell. Another download I received a .rar file. Is the program "Protrction ID" still available? If it is, would someone link me to it and instruct me how I can use that .rar file I downloaded.

Thanks folks... ;) :confused:

Go to www.rarlabs.com (http://www.rarlabs.com) and download the programm WinRAR.
Use WinRAR to extract the files from the RAR-archive !!!

Thank you very much...

Do I put the .rar in the program Folder after installation?


:)

GLH...

I'm getting an empty shell from their site and from Cnet...

Guess I'll keep trying...


Again...Thank you :confused:

Hmm, the problem is definately on your side. I just downloaded the latest build of PiD from the GCW (http://pid.gamecopyworld.com/ProtectionID_v5.0_Final_B.rar) mirror. It Downloaded and extracted fine.

Also, PiD is an independent piece of software. You dont have to put it any folder. Just launch it with its own exe, find the exe you wish to scan, and bOOOOOOOmmmmm! :)

BOUNTYWARRIOR:

I have a question about a certain archive. In one of my games there's a file with the extension of .arc. I tried everything I could think of to extract the contents without any success. I tried winzip's add-ons and other extraction softwares. Through my playing with this file for the last week, I have concluded that it is not an .arc file and if it is then there's something wrong with it. Would you suggest an approach to this issue, to give me an idea on how to handle this problem? I sure would appreciate it.

I think you're right about the download problem being on my end. I'm going to have to take a look at my security settings and see if that's the issue.

Thanks much... :cool:

Mac, that question has nothing to do with PiD, and therefore this thread. Better open a new thread in the Software Forum (http://www.fileforums.com/forumdisplay.php?f=32) before cdkiller deletes your post :p

Anyways, never tried opening Arc files myself, and nor do I know much about them. Just done a quick search on google, and it appears WinACE (http://www.winace.com) might be able to open them. Hope that helps!

Better open a new thread in the Software Forum before cdkiller deletes your post
not this time ;)
but please keep this thread clean and don´t post off topic.

Ok guys...

Sorry, won't do it again...and thank you for your response BW.


:)

cdkiller: PMs sent :)

thx to all the guys who sent me some original laserlok executables, this detection should be near perfection now.

anyway you may have noticed that the *newer* safedisc like in Knight Rider 2 won´t be detected by Protection ID due the removed SD version in the pe-header. it´s allready fixed in my new private build and pid will show "Safedisc v2/v3 [removed version] detected". perhaps i´ll release a version (based on the last public v5.0b) with just the new safedisc code + new VOB v5.9.xxx detection added so u can detect the newer sh*t and í can continue working on the massive v6.0 ;)

working on cd/dvd sector scanning and scanned the Half-Life 2 DVD.
dunno why other tools like Aray and Clony won´t detect the SecuROM disc
it´s not that hard ;)

-=[ ProtectionID v6.0 ALPHA ]=- (c) CdKiller
Build 17-11-2004
> Ready

[I] Init cd/dvd sector scan for Drive D
[!] -> SecuROM protected Disc
- Scan Took : 0.687 Seconds

--------------------------------

i will release v5.0c with the updated safedisc code in a few days.
there will not be any more features besides the rewritten sd detection.

well I've looked every where..no signs of the protection ID v5.0c thingy..

work on v6.0 continues and i need some help.
everyone who owns original laserlok/safedisc/securom/starforce/tages/vob Protect cd-dvd... protected games can help me. the only thing u need is HexWorkShop v4.2x wich is available as a trial.

pm me for details if you want to help me on pid v6.0´s new features wich will kick all the other scanner´s a**es ;)

games i already got for testing are:
- Apocalyptica (Kalas)
- C&C Tiberian Sun (Kalas)
- Crazy Taxi 3 (Kalas)
- Der Verkehrs Gigant (Kalas)
- Doom 3 (Grumpy)
- Enter The Matrix (Kalas)
- FarCry (Grumpy)
- GTA 3 (Grumpy)
- Gunship (Kalas)
- Half-Life 2 CD (Grumpy)
- Half-Life 2 DVD (my own)
- Hidden & Dangerous 2 (Kalas)
- Indy Car Series (Kalas)
- Max Payne 2 (Kalas)
- Race Driver 2 (Grumpy)
- RailroadTycoon 3 (Kalas)
- Shogun Total War (Kalas)
- Star Wars Force Commander (Kalas)
- Starship Soldiers (Kalas)
- The Hulk (Kalas)
- UT2003 (Grumpy & my own)
- Warcraft 3 (Luci)
- World Championship Snooker (Kalas)
- XIII (Kalas)
- Yager (Kalas)

thx Kalas, Grumpy and Luci !

@CDKiller
I've just sent you the scans for Vampires-The Masquerade Bloodlines and Full Spectrum Warrior.
Pid keeps crashing with Vampires CD1?

try to help you create the ultimate scanner ;)

v5.0c (Protection Update #1)
-----------------------------
v6.0 is progressing very well and the changes are incredible but we thought
we should release v5.0c to keep you up to date because protections have changed...

- added: Safedisc v3.20 - 4.xx detection with removed version
i.e. Need For Speed Underground 2, Flatout, The Lord of The Rings The Battle For Middle-Earth, Knight Rider 2
- added: 3PLock detection (i.e. Kreed, RTL Skijump 2005, RTL Ski Alpine 2005)
(consider our protection as the most proper one because we don´t simply scan for the section names '.ldr' and '.ldt'
like another scanner who also tells windows internal dlls are protected with 3PLock, we are anaylsing the exe ;-)
- improved: totally rewritten Safedisc detection (much faster and highly accurate)

Our goal is to keep you up to date. While continuing work on v6.0 we might put out some more minor updated v5.0 x versions,
depends on how much PC Game protections will change.

cdkiller & [x/xxx]

just for info:
Runaway: A Road Adventure GERMAN DVD: pid doesnt detect the dvd-check

here are the strings i found in hex editor (not shown in string references in win32disasm):
BITTE RUNAWAY-DVD EINLEGEN
Runaway-DVD nicht gefunden
Bitte legen Sie Runaway-DVD ein

so pid should look for:
Bitte legen Sie
DVD nicht gefunden
DVD EINLEGEN

@CD Killer
I've just emailed the scan for Chronicles of Rid**** Escape from Butchers Bay CD1.
Protection ID v6 did not detect any Protection!
A-Ray Scanner did detect SecuRom on CD1. ;)

@noscript
you´ve got pm

@Grumpy
i haven´t spend much time for the cd/dvd sector scan of securom/safedisc.
the detection works fine for me but a few testers reported it didn´t work for them. atm i´m fixing all the bugs inside the executable protection detections. once i think it´s as-bugfree-as-possible i´ll spend my time on the cd/dvd sector fixing.

/the pid developers team wishes a happy new year to everyone of you

BUY super cheap cigarettes and dvd-r vistit now <deleted>

Why don't you just smoke all the stuff and die ?

/Edit:
Thanx Eagle !

While trying to crack Tony Tough I found out that PiD does not recognize the cd check string here it is (from String references):

Cannot find "Tony Tough & the Night of Roasted Moths" CDROM!

Would be nice if you would add the -]SKULL[- tag to the cracked by section

PiD does not recognize the cd check string
can u please send me the exe per mail ?

Would be nice if you would add the -]SKULL[- tag to the cracked by section
skull isn´t a scene group, they are iND crackers

you have mail ;)

Is your site down ? I cant get in.. (keep getting the refresh page) Ive been away awhile ppl so if cdkillers site is down could some-one plz let me know..Thanks

pid.gamecopyworld.com was moved to another server over a week ago and everything was moved before the real move so there should not be any problem

What is the ip address when you "ping pid.gamecopyworld.com" in a command prompt?

Its ok now thanks.. I used " pid.gamecopyworld" and diddnt have a prob. The prob was when clicking on cdkillers link to his site in his profile. Anyway i now have protection ID which is what i was after.

cdkiller what's the progress of Pid????any exe needed ;)

cdkiller what's the progress of Pid???
it´s progressing very nice. once my mate has finished the new core we will join our sources and then we still need time for tweaking/bugfixing.
there isn´t a release date, so we will release it "when its done".
when we are near completition of v6.0 i´ll put out a list of features so you can see what pid v6.0 is capable of.

anyway if you want to help you can send in every exe protected with...
- 3P Lock
- SecuROM v5.03.13 or higher
- Safedisc v4.00.00 or higher
- Starforce 3 + protected dll v3.4.63.01 or higher
- Laserlok Marathon
- VOB Protect CD 5/6
- Sysiphus

ok man i'll have them in mind.

Luci you´ve got pm

Heeya.. great programm i tested it... works nice..


but... i have a question..
Championship Manager 5 seems to have a Secure rom or Safedisc v 7 ... this programm can find a protected area

Scanning -> C:\Program Files\Championship Manager 5\CM5.exe
File Type : Exe, Size : 11177984 (0AA9000h) Bytes
-> Suspicious MZ Header..
- Scan Took : 1.648 Seconds

but if i want to 2 start the game he ask for the original game and with a emulator he said emulation detected... please help...!! :)

to decrypt the version of SecuROM v7.xx.xx i need to make some changes.
atm i´m working on a *generic* v7.xx.xx detection so we can detect it even if the version info has been totally removed :)
we will put out an update maybe v5.0d before we release v6.0

we will put out an update maybe v5.0d before we release v6.0 :cool:

:cool: Utill (but you already know this of course)

hey, ummm I'm just curious, I'm new at using this program. Is there manual on how to use it. I was under the impression that if you run this program on a given .exe file it will patch it so you can use it without getting an error message telling you to insert correct dvd. Am i wrong or did I miss something? This is what is says when i scan the file -=[ ProtectionID v5 ]=- (c) CdKiller
Build 14-12-2004....
> Ready
Scanning -> C:\Program Files\EA SPORTS\MVP Baseball 2005\mvp2005.exe
File Type : Exe, Size : 6976094 (06A725Eh) Bytes
-> File has 1507934 (017025Eh) bytes of appended data starting at offset 0537000h
[!] Safedisc v3.20 - v4.xx or newer [removed version] detected !
[!] Possible CD/DVD-Check String -> MISSINGCD
- Scan Took : 0.203 Seconds

and at the bottom it says scan compete....waiting, does that mean it's still working, or is it done? Sorry to sound like such a retard.

Sorry to sound like such a retard. lol

I was under the impression that if you run this program on a given .exe file it will patch it so you can use it without getting an error message telling you to insert correct dvd. Am i wrong or did I miss something? This proggie will tell you what protection is being used on the exe,dll etc etc. It will not crack it for you. Once you know the protection being used it then makes it simpler for us to know what direction we need to be going. (what to do next). Mind you it would be nice if there was such a proggie that scanned files,fount protection being used,then ripped protection out/fixed it etc. If you find one of those could you let me know plz ;)

lol, no problem, I'll get on top of that, wtf, there's a pig flying outside.

ProtectionID 5.0c doesn't run after installing SP1 on Windows 2003 Server, no error message or anything. Any ideas?

dunno whats causing the problem...
anyway pid v6.0 will be ported over to MASM. we will test it with lots of different Operating Systems and their service packs to trace possibe bugs.

Excellent, looking forward to it :)

any new progress?

any new progress?
yep, many changes have been done in v6.0.
we will also have features other scanners don´t have and could only dream of ;)
and also lots of suprises.

but pid v6.0 is kinda "on ice" for the public atm.
if new exe crypters/packers, pc game prots etc. are released or updated i´ll update pid with the new signatures but the versions will only be given to my
friends to test them.

there will also be a public v5.1 wich adds lots of new and improved detections but no more new features. they will all be used in v6.0.

Man I'm whated for PID 6.0 for about 1 year now! Wonder how old Im gonna get when it hit the market!

PID 5 is a great tool as im sure your aware :) . I to would love to get my greasy little mits on PID 6.0. Oh well i guess we will have to wait a while longer huh. Whats the time scale regarding PID 5.1 (as regards to the general public being able to download ?). Thanks again.

Whats the time scale regarding PID 5.1
i don´t want to say it´s ready in a few weeks. cos if i won´t release it then ppl get mad at me ;)
let´s say when it´s done. v5.1 will get a huge detection update to detect the latest prots and to fix some detection bugs.

i´m thinking about some more betatesters scanning their games/applications
and submitting bugs + executables for testing.
drop me a pm if you want to test it. i will accept a few testers only, but you should have some posts here in the forum and a bit more as a basic knowledge about protections.
best is you are unpacking protections in your freetime.
i.e. exe protectors like armadillo & asprotect, dongles, license systems...

best is you are unpacking protections in your freetime.
i.e. exe protectors like armadillo & asprotect, dongles, license systems...

wooopps...maybe I should sign up since I'm on vacation right now;)

Hi cdkiller,

just wanted to ask about the state of progress ?

well pid detects all the latest pc iso protections.
also we are working on new features of pid wich i can´t tell about.
monty, when i send out the next alpha build you´ll get it too so you can see it yourself. i don´t want to make all the new stuff public yet ;)

monty, when i send out the next alpha build you´ll get it too so you can see it yourself.

That is good news :D

Hi, love the prog, has helped me no end...but thought I'd have a gripe anyways :p and someone else in this thread summed it up perfectly:

Is it possible to make the interface and text a little bigger, it's just kinda on the smallish size.

And, also, for common folk like me who don't really need to read thru the finer details, could you do something simple like change the colour of the text for when a protection type _IS_ identified? It's just that I find myself reading a paragraph of text when there was no actual protection detected. I guess what I mean is to FLAG the text when a protection mechanism is detected.

Cheers :)

...change the colour of the text for when a protection type _IS_ identified...I think it's a good idea.

I know there is something concerning this issue.....cdkiller can tell you more about it.....:D:D

next version detect the cd-checks in the core.dll in
Unreal 2 Engine Games like Postal 2, Splinter Cell and RavenShield.
i need some test reports for fixing the bugs.
You can download the core.dll V 1.0.0.306 on http://www.down-dll.com/index.html?frameA=dll_C

string checks like in core.dll(s) of unreal engine powered games were already added long time ago...
we will have some tests once the gui is done so we can decide about changing the color of detected protections.

Yes if i had to comment one thing i would like changed it would be the same issue about a font change once protections are Identified (for the public version obviously)

(ps thanks for the update cdkiller. I only use PID now as a result of all the work thats gone into it and the advances made from when PID was born and its life started to now when PID is enjoying full maturity ;) One thing i like is the "Protection report" tab as it makes using the GUI so much easier/faster. Keep up the excellent work !!

You will probably flame me for this or something similar but I am just wondering how PiD6 is going... ?

:)

atm development of pid v6.0 is kinda "on hold".
i had a real life drawback the recent time and i need to sort some things...
when will development continue?... honestly i can´t tell yet...
i just have much more important stuff to do...

atm development of pid v6.0 is kinda "on hold".
i had a real life drawback the recent time and i need to sort some things...
when will development continue?... honestly i can´t tell yet...
i just have much more important stuff to do...

Ok, then I know. Sometimes real life needs to be maintained too so focus on that... :)

Hallo cdkiller,

I´m your biggest fan.

I hope u can continue your lifework till perfection.:D

it´s me back with a progress update...

in the next 1-2 weeks i´m putting a new PID rls together.
it will only be a Protection Update wich keeps PID up2date.
new features will be introduced in v6.0 wich we are working on from time to time.

what will be new for PC game protetections?

- Securom v7.xx.xx detection
i won´t show v7.00.00.0xxx because i´m not 100% sure if it´s the real version. just check some games.
i.e. Serious Sam 2 (2005-10-20) is supposed to have SecuROM 7.00.00.0172. (debug the exe and break at the cd-check, search for AddD and you´ll see...
but look at more recently released games...
CSI-3 Dimensions of Murder v1.0 appears to have SecuROM SecuROM 7.00.00.0008 but was released 2006-02-22. another example is Tony Hawks American Wasteland with SecuROM 7.00.00.0014 released 2006-01-17

- JoWood X-Prot detection (beeing used together with SecuROM)
- Laserlok Marathon detection
- Ring-Protech detection
- SmartE Copy Protection detection
- Starforce v3.x version is now displayed with build number
- Sysiphus detection
- Safedisc & Safecast detection improved
- VOB Protect CD/DVD v5.9x with build number detection
- Protect DiSC v6 detection (successor of VOB Protect CD/DVD)

updated non PC-game detections:
- armadillo received the biggest update, pid is now able to tell the version as exact as possible
- ACProtection updated and improved
- ASProtect updated and improved
- ExeCryptor v2 detection
- MoleBox detection

fixes:
- yeah they will be included, thou there isn´t much to fix as the last release was pretty stable code-wise.

the list isn´t completed yet, there will probably more new stuff for you ;)

Nice! ;)

:cool:

:D Good news ! :D

:):):)

Hello, I ran this tool and deleted the attend data, but when I ran the exe, no error, no open, nothing happened. I use this tool again to check it again, it said:

Scanning -> F:\Games\COD2TC\CoD2SP_s.exe
File Type : Exe, Size : 1789952 (01B5000h) Bytes
[!] Safedisc 4.60.000 detected but verification not successfull
assuming exe includes a faked Safedisc version or it has been cracked !
[!] Possible CD/DVD-Key or Serial Check -> cdkey
- Scan Took : 0.828 Seconds


so was there anything wrong with it? Thank you.

Hello, I ran this tool and deleted the attend data

you mean appended data?

if so, why did you delete it, chances are the protection/crack needs it

Scanning -> I:\__pid collect\PC-GAME PROTECTiONS\Safedisc\Safedisc 4.60.000 (Call of Duty 2).exe
File Type : Exe, Size : 3139086 (02FE60Eh) Bytes
-> File has 1353230 (014A60Eh) bytes of appended data starting at offset 01B4000h
[!] Safedisc 4.60.000 detected !
[!] Possible CD/DVD-Key or Serial Check -> cdkey
- Scan Took : 1.391 Seconds

like tippex said, the appended data is part of the safedisc protection.

[!] Safedisc 4.60.000 detected but verification not successfull
assuming exe includes a faked Safedisc version or it has been cracked !
u thought you can crack safedisc when removing the appended data?
it´s not that easy. u need a debugger, bypass the anti-dbg, get to the (hardcoded) oep, dump, fix imports, fix redirected calls, recover stolen bytes and rebuild the exe.

this safedisc discussion made me have a deeper look at it ;)
i´ve coded a better version detection when the version is removed.

-=[ ProtectionID v6.0 *PRiVATE* ALPHA ]=- (c) CDKiLLER & [x/xxx]
Build 2006-03-31
> Ready

Scanning -> I:\__pid collect\PC-GAME PROTECTiONS\Safedisc\Safedisc 4.xx.xxx (real v4.00.001) (NBA Live 2006).exe
File Type : Exe, Size : 10668852 (0A2CB34h) Bytes
-> File has 1481524 (0169B34h) bytes of appended data starting at offset 08C3000h
[!] Safedisc v3.20 - v4.xx or newer [removed version] detected !
[!] removed version is Safedisc v4.00.000 - v4.00.003
[!] Possible CD/DVD-Key or Serial Check -> Unregistered
- Scan Took : 2.437 Seconds

Scanning -> I:\__pid collect\PC-GAME PROTECTiONS\Safedisc\Safedisc 4.xx.xxx + Custom (real v4.60.000) (Need For Speed Most Wanted v1.3).exe
File Type : Exe, Size : 7254894 (06EB36Eh) Bytes
-> File has 1192814 (012336Eh) bytes of appended data starting at offset 05C8000h
[!] Safedisc v3.20 - v4.xx or newer [removed version] detected !
[!] removed version is Safedisc v4.50.000 - v4.60.000
[!] Possible CD/DVD-Check String -> Please insert
[!] Possible CD/DVD-Key or Serial Check -> CDKey
- Scan Took : 1.735 Seconds

---------------

here´s a list with a few games without any version info:
Flatout
Knight Rider 2
Need For Speed Underground 2
Need For Speed Most Wanted
NHL 2006
NBA Live 2006

i´ve only seen EA games without version info in it...

now you´ll see the version, not 100% exact but better than before (v3.20 - v4.xx or newer) ;)

Hi mate,

good to here you are making progress.

I have got two questions:

1) When will the next "public" be released ?
2) Will it also detect the most common app protectors/packers (I think, you know what I mean: Das Gürteltier mit all seinen Facetten, z.B.)


Greetz

Monty

Das Gürteltier mit all seinen Facetten
yeah the Armadillo protection has been improved a lot. PID can detect versions like v4.00 - v4.05, v4.10 - v4.20, v4.30, v4.40...
i´m also thinking about detections if some arma features like Import Elemination, Debug-Blocker, Copy-Mem2 etc are used.

When will the next "public" be released ?
during the following week.
no big changes thou, "just" updated and improved detections.
v6.0 will be the big one ;)

yeah the Armadillo protection has been improved a lot. PID can detect versions like v4.00 - v4.05, v4.10 - v4.20, v4.30, v4.40...
i´m also thinking about detections if some arma features like Import Elemination, Debug-Blocker, Copy-Mem2 etc are used.



REALLY ??

Oh man, that sounds fantastic. I don't know how this could be coded, but anyway...when you tell me it does, I think I can rely on you :D
Detecting certain arma versions (e.g. 4.10 and NOT 3.78-4.xx, like PEID does) would already be rather cool, but detecting IAT elimination, CopyMem II, Code-Splicing, Nanomites, etc., would be..................
well, I am speechless

Can't hardly wait to see this tool "in action".

v6.0 will be the big one ;)I cannot expect it... :)

v5.1 is ready to download :D

The last public version (v5.0 Final c) was released 14.12.2004.
Right after releasing it, the development of v6.0 has began and still continues.
Now we release v5.1 to keep you up to date. No core changes, just some files from v6.0 alpha thrown into v5 ;-)
New protections were added, important ones got updated and improved, bugs got fixed...

here´s the changelog:

- added: JoWood X-Prot detection
- added: Laserlok Marathon detection
- added: Protect DiSC detection
- added: Ring-Protech detection
- added: SecuROM v7.xx.xx detection
- added: SmartE Copy Protection detection
- added: Starforce v3.x version is now displayed with build number
- added: Tages v5 detection
- added: VOB Protect CD/DVD v5.9x with build number detection instead of showing "VOB Protect CD/DVD [modified version] detected"
- added: ACProtect version detection for v1.09, v1.10, v1.20, v1.21, v1.22, v1.23, v1.3c, v1.32, v1.35 / v1.40, v1.41 and v2.0
- added: Armadillo version detection for v1.00 - v1.84, v2.00 - v2.40, v2.60 - v3.00, v3.05 - v3.20
v3.30 - v3.61, v3.70 - v3.75, v3.76 - v3.77, v3.78, v4.00 - v4.05, v4.10 - v4.20, v4.30 and v4.40
- added: ASProtect version detection for v1.0, v1.1, v1.11, v1.2, 1.22 - v1.23 Beta, 1.23 RC4 - 1.3.08.24, 1.23 RC4 (Registered),
v1.31, v1.32, v1.33, v2.0 Alpha and v2.1 - v2.11
- added: EXE Cryptor v2.0 - v2.1.xx, v2.2.0 - v2.2.4 and v2.3.0 - v2.3.7 detection
- added: FSG v1.0, v1.2, v1.3 - v1.31, v1.3.3, v1.33a and v2.0 detection
- added: PE Compact v2.xx generic detection
- added: PE Compact version detection for v1.00 - v1.3x, v1.40 - v1.50, v1.55, v1.56 - v1.65, v1.66 - v1.84,
v2.0 Beta Build v52, v2.00 - v2.10 and v2.20 - v2.64
- added: some more CD/DVD-Check detections
- improved: Laserlok detection
- improved: Safedisc [generic v1, v2, v3, v4] verification code making it possible to detect a faked Safedisc protection were the SD string
'BoG_ *90.0&!! Yy>' was simply added to the PE header, also added another piece of code checking for 'real' Safedisc
- improved: Safedisc v3.20 - v4.xx [unknown version] is more accurate due new checks
(i.e. NBA Live 2006, version is removed, PID detects 'Safedisc v4.00.001 - v4.00.003)
- improved: Safecast detection in safecast´ed executables
- improved: SecuROM detection, added one more check to speed up scanning in non SecuROM´ed files
- improved: StarForce detection
- improved: UPX detection
- improved: VOB Protect CD/DVD detection completely rewritten

protection id is going to be more than a pc-game protection scanner in the next release. the most important application protections are already be detected in this version. a lot more will follow later.

heh just noticed my post count beeing at 1111 ;)

Well done buddy. Nice work as usual. ;)

Yepp, just tested it on some Arma, AsProtect, Aspack, ExeCryptor etc. files.....very, very nice work.

Many Thanx, dude!

http://i.have.been.banned.for.advertising Visit This New Software

:D :D He he made me giggle. (I have been banned for advertizing) straight to the point Jor forster.

seems like it´s time for v5.1b ;)

Tages detection is broken in Act Of War High Tension.
seems like a new version (v5.4.x.x ?) or a custom one.

also i´ll include "TryMedia ActiveMark" and "KochMedia ePolice" detection cos they´r used in lots of "digital download" versions of pcgames.

the armadillo / asprotect detection will also receive an update to recognize the latest version.

Is it already available for download ?
There is no info about subversion (a,b,...) on PID's website ?
BTW gorgeous program, I really appreciate the huge amount of work that was, is being and will (hopefully) be put into creating this great piece of software...
Honestly, thank you :)

it will be released next week. tages seems to have a newer version (v5.4 ?) within spellforce 2 (+ patch v1.01) and act of war high tension patch 1.

i´ll prolly include some new and more improved app detection like nspack, enigma protector, exestealth, molebox, themida...

another new detection is Sysiphus, this protection is a joke it seems.
lots of read errors to fool burning apps but just a simple GetDriveTypeA routine to check the disc. not even antidebug... :rolleyes:

BTW gorgeous program
thx but without the help of a good m8 PiD won´t have this success, it isn´t coded just by myself.

is being and will (hopefully) be put into creating this great piece of software
yep of course ;)

Hi

I have try your tool, but on Desperados2 Coopers Revange he say no protection found. Why he not find the protection used in the .exe file ?

Perhaps, because it's not protected by any of the known commercial copy protections? Doesn't the documentation of ProtectionID tell you what to do in such a situation?

prolly new tages v5.4 or higher also seen in Panzer Elite Action.
next week i´ll release pid v5.1b wich detects Tages > v5.3.

I have hear that the game have Tages but i not know what for a version.

I wait then for the new version :)

Thanks

http://pid.gamecopyworld.com -> progress update with screens

recent changelog:
v5.1b

- added: Tages v5.3.0.0 - v5.5.0.1 (or newer) detection
- added: Laserlok build date detection if possible
- added: Armadillo v4.42 detection
- added: ASprotect v2.1, v2.2 and v2.3 detection
- added: MoleBox v2.x.x [generic] detection
- added: MoleBox v2.2.3, v2.2.4, v2.2.5, v2.2.6, v2.2.8 and v2.3.0, v2.3.3, v2.4.0, v2.5.0, v2.5.5, v2.5.12 detection
- added: NSPack v1.0 - v2.8, v2.9, v3.0, v3.1, v3.4, v3.6 and generic detection
- fixed: Armadillo v4.40 was detected as v4.10 - v4.20 in some files

the list isn´t final yet. i want to add another securom feature i´m working on atm.
also jowood updated their "x-prot" protection (v2.0 ???). see Panzer Elite Action Multiplayer Demo.

atm i´m working a bit more on Tages improvements.
but i still need the game executables + dlls of the following games:

- ECHO: Secrets of the Lost Cavern (should be tages v5.1/v5.2)
- Desperados 2 (dvd version with tages v5.5)
- Asterix & Obelix 2 (tages v5.1/v5.2)
- Panzer Elite Action (tages v5.4/v5.5 + custom jowood protection)
- Fahrenheit (patched v1.1, tages v5.2)

contact me via pm if you got some of the listed games above
and you want to help improving Protection ID.

Tomorrow I´ll have a look @ the video store, maybe I can find some of the games.:)

But I also have collected 39 exe,dlls which I would like to send u in winrar-format. Tell me if u need `em. If this off topic mods please delete.

Tomorrow I´ll have a look @ the video store, maybe I can find some of the games
thx our local video store didn´t have these games exept fahrenheit (but securom 7 version), i already checked

But I also have collected 39 exe,dlls
see pm ;)

v5.1b released

this build is updated again to detect the latest protections and to sqeeze a few bugs.

- added: Tages v5.3.0.0 - v5.5.0.1 (or newer) detection
- added: Laserlok build date detection if possible
- added: StarForce protection infos (depending on what options were used to protect the game)
- added: Armadillo v4.42 detection
- added: ASprotect v2.1, v2.2 and v2.3 detection
- added: ASProtect v2.x [unknown version] detection
- added: MoleBox v2.x.x [generic] detection
- added: MoleBox v2.2.3, v2.2.4, v2.2.5, v2.2.6, v2.2.8 and v2.3.0, v2.3.3, v2.4.0, v2.5.0, v2.5.5, v2.5.12 detection
- added: NSPack v1.0 - v2.8, v2.9, v3.0, v3.1, v3.4, v3.6 and generic detection
- added: UPX v2.00 detection
- improved: ASProtect v2.0 detection
- fixed: Armadillo v4.40 was detected as v4.10 - v4.20 in some files
- fixed: annoying Starforce bug not reporting protected dlls anymore after executable scanning
- fixed: Protect Disc detection (added a generic string search too)
- fixed: SmartE detection in Softlocx6.ocx
(this protection uses the same wrapper, exept ony byte difference ;P)

expect a new build soon :-)

Hi,
luv your tool :)

current status report of v5.1c *public*

- added: ActiveMARK detection (+ check for unknown/cracked files)
- added: detection if Tages SDK or Tages BASiC is used in protected files
- added: Armadillo v4.44 Beta 1 detection

also i made the log window bigger due several requests...
there are also 2 new screens on my website.

waiting for safedisc 4.70, should be updated pretty quick... ;)

v5.1c is ready to download :)

- added: Protect Disc v7.0 - v7.1 (or newer) detection
- added: Starforce Protect.exe v3.5.xx.xx and v3.6.10.06 - 3.7.16.04 detection
- added: ActiveMARK detection (+ check for unknown versions/cracked files)
- added: detection if Tages SDK or Tages BASiC is used in protected files
- added: Armadillo v4.44 detection
- added: PC Guard v5 detection
- improved: ASPack detection (detects v1.01b, v1.02b, v1.03b, v1.05b, v1.06b - v1.061b, v1.07b, v1.08x, v1.083, v1.084
v2.000, v2.001, v2.1, v2.11, v2.11c - v2.11d, v2.12 and v2.12b)
- improved: TeLock detection (detects v0.42, v0.51, v0.60, v0.70, v0.71, v0.880, v0.85f, v0.90
v0.92a, v0.95, v0.96, v0.98b1, v0.98b2, v0.99, v1.00 and v0.98 Special Build)

Cool.

I download 5.1c, but my McAfee 8 virus scan say, it's troijan New Malware.n :(

False positive. Delete McAfee VirusScan, don't go near Symantec AntiVirus. Get NOD32, Kaspersky or AVG instead; those are proper virus scanners!

THX. I'm now usin AVG free, and all is fine now :cool:

-=[ ProtectionID v6.0 *PRiVATE* ALPHA ]=- (c) CDKiLLER & [x/xxx]
Build 2006-06-20
> Ready

Scanning -> H:\pidv51\Protection_ID.EXE
File Type : Exe, Size : 94837 (017275h) Bytes
[!] UPack v0.399 compressed !
- Scan Took : 0.922 Seconds

UPack is one of the best freeware packers around...
there may be false alarm due the decompresses routine.

Get NOD32, Kaspersky or AVG instead; those are proper virus scanners!
yep i´m with NOD wich i think is pretty good. updates alot and i rarely get false detections.

Looking forward for the v6.0...!

About antivirus, I can really recommend NOD32. Works like a charm here... :)

i´m visiting the "With Full Force" festival today, http://withfullforce.de/
after those 3 days i´m going to release an updated version, v5.1d some time next week or the following.

stay tuned ;)

@cdkiller
i´m visiting the "With Full Force" festival today
I am jealous!! :) Have fun. ;)

i´m visiting the "With Full Force" festival today, http://withfullforce.de/
after those 3 days i´m going to release an updated version, v5.1d some time next week or the following.

stay tuned ;)


looking forward to updated version.

back from With Full Force and a new version is ready :)

v5.1d changelog

- added: SecuROM version detection for v7.01, v7.02, v7.10, v7.11, v7.12, v7.20, v7.21, v7.24 and newer
- added: StarForce BASiC detection (no drivers included) (valid only for SF v3.x)
- added: StarForce ProActive v3 detection (you need to scan the protect.exe)
- added: Tages scanning if Device Driver is called (Disc Check)
- fixed: StarForce bug sometimes not reporting if VFS is used

finally a working SecuROM 7 version detection.
scanners just detecting v7.00.00.xxxx are simply wrong.

short game list:

Constantine - SecuROM v7.01
GTA San Andreas - SecuROM v7.02
F.E.A.R. - SecuROM v7.11
Indigo Prophecy - SecuROM v7.12
Stubbs The Zombie - SecuROM v7.18
Serious Sam 2 - SecuROM v7.19
Rogue Trooper - SecuROM v7.20
Sensible Soccer 06 - SecuROM v7.21
Hitman Bloodmoney - SecuROM v7.24

Nice one, well done. ;)

Well Done !
:)

http://rapidshare.de/files/26951443/bge.rar.html

I bought a low budget version of Beyond Good & Evil. I love low budget versions because they are less or not protected in most cases.
This game has a cd check. If have not managed to crack it yet.

But Protection id also does not recognize the cd check string:

"Bitte Beyond Good & Evil CD 3 einlegen"

This exe contains a little more than a simple cd-check: it is protected with Tages ;)

Ok, I'm sorry, seems that you are right. But PiD does not mention any copy protection.

PID Log:
[I] Init cd/dvd sector scan for Drive H
-> Protection : None/Unknown
[!] File appears to have no protection or is using an unknown protection
- Scan Took : 2.547 Seconds

Scanning -> C:\Games\Beyond Good & Evil\BGE.exe
File Type : Exe, Size : 7700480 (0758000h) Bytes
[!] File appears to have no protection or is using an unknown protection
- Scan Took : 0.235 Seconds

thats because its hard to detect tages, try doing a sector scan on the cd/dvd, it might show up then... tages is 'stealth like' when it comes to detection

noscript, the exe you uploaded is really Tages protected.
The api "DeviceIoControl" is used to call the tages device driver.

the ep of the exe is Microsoft Visual C++ 7.0 but it has custom checks to call the driver wich identifies the original disc.

this version of tages isn´t worth supporting as only Beyond Good & Evil and XIII are using it.

But it would have saved me hours of cracking time *lol*
@tippex: I did a sector scan as you can see in my previous post.

v5.1e is ready to download

- added: SecuROM 7.26 detection
- added: SecuROM 7.xx.xxxx subversions (tested on 90+ executables)
- added: Safedisc seperated detection for v4.50 & v4.60 in executables without version string
- added: Laserlok build detection for v5
- added: Starforce v4 detection inside protect.exe
- added: NSPack v3.3 & v3.5 detection
- added: Armadillo v4.48 detection
- improved: Laserlok Marathon detection
- improved: CodeLok detection
- fixed: Protect DiSC v6.2 build number bug

this build mainly focuses on improving the SecuROM detection, making other detections more generic & faster and improving some code here and there...

*updated file*
when i uploaded the file i checked the Caesar IV Demo wich is the recent SecuROM 7.26.0007 and quickly added this detection too ;)

Big Thx

Thanks Killer. ;)

article on www.copybase.ch

http://copybase.ch/Cb/PHPV2/News/Comments.php?Id=345

:D

special thx to all the people involved into the progress of Protection ID,
you know who you are ;)

Without your help PID would never have become this advanced.

Not without you, that's sure :P
mwahahaha

Just curious, what's v6 doing atm ? Still in progress or development stopped ?

just came back from GamesConvention 2006, played Stalker & Crysis (Singleplayer + LAN), seen latest UT2007 ingame footage, Stranglehold...

best of the show: playing Quake Wars: Enemy Territory on LAN against the developers at Splash Damage :P
wow this game looks so amazing and got the highest level of team based gameplay i´ve seen yet. we played as Stroggs vs. GSF (12:12) in an assault like level with multiple objects for each team: defending bridge, placing mobile turrets & rocket launchers, hack computer, place bomb etc... the level shown included all 5 classes of the stroggs + all their weapons & vehicles. it was just amazing to play this beauty, multiplayer goty award for sure :D

...back to topic ;)
v6.0 is doing fine, but there will be some more v5.1´s first to help keeping users up to date.

@cdkiller
just came back from GamesConvention 2006......
Yep, now I am really jealous of you!! :D

You lucky bugger! :p

(Um just incase the word 'bugger' gets lost on you, its nothing bad. ;) )

(Um just incase the word 'bugger' gets lost on you, its nothing bad. ;) )

depends if you're the bugger-er or the bugger-ee :)

@TippeX
depends if you're the bugger-er or the bugger-ee
The word 'bugger' has many meanings in Australia but I surely didnt mean it in the sense you have mentioned. lol

For example:

When I say "What a lucky bugger" i am really saying you are a very lucky person and I am jealous. :)

If I was to put a small dent in my car I would say "Oh bugger", which would loosely translate to "Oh shit!!" lol

If I was to say, "That TippeX is a really nice old bugger" that would be.........well calling you old! lol (which i have no idea if you are or not :p )
But calling you a "nice....bugger" would not be a bad thing. ;)

If I was to make a mistake fixing the small dent in my car I would say "shit I just 'buggered' that up!!" :)

If someone was annoying me I would say "bugger off!" Now that can also be taken 2 ways:
1. F...k off! (In a bad sense)
2. Go away! (more in a fun sense)

Hmmm, I am sure some other Aussies will come up with some more meanings for the word but then that would be totally 'Off Topic' for this thread now wouldnt it. :)

But honestly, I would never tell cdkiller to bugger off or use the word towards him in a bad sense, only in the humerous sense, and he knows that. :)

So on that note I might just bugger off. :D

heh agreed, we use the bugger thing in uk too, confuses tons of ppl, and you're probably younger than me :)

just found a bug in the SecuROM scan, detecting latest Titan Quest Patch as SecuROM 7.21 wich is of course wrong. it´s newest 7.26.0010 and has already been fixed for the next version 5.1f.

heh agreed, we use the bugger thing in uk too, confuses tons of ppl
yeah, i never knew the real meaning of the word till now ;)

@cdkiller

Could you please check the exact securom version of El Matador which is in the following link: http://rapidshare.de/files/31199788/pc_matador.rar

-=[ ProtectionID v5.1e ]=- (c) CdKiller & [x/xxx]
Build 17-08-2006....
> Ready

Scanning -> L:\El Matador\pc_matador.exe
File Type : Exe, Size : 9842688 (0963000h) Bytes
-> Suspicious MZ Header..
[!] SecuROM Detected - Version 7.26 or newer
- Scan Took : 2.860 Seconds

EDIT: Thank you very much cdkiller.

-=[ ProtectionID v6.0 *PRiVATE* ALPHA ]=- (c) CDKiLLER & [x/xxx]
Build 2006-08-29
> Ready

Scanning -> L:\__pid collect\PC-GAME PROTECTiONS\SecuROM\SecuROM 7.26.0006 (El Matador German).exe
File Type : Exe, Size : 9842688 (0963000h) Bytes
-> Suspicious MZ Header..
[!] SecuROM Detected - Version 7.26.0006
- Scan Took : 3.0 Seconds

Hi I downladed the tool..Run it..

İf you care or not but if you say help me improve this tool I want to tell something about the usage impreovement..

-the color is so dark..you should made some changes in GUI
-Waht if we show just a folder (ex: d:progeam files) and it scans for it?
chooisng exe's are hard.. you know we noobs like the easy way....;)

as written just a request...

thanks in advance

drag the folder onto the window then, pid supports drag and drop...

Folder drag n drop ...
Kewl :)

... but no command line interface? Ts-ts-ts... ;)

oh im sure a commandline version might be present for v6..

(assuming my mind reading of cdk's mind went correctly) :)

(assuming my mind reading of cdk's mind went correctly)
your mindreading could be successful ;)

atm pid supports scanning from cmdline.
create a batch file with the following line:
Protection_ID.EXE -scan TargetName.exe

Ok, where is the download for the file?
Cannot see it on cdkiller's page at all.

pid.gamecopyworld.com

click the 'protection id' on the left side.. it'll change the window
then see the line with 'mirror'.. click it...

alternatively, if that still gives you difficulties...

http://pid.gamecopyworld.com/ProtectionID_v5.1e.rar

sorted.

securom & protect disc updated their protections, so here´s a newer Protection ID :)

v5.1f changelog
---------------
- added: SecuROM 7.27.xxxx detection
- added: Protect DiSC v7.5 (or newer) detection
- added: Starforce 4 protection level (Basic / Pro) detection
- added: Starforce ProActive v4 Protect.exe detection
- added: Safedisc detection for v4.70 in executables without version string
- added: PC Guard v5.01 detection
- added: SD Protector v1.12, v1.16 and [unknown version] detection
- added: TheMida v1.0.0.0 - v1.8.0.0 (or newer) detection
- added: License - eLicense v3.x, v3.20 and v4.0 detection
- added: License - Protection Plus v4.x detection
- improved: ActiveMark detection splitted into v4 & v5
- improved: Xtreme Protector detection code improved
- improved: SecuROM 7.26.xxxx detection, added more detailed versions
- improved: Protect DiSC version detection, added support for most common versions
- fixed: crash during Tages scanning if entrypoint is between offset 2h to 4h

direct download http://pid.gamecopyworld.com/ProtectionID_v5.1f.rar

1.1 Patch of "Die Gilde 2":

-=[ ProtectionID v5.1f ]=- (c) CdKiller & [x/xxx]
Build 15-09-2006....
> Ready

Scanning -> N:\Die Gilde 2\GuildII.exe
File Type : Exe, Size : 11341824 (0AD1000h) Bytes
-> Suspicious MZ Header..
[!] SecuROM Detected - Version 7.27 or newer :(
[!] Possible CD/DVD-Key or Serial Check -> CDKey
- Scan Took : 2.734 Seconds

http://rapidshare.de/files/33236876/GuildII.rar

BTW thank you very much for scanning last time.

The Gilde 2 v1.1 is wrapped with SecuROM 7.27.0010.
as its published by jowood i´d say it gots some custom checks too.

v5.2 changelog

- added: Protect DiSC protection level scan (Pro/Basic)
- added: SecuROM exact version detection for lots of v7.27.xxxx and the first of the new v7.28.xxxx
- added: Safedisc API detection Method 1 (available at oep dump of protected exe)
- added: Safedisc API detection Method 2 (scan protected executable)
- added: CDCops detection (scan *.QZ_ file)
- added: JoWood X-Prot v2.x detection
- added: Armadillo v4.54 detection
- added: ActiveMARK v6 detection
- added: Obsidium version detection for most files
- added: Petite v1.2, v1.3, v1.4, v2.2 & v2.3 exact version detection
- improved: Safedisc v4.70 detection in files with removed version string
- improved: SecuROM 7.26 / 7.27 detection, added more checks for detailed version
- improved: JoWood X-Prot v1.x detection improved
- improved: Protect DiSC 6/7 scan, added more detailed versions
- improved: BJFNT detection rewritten (version detection for v1.1, v1.2 & v1.3)
- improved: EXE32Pack detection rewritten (version detection for v1.37, v1.38 & v1.42)
- improved: ExeCryptor2 detection (also fixes possible false detections)
- improved: Krypton detection rewritten (version detection for v0.2, v0.3, v0.4 & v0.5)
- improved: NeoLite detection rewritten (faster & more accurate)
- improved: Obsidium generic detection, added one more check
- improved: PEBundle detection
- improved: PE Lock v1.0x detection rewritten
- improved: PE Pack detection rewritten (version detection for v0.99 & v1.0)
- improved: Perplex PE Protector v1.01 detection rewritten
- improved: PE Shield detection (version detection for v0.1d, v0.2, v0.25 & unknown versions)
- improved: Shrinker detection rewritten (version detection of v3.4, v3.5 & unknown versions)
- improved: SVKP detection rewritten, detection of v1.051, v1.11, v1.3x - v1.4x (or newer)
- improved: YodaCrypt detection rewritten (version detection for v1.1, v1.2 & v1.3)
- improved: detection for lots of minor exe protectors/packers rewritten, including: cEXE, Air EXE Lock,
DEF, EXEProt v1.x, E-Zip, Lamecrypt, NFO, Noodlecrypt, Passlock 2000, PeX,
PE Diminisher, PE Mangle, PE Nguincrypt, PE Ninja, PKLite32, SEPP, Softdefender,
UPX Scrambler, VBO Watch, VG Crypt, Winkrypt, WWPack32
- fixed: possible crash in Xtreme Protector detection when scanning ExeCryptor v2.2.x wrapped files
- removed: Protection Options in Armadillo scan (will be readded & improved later)
- implemented check for Win32 DLLs with EntryPoint 00h (also fixes rare ASPack/ASProtect crash)
- plus several protection version updates (i.e. Obsidium, MoloBox, PE Compact...)

due the amount of changes the version was raised to v5.2
most of the detection routines were recoded, resulting in faster scanning speed & being more accurate.

we´ve made improvements again in detection of the most common used pc game protections.
SecuROM 7.28 detection is here (older ones also updated and wrong detections fixed),
JoWoods new X-Prot will be detected, CDCops detection was added, ActiveMARK´s
latest version 6 will be recognized, Safedisc routine is able to detect the latest v4.70 games
with removed version and protection level (SDAPI or Safedisc Standard).
Protect DiSC detection is up to date (improved exact version scan) and now also detects
if the protection features are Basic / Pro.

thx to the people who helped with the more advanced features :-)

Great Work Again !!!
:)

Nice work, dude
Arma protection check sounds nice, never knew PiD was actually capable of that :)

btw, I love MoloBox :D

What shall I say, buddy ?

Excellent work......again

I may test it in detail, when I find some time.....

I may test it in detail, when I find some time.....
thx m8 i will apprecciate any help to trace down the bugs :)

i already found 2 bugs wich made it in v5.2 :/
1. detecting the safedisc api in non safedisc files (bah, must be drunk when coding this, bug happens very rarely tho but it could happen)
2. starforce 4.50 version display bug

also i´ve improved the safedisc version detection in files with removed version info (FIFA/NBA 2007 = Safedisc 4.60, Madden 2007 = Safedisc 4.70).

I think I found one more bug:

-=[ ProtectionID v5.1f ]=- (c) CdKiller & [x/xxx]
Build 15-09-2006....
> Ready

Scanning -> C:\Programme\Gothic III\engine.dll
File Type : Dll, Size : 6841344 (0686400h) Bytes
[!] NSPack compressed !
- Scan Took : 1.843 Seconds




-=[ ProtectionID v5.2 ]=- (c) CdKiller & [x/xxx]
Build 01-11-2006....
> Ready

Scanning -> C:\Programme\Gothic III\engine.dll
File Type : Dll, Size : 6841344 (0686400h) Bytes
[!] File appears to have no protection or is using an unknown protection
- Scan Took : 1.969 Seconds

greetz dest

@dest4ever

that was a bug in v5.1f wich got fixed in the current v5.2.
engine.dll isn´t NSPack compressed, it is JoWood´s X-prot dll wrapper (added support for this too now).

v5.2b

- added: SecuROM 7.29.xxxx detection
- added: Starforce v4.50 (or newer) Protect.exe detection
- added: Protect Disc v7.5 exact version info for more subversions
- added: PE Spin exact version detection for v0.3, v0.41, v0.7, v1.0, v1.1 and v1.3 (+ unknown version)
- added: UPack version detection for v0.10 - v0.12, v0.20, v0.21, v0.22 - v0.2, v0.24 - v0.28
v0.29 - v0.33, v0.34 - v0.35, v0.36 and unknown versions
- added: MEW 11 detection (exact version detection for v1.0 & v1.1 - v1.2)
- added: NSPack v3.7 detection
- improved: PE Lock v1.0x detection rewritten (faster & more accurate)
- improved: UPX detection, added more generic checks
- fixed: Safedisc API could be detected in a few non-safedisc files
- fixed: Safedisc detection for v4.60/v4.70 in files without version
- fixed: Starforce v4.50 version display bug

Thank you cdkiller, already downloaded a few moments after your post ^^.

http://img155.imageshack.us/img155/2788/piddc1.jpg


Why does the baloon-info say "ProtectionID v5.1e", though I've got the v5.2b?

Why does the baloon-info say...
well i am only human too, this just hasn´t been changed to v5.2b :rolleyes:

no hypercool special christmas version? :(

no hypercool special christmas version? :(:rolleyes::D

a new version will be out soon, detecting the recent securom 7.30 + tages exact version + other updates...

a new version will be out soon, detecting the recent securom 7.30 + tages exact version + other updates...

Booyah to that. Always happy with your dedication on new versions.

v5.2c is done. this one will be the last version based on the old source wich is written in TASM.
We are currently working on the new v5.3 of Protection ID.
It will feature a major code overhaul and is ported over to
MASM allowing much more interesting stuff to be done.
Expect some news regarding the future of Protection ID soon!

here´s the small but up2date changelog, the big one comes with v5.3 ;-)

- added: SecuROM v7.29.0010, v7.29.0011, v7.29.0012, v7.30.0010, v7.30.0011, v7.30.0012, v7.30.0013, v7.30.0014 and v7.30.0015 detection
- added: Protect DiSC v7.6.1 detection
- added: Tages detection rewritten, added exact version detection of v5.2, v5.3, v5.4, v5.5.0 and v5.5.2
- added: Tages v5.5.2 (or newer) + Additional SoftShield detection
- added: Themida v1.8.2.0 (or newer) detections
- improved: X-Treme Protector detection improved

It seems new SecuRom is already out and PID 5.2c can't detect it^^

Full Game Title: ArmA: Armed Assault
Version: 1.0.5
Language: Euro version
Copy Protection:[!] SecuROM Detected - Version 7.21

Don't have game any more, i sold as it wasn't so good.

yup i already noticed the new SecuROM v7.31 gets detected wrong.
next update fixes it.

first great work that youre doing

but i have some games that only say securom 7.xx

Scanning -> H:\ hca\Resources\HCA.exe
File Type : Exe, Size : 6737920 (066D000h) Bytes
-> Suspicious MZ Header..
[!] SecuROM Detected - Version 7.xx
- Scan Took : 0.578 Seconds

hope there will come a new version

well, what version are you actually using?

forget to mention that i use latest version 5.2c

so i think securom 7.31 or higher

Send cdkiller or me a pm with exe and we will scan it for you. Just upload .exe on rapidshare and give us the link in pm.

the wrong detections of Protection ID v5.2c are just because the new securom version detections aren´t added there.

when Pid detects securom 7.21 on an new game, it´s really SecuROM 7.31
if it shows securom 7.xx, it´s the recent SecuROM 7.32.

@CDKiller:
My BitDefender Internet Security v10 (with newest updates) finds since today "Backdoor.Pcclient.GV" in your PID 5.2c EXE-File (fresh downloaded).
I don't believe it's true, but what can be the reason for the false-alarm?

but what can be the reason for the false-alarm?
could be the packer. i used NSPack to compress the exe.

When will the next version be released?

Is there the possibility to add some features to securom detection?
- detect special time license (used in TDU Public beta)
- detect start and end of time the license is valid

thx in advance

could be the packer. i used NSPack to compress the exe.Since the last update of the virus-signatures BD10 don't find a virus in your PID EXE-File anymore.

When will the next version be released?


when its done i would imagine



Is there the possibility to add some features to securom detection?
- detect special time license (used in TDU Public beta)
- detect start and end of time the license is valid



depends heavily on the securom settings, you should know if your license is valid or not, so i doubt that will be put in...

When will the next version be released?
when its done i would imagine
yep :)
there is no fixed release date, as we want the next version to be the most stable and feature rich PID. the current coding progress comes along very nice and perhaps there will be some news soon ;)

long times no news? there must be something happened?
and guess what... you are right :)

the PID developer team (cdkiller & TippeX)
is proud to release the first v6 screen to the public.

http://pid.gamecopyworld.com/dev/pidv6gui.jpg

to make v6 as stable as possible on the final release, we need good bug testers. so we are accepting beta testers to iron out the last glitches.
message me (cdkiller) or TippeX via PM and tell what you can do to help us bringing v6 to life :-)

Nice progress :)
I've seen this one on ARTeam and I was pretty impressed.
I'd love to beta test this thing but I couldn't come up with enough good arguments to convince you, I guess. ISO Protection knowledge is about 0, I could only scan some cheap app protections (Arma, ASPR, but not even many)...

Keep up the great work, I'll pray for it to be released as soon as possible (in a month maybe ? :p)

the PID developer team (cdkiller & TippeX)
Good to see one of you have finally decided to come out of hiding. ;)
Hopefully it was intentional and not an oversight lol.

Well done guys. :)

going to visit the WithFullForce Metal festival in germany. i´ll be back at monday. keep this thread clean ;)

have questions concerning PID and/or the current Beta? pm TippeX

Protection ID v6 newsupdate:

As you can see Protection ID v6 is progressing very well, thx to our beta testers for
reporting bugs, crashes and giving us ideas on what we can add to the functionality.

The current version does detect more than
250 exe-packers, PC ISO Protections, Dongles, Licenses and Installers in
such an exact and fake proof way you haven´t seen before in any scanning tool due the detailed checks.
False reports and detection where other tools fail are history.


Log Window with Context Menu
http://pid.gamecopyworld.com/bilder/pidv6log.jpg

CD/DVD Util
http://pid.gamecopyworld.com/bilder/pidv6makeiso.jpg

PID´s Memory Optimiser on Windows Vista
http://pid.gamecopyworld.com/bilder/pidv6mem.jpg

just curious .. where is that 6.0 info?? also how do ppl scan the newest securom games such as Crysis/Empire earth 3/Timeshift

how do these ppl scan ??
http://www.daemon-tools.cc/dtcc/copy-protected-games-t157p4.html

they're beta testers, with the latest beta.....
and what do you mean 'where is that 6.0 info'...?

I think he means infos/screenshots about 6.0. Just visit the site cdkiller has in his signature.

PID v6.0 Public XMAS BETA

<CDKiLLER & TippeX>

after 10 months of development,
we are proud to bring you this xmas gift.
the first public beta of the new v6 :)

we tried our hardest to bring you a useful,powerful tool.
since development, this concept has mushroomed into v6
which now has a lot of extra functionality compared to v5.
this is the results of all our hard work... we hope you like it

BUT remember it still is a BETA and can contain bugs
(thou we gave our best to fix them all in this xmas build).

grab it from http://pid.gamecopyworld.com/ or use the update function within v5.2c.

http://pid.gamecopyworld.com/bilder/xmasbeta2007.jpg

Great job CDKiLLER & TippeX

Thanks... I will try the new version. :)

this is what i got for scanning Command & Conquer 3 Tiberium wars patch 1.9

Scanning -> C:\Program Files\Electronic Arts\Command & Conquer 3\CNC3.exe
File Type : Exe, Size : 1111304 (010F508h) Byte(s)
-> File Appears to be Digitally Signed @ Offset 010E000h, size : 01508h / 05384 byte(s)
[!] File appears to have no protection or is using an unknown protection
- Scan Took : 0.922 Seconds

what protection does it use??

You are scanning the wrong file ;)

Scan "C:\Program Files\Electronic Arts\Command & Conquer 3\RetailExe\1.X\cnc3game.dat"

when scanning a pc game we suggest you to drag & drop the game folder into PID and then switch to the Protection Report (to be sure you scanned all files).

would all beta testers of pid please pm me so i can contact them about a new build to test .. cheers

just to let you all know, a new release is planned for very soon, which will include many updates, tweaks etc (you know.. the usual stuff)... pid isn't dead.. we just had a lot of stuff to do....

nice :p

faster, more accurate, still better and no more beta - ProtectionID v6.1.3 (build 26th dec 2008)

download / autoupdate available

check the included helpfile for additions / improvements / bugfixes / detections etc.

PID v6.1.6 is out :)

core additions / changes

- new: enabled the PE Stuff dialog (still in early stages)
- new: smbios reporting added (misc tools portion)

- update: pid entrypoint code optimised
- update: updated resizing core, and squashed a few bugs
- update: false positive with some anti virus programs is now fixed (gdata and avast)
- update: folderwatch, task manager, cd/dvd filter driver report, services report and folder locations all have right click context menus allowing the data to be saved to file
- update: uninstaller code tweaked - various fixes on some entries that would not uninstall
- update: update portion is now tweaked, a bit better and more futureproof
- update: windows 7 is now detected right and everything is functional (we are windows 7 compatible)

- bugfix: gui issue when run from context menu (log window will be shown)
- bugfix: file open doing nothing bug fixed - happened on WinXP with no service packs
- bugfix: folderwatch - bugfix in window handler, could have caused a lockup in 9x/me systems


detection additions / changes

- new: check_protectdisc.asm - added ProtectDisc exact v9.0.0, v9.1.0 & v9.2.0 detection
- new: check_g4wl.asm - added Games for Windows Live detection (xlive)
- new: check_steam.asm - added Steam (basic stub) detection
- new: check_activemark.asm - added ActiveMARK v6.50.767 detection

- new: check_breakpointcrypter.asm - added Breakpoint Crypter v0.0.79 detection
- new: check_expressor.asm - added exPresor v1.6.1 (Pro) detection
- new: check_fearzcrypter.asm - added fEaRz Crypter v2.2.0 detection
- new: check_hellcrypter.asm - added HellCrypter v1 detection
- new: check_kratoscrypter.asm - added Kratos Crypter detection
- new: check_npack.asm - added nPack v1.1.800.2008 + unknown version detection
- new: check_obsidium.asm - added Obsidium v1.3.6.1 detection
- new: check_pespin.asm - added PeSpin v0.1 (x64) detection
- new: check_rdgpack.asm - added RDG Pack Lite Edition v0.4 detection
- new: check_roguepack.asm - added RoguePack v4.0 Beta 1 detection
- new: check_rlpack.asm - added RLPack v1.21 detection
- new: check_simplecrypter.asm - added Simpl3 CrYpT3R detection
- new: check_xcrypter.asm - added X-Crypter v2.01 detection
- new: check_zprotect.asm - added in *generic* ZProtect detection

- new: dongle_softdog.asm - added SoftDog Dongle detection

- update: check_protectdisc.asm - removed protection level output (basic/pro) when detecting v9 (this version is all 'Pro', no more 'Basic' v9 games)
- update: check_activemark.asm - ActiveMark v6.1.335 detection rewritten (thx Nacho_dj for reporting a bug in American McGee's Grimm Bundle)


CD/DVD/Image file/sector scan

- update: sector scan updated to handle various movie protection(css/cpmm, cprm, aacs hddvd, aacs bd), this code is still in the experimental stage, and needs testing, but seems to work :)

[I] Init cd/dvd sector scan for Drive O
[i] Detected CSS / CPMM Protection! (0x00000001)
[i] Region Lock Detected -> RegionBitMask: 00000002
[.] Region(s) allowed : 2 (Drive region will need to be changed, you have 2 changes remaining, your current region is : 1)
- Scan Took : 0.828 Second(s)

- bugfix: fixed bug in cddvd sector scanning code (register got trashed) - not critical..

thanks, nice work ppl ;)

v6.2.2

core additions / changes

- new: incorporated PEiD / PE Tools database usage
-> additionally displays the protection found via the userdatabases
-> peid database is expected to be in the same folder as protection id
and should be called peid_database.txt
-> petools database is expected to be in the same folder as protection id and should be called petools_signs.txt

- enable/disable: go to Configuration -> Allowed Scanning Types -> peid / petools (3rd party scan)
- once enabled you can browse the signature files when
clicking the 'Extensions' tab (second icon from the bottom right)
- note: in cases of multiple hits, the highest probability is automatically figured out and reported

- new: work on compiler detection began
-> The compiler detection simply reports what compiler was used to make
the executable, It can also sometimes report the programming language
the executable was made with.

current detections: dotnet, visual basic & visual basic.net, some visual c/c++, borland c++, delphi

enable/disable: Configuration -> Allowed Scanning Types -> Enable Compiler Detection Scan


- new: tooltip preview (configurable option in the settings - under the gui portion)
- new: added in drive type reporting in the misc tools section
- new: added in option in configuration to dedicate 1 cpu to scanning core (if multiple cpu's are found on the system)
- new: added in little pause/resume button in the main dialog (green circle when you load pid)
- new: added in activity reporting on hdd reads, pid is so quick though, you may not notice it, but on large files, its useful because its an indicator pid is doing something


- update: turned on scan inside microsoft cab files as default
- update: added more informative comments into pe stuff
- update: file queue now reports the amount of files it has processed
- update: updated detection routine to report dll compiled in native mode
- update: folderwatch cleanup now works and reporting is handled correctly
- update: updated version info core to handle 'strange' exes with fucked version info, or version information that version.dll does not 'see'
- update: fixed some imports so that pid now loads on windows nt 4.0 (and probably 3.x) without the system throwing an import missing error and exiting the process
- update: services now disables itself if the os is 9x/me (9x/me doesnt have 'services') shares also disables itself if the os is 9x/me (api not present in these os'es)
- update: gui -> cd/dvd tools and the folderwatch buttons are now automatically disabled if the operating system is windows 9x/me (ie: less than windows 2000)
- update: folder location shell32 output now made 9x/me compliant(old comctl32.dll listview issue)
- update: added in minimize to systray if its set in the configuration. if set, pid will minimize itself when its loaded for the first time
- update: added in another handler for smbios, its quicker, but only available in vista or higher
- update: windows product key updated code, now should be good for all windows versions except nt 4.0
- update: windows product key is now also reported for 9x/me
- update: updated code so that windows 95, windows nt 3.x and nt 4.x do NOT have ownerdrawn menus (95 couldn't handle them properly anyway, and nt 3/4 had issues too)
- update: added battery reporting into misc tool window
- update: dep reporting done in misc tools information section
- update: fixed icons in 9x looking too big (now pid looks the same in 98, me, 2k, xp, vista)
- update: pause / resume is now properly functional
- update: added in pause checking into the cab file handler
- update: progress bar resets once scan is complete
- update: added in animated rect for sizing (work in progress)
- update: added tooltip to sizer window

- bugfix: fixed 9x/me crash (bsod) issue in petools stuff
- bugfix: fixed crash issue when viewing reloc information on some x64 files
- bugfix: silent exit / crash issue fixed in win2000 server
- bugfix: fixed position saving bug (reported by Blazkowicz)
- bugfix: fixed os detecton (win nt was detected as 2000)
- bugfix: fixed the strange drag -> drop, file added to queue but scanning not started bug
- bugfix: fix for buffer overrun error when saving a protection log containing lots and lots of files
- bugfix: folderwatch - fixed crash when trying to add more than 2 folders
- bugfix: dirty buffer used in folderwatch reporting code
- bugfix: 9x sizing issue fixed
- bugfix: fixed some problems with windows 95 original (before 95a, 95b and 95c...) where the versioninfoex struct is expected to be a different size, this resulted in a failure in detecting the operating system
- bugfix: various other tweaks & fixes...


detection additions / changes

- new: check_protectdisc.asm - added ProtectDisc v9.5.0 detection & detection of ProtectDisc drivers
- new: check_byteshield.asm - added ByteShield Software Activation Client detection
- new: check_safedisc.asm - now also detects Safedisc 1 icd file as being protected &secdrv.sys
- new: check_tages.asm - code updated to detect Tages protection drivers
- new: check_armadillo.asm - added Armadillo v6.24 (or newer) detection
- new: check_pcguard.asm - added PC Guard v5.03 detection
- new: check_themida.asm - added detection for Themida / Winlicense with Hide PE Scanner Option
- new: check_asprotect.asm - added exact detection of ASProtect v2.3 Build 05.14 & ASProtect v1.40 Build 11.20
- new: check_privateexe.asm - added Private EXE Protector v3.0 (or newer) detection
- new: check_stardock.asm - added Stardock Product Activation Module detection
- new: check_reflexivearcade.asm - added ReflexiveArcade Wrapper - Build 171 and newer detection
- new: check_realarcade_drm.asm - added in RealArcade DRM Module detection
- new: check_popcapdrm.asm - added PopCap DRM Protect detection
- new: check_elefunwrapper.asm - added Elefun Trial Game Wrapper detection
- new: check_playfirst.asm - added PlayFirst DRM Module detection
- new: check_oberonmediatime.asm - added detection for Oberon Media Time Protection Module
- new: check_wildtangent.asm - added detection of the Wild Tangent Wrapper v2.1.2.26 (or newer)
- new: check_dotnetreactor.asm - added .Net Reactor v3.x Library mode (+ Necrobit) detection
- new: check_macrobjectnet.asm - added Macrobject Obfuscator.NET 2008 detection
- new: check_noobyprotect.asm - added NoobyProtect v1.0.x.x and v1.1.x.x - v1.4.x.x.
- new: check_spicesnet.asm - added Spices.Net Obfuscator detection
- new: check_pegasyscustom.asm - added PEGASYS Custom Layer detection
- new: check_serialshield.asm - added Ionworx SerialShield Core.dll & it´s version detection
- new: check_dotnetguard.asm - added detection of the DotNet Guard HVM Runtime Library Module
- new: check_eakey.asm - added in EA Key Module detection
- new: check_sevlock.asm - added sevLock detection

- new: check_asscrypter.asm - added ass - crypter detection
- new: check_billarcrypter.asm - added Billar Crypter v2.0 detection
- new: check_bitfrostcrypter.asm - added Bifrost Crypter v1 detection
- new: check_cigicigi.asm - added Cigicigi File Crypter v1.0 detection
- new: check_cryptdmarnar.asm - added Crypt Dmar Nar v0.5 detection
- new: check_darkavengard.asm - added DarkAvengard Crypter detection
- new: check_dexcrypt.asm - added DeX-Crypt v2.0 detection
- new: check_dirtycrypt0r.asm - added DirTy CrYpt0r detection
- new: check_dhcripter.asm - added DH Cripter v0.1 detection
- new: check_etcv.asm - added ETCV v1.0 detection
- new: check_fishpacker.asm - added FishPacker v1.03 & v1.04 detection
- new: check_flashbackscrambler.asm - added Flashback Scrambler v1.3.x detection (all 3 modes :-))
- new: check_idapplicationprotector.asm - added ID Application Protector v1.2 detection
- new: check_freecryptor.asm - added FreeCryptor v0.3b Build 3 detection
- new: check_gentlemancrypter.asm - added Gentlemen Crypter v1 detection
- new: check_gkripto.asm - added GKripto v1.0 detection
- new: check_haccrewcrypter.asm - added Hac-Crew Crypter detection
- new: check_hipacryp.asm - added HipACryp v0.0.1 detection
- new: check_icrypt.asm - added ICrypt v1.0 detection
- new: check_keycrypter.asm - added KeyCrypter detection
- new: check_lordcrypter.asm - added L0rD Crypter v1.0 detection
- new: check_maskpe.asm - added MaskPE v2.0 detection
- new: check_ncode.asm - added N-Code v0.2 detection
- new: check_nidhogg.asm - added Nidhogg v1.0 Final, v1.1 Beta 1 and [unknown version] detection
- new: check_novacipher.asm - added NovaCipher 1.0 Beta detection
- new: check_npack.asm - added nPack v2.0.100.2008 detection
- new: check_pfecx.asm - added PFE CX v0.1 detection
- new: check_poherna.asm - added Pohernah v1.02, v1.03 & v1.07 detection
- new: check_pokescrambler.asm - p0ke Scrambler v1.2 detection added
- new: check_rdgtejoncrypter.asm - added RDG Tejon Crypter v0.6, v0.7 & v0.8 detection
- new: check_rewolfdllpackager.asm - added ReWolf DLLPackager v1.0 detection
- new: check_roguepack.asm - added RoguePack v4.1 detection
- new: check_scancryptic.asm - added ScanCryptic v2.0 detection
- new: check_securepe.asm - added SecurePE v1.6 detection
- new: check_supercrypt.asm - added Super Crypt v1.0 detection
- new: check_tgrcrypter.asm - added TGR Crypter v1.0 detection
- new: check_vegancrypter.asm - added Vegan-Crypter v0.7 detection
- new: check_yokohcrypter.asm - added Yokoh Crypter v1.3 detection

- new: license_adobelm.asm - Adobe Systems License Manager Module detection added
- new: license_deploylx.asm - added DeployLX Licensing for DotNet detection
- new: license_esellerate.asm - added eSellerate Activation System Core Module detection
- new: license_infralution.asm - Infralution Licensing System for DotNET detection added
- new: license_isquicklicense.asm - added Interactive Studios Quick License Manager detection
- new: license_mirage.asm - added detection for Mirage License Protector
- new: license_sentinelrms.asm - added SafeNet Sentinel RMS Core.dll detection
- new: license_xheolicensing.asm - added Xheo Licensing Module for DotNet detection

- new: dongle_biteboard.asm - added Bite-Board USB Dongle detection
- new: dongle_copylock.asm - added CopyLock Dongle detection
- new: dongle_marx.asm - MARX Crypto-BOX Dongle detection added
- new: dongle_rockey.asm - added Rockey2 / Rockey4 Dongle detection
- new: dongle_sentinel.asm - added detection of the NetSentinel Win32 Client DLL
- new: dongle_sentry.asm - added Sentry Hardware Lock detection
- new: dongle_wizzkey.asm - added Wizzkey Dongle detection

- new: installer_digital_river_downloader.asm - Digital River Download Manager detection
- new: installer_gpinstall.asm - added GP-Install Module detection
- new: installer_lymesfx.asm - added Lyme SFX Extractor Module detection
- new: installer_install_anywhere.asm - added InstallAnywhere detection
- new: installer_installshield.asm - added InstallShield v15 detection & Installshield PackageForTheWeb Installers
- new: installer_lindersoftsetup.asm - added Lindersoft Setup Builder Module detection
- new: installer_omnisetup.asm - added Omni Setup Module detection
- new: installer_popcap.asm - added PopCap Installer detection
- new: installer_realarcade_downloader.asm - added RealArcade Download Manager detection
- new: installer_reflexive_arcade.asm - added Reflexive Arcade Install Wrapper detection
- new: installer_smart_install_maker.asm - added Smart InstallMaker detection
- new: installer_visual_patch.asm - added detection for Visual Patch Installer

- improved: check_starforce.asm
- updated to handle those strange starforce 5.60 exe's that
didn't have version information
- updated to handle Gothic 3 Forsaken Gods (russian)
- improved: check_securom.asm - code updated to detect the drm dyn data module
- improved: check_protectdisc.asm - added one more older version (v7.7.0)
- improved: check_codelok.asm - scanning speed optimizations
- improved: check_sysiphus.asm - optimized detection & scanning speed
- improved: check_solidshield.asm - update for those strange exe's and dll's with no version information
- improved: check_themida.asm - better version detection (v1.8.2.0 - v1.9.5.0, v1.9.7.0 - v1.9.9.0, v2.0.0.0 - v2.0.2.0, v2.0.3.0 - v2.0.4.0, v2.0.5.0 (or newer))
- improved: check_acprotect.asm - faster scanning results
- improved: check_armadillo.asm - armadillo detection code updated
- improved: check_asprotect.asm - rewritten for better version detection
- improved: check_xenocode.asm - tweaked detection
- improved: check_thinstall.asm - updated with another detection method for v3.207
- improved: check_upx.asm - fixed UPX detection code so it detects upx'ed dlls too
- improved: check_xprotector.asm - added in another check (this also fixed a possible wrong detection of Themida / WinLicense protected DotNet executables)
- improved: check_vmprotect.asm - made more generic, adjusted version info output
- improved: check_andpakk2.asm - rewritten, additionally we exactly detect the 2 versions (v0.06 & v0.18) now
- improved: check_anslympacker.asm - rewritten
- improved: check_cicompress.asm - tweaked & optimised
- improved: check_exestealth.asm - added in one more generic check
- improved: check_mew10.asm - tweaked mew 10 detection
- improved: check_pebundle.asm - updated, now detects on an exe wich didn´t before
- improved: check_rdgtejoncrypter.asm - added in a more generic detection method
- improved: check_telock.asm - tweaked TeLock v0.96 detection

- improved: license_elicense.asm - completely rewritten (better v3.2 & v4.0 detection)
- improved: license_flexlm.asm - optimized detection & scanning speed
- improved: license_flexnet.asm - optimized detection & scanning speed
- improved: license_haspsl.asm - added another check for HASP SL
- improved: license_interlok.asm - added in one more generic check
- improved: license_salesagent.asm - optimized detection & scanning speed
- improved: license_sentinellm.asm - optimized
- improved: generic speed improvements in almost all license scans

- improved: dongle_keylok2.asm - updated KeyLok2 Dongle detection for better detection
- improved: generic speed improvements in all dongle scans

- improved: installer_7zip.asm - code updated, now detects an exe it never 'saw' before
- improved: installer_installaware.asm - updated to detect a custom version wich was un-detected before
- improved: installer_installshield.asm - installshield detection is now more generic and improved
- improved: installer_mscabsfx.asm - microsoft cab sfx format detection is now made better
- improved: installer_nullsoft.asm - updated to handle nullsoft sfx exe's with the data in the resource section
- improved: installer_rarsfx.asm - WinRAR SFX detection updated
- improved: installer_zylomgames.asm - detection of another variant of Zylom Games Setup

- bugfix: fixed bug in Cactus Data Shield file scan (discovered by Blazkowicz on acrobat.dll)
- bugfix: check_obsidium.asm - bugfix in obsidium detection code
- bugfix: check_polyene.asm - fixed possible crashbug
- bugfix: installer_redshift.asm - fixed potential bug

still #1 again :)
currently detecting 430 different (!) 32/64bit exe protectors/packers/crypters, dongles, licenses, installers...

v6.2.3

- bugfix: check_starforce.asm - starforce 'crap output' bug fixed
- update feature - updated to show version number on update as well, instead of some 'strange' number

Scanning -> C:\Program Files\Ubisoft Entertainment\Wheelman\Binaries\WheelmanGame-Final.exe
File Type : Exe, Size : 25567232 (01862000h) Byte(s)
[Heuristics] -> Flag : 00000000000000000000000000000001
[!] SecuROM Detected - Version 07.39.0005
[!] LiCENSE - FlexNET v11.4 protected !
[!] DONGLE - Hardlock detected !
[!] DONGLE - SENTiNEL detected !
[!] Possible CD/DVD-Key or Serial Check -> evaluation version
[!] Possible License Protection String -> license server
- Scan Took : 1.969 Second(s)

are you kidding me ??
this game uses securom and none of the dongles or some of the other stuff..
talk about giving bad info.. :eek:

nope, its not bad info.. next time do the research

the game is typically protected with dongles and so on when it is in development, rarely do the developers remove the libraries when it is final.. so the code is still there... its just not used.. pid detects this... this is also evident in other games as well...

so next time you want to state stuff like this do some research first before looking stupid when you're corrected..

Downloaded PROTECTiON iD v0.6.2.3March 2009 today (5/11/09), unzipped to a temp folder, opened it, clicked the SCAN button (also selected scan from Tray icon), selected my D:, and later E:, drives and nothing was reported from/about either... as best I can tell (Interestingly I can EJECT and LOAD both DVD players from the Tray Icon). D: has my Rosetta Stone language DVD and E: a movie DVD. After no result with D: I tried E: with the movie to see what is revealed about it--nada.

Why is nothing being reported vis-a-vis the drives (I would think that no protection, if the case with the movie DVD, is a valid report). Does PiD need to be in a special directory :confused:

SYS INFO-per PiD which gives tons, just nothing about my CDs/DVDs

Free Physical: 51%
Free Page File: 65%
Free Virtual: 97%
CPU Load: 3% to 5%
Mem Load: 48%

Windows 5.1 - Build 2600
CSDVersion : Service Pack 2
PlatformId : 02 (Win32 NT)
Service Pack : 2.0
SuiteMask : 0100h
> VER_SUITE_SINGLEUSERTS
ProductType : 1 [Workstation]
Reserved : 0
VerInfoSize : 156 bytes
------
Windows XP Professional 32 Bit Service Pack 2
Cpu Count : 1
------
Active Cpu -> Cpuid -> GenuineIntel
Processor Architecture : Intel (x86) Based
Extended Processor Detection -> Intel(R) Pentium(R) 4 CPU 2.80GHz
Active Processor Mask : 000000001h
Processor Count : 1
------
Allocation Granularity : 010000h / 065536
Minimum Application Address : 000010000h
Maximum Application Address : 07FFEFFFFh
Total Physical Memory : 1340063744 byte(s) (1277 MB)
------
Boot Type : Normal
------
64 Bit OS : No
------
Terminal Services Present : Yes
------
WPK :<removed>
------
Administrator : Yes
------
PiD 'influenced' by App Verifier : No
------
Windows Install Date (registry) : 24/04/2004 - 07:22:00
Windows Install Date (folder) : 31/03/2004 - 17:13:44
------
Windows Dir : C:\WINDOWS
------
Graphics Adaptor #0 -> Intel(R) 82865G Graphics Controller
---------- DeviceName : \\.\DISPLAY1
------
Graphics Adaptor #1 -> NetMeeting driver
---------- DeviceName : \\.\DISPLAYV1
------
Graphics Adaptor #2 -> RDPDD Chained DD
---------- DeviceName : \\.\DISPLAYV2
------
Monitor Count : 1
------
[Copmuter Info deleted]
------
WindowBlinds Detected : No
Windows Shell = explorer.exe
------
System reports 05 cd/dvd/blu-ray/hd drives
PiD reports 05 cd/dvd/blu-ray/hd drives
------
DEP Setting : Opt In

Notes: I use ZoneAlarm Pro, AVAST anti-virus and Spybot all of which I turned off to see if they were interfering. They were not--that is the results were the same for the SCANs. Task Manager shows 100% CPU usage with PiD running, typically 80+% Explorer, 11+% PiD and miscellaneous. The PiD percentage stays the same whether or not I select SCAN DVD..., and when SCAN is activated the STATUS is operational whether PAUSE is selected or not.

yup, unfortunately this bug was discovered.. the scan cd/dvd->file mode is broken, a new release is planned incredibly soon, only 3 people reported this (including yourself)...

100% cpu in pid i've never heard reported though, thats quite odd

i also edited out your product key (you probably don't want that on the inet)

i can send you a beta copy of the next build if you like, just send me a pm

Hello,

Sorry - I just sent a message/feedback thing saying this before I realized there's a thread for PID!

Anyway - I have v0.6.2.3 March 2009 and I just bought the game Alone In The Dark for PC, so I thought I'd run PID on it and see what it said.

I basically had enabled context menus and selected the "Scan with ProtectionID" option from the menu I got when right-clicking on the drive with the 1st DVD of Alone In The Dark in it.

A bunch of stuff scrolled by in the log window (Nice that you can re-size the window's *width* but it'd be even better if we could make the *height* bigger as well! - just a thought) but eventually it crashed with the standard "do you want to submit this to Microsoft" dialog, etc.

I saved the log info that had been displayed up to the point when it crashed (it still let me select & copy from the window despite having crashed) as well as the two files that it'd made for the crash info to send to MS - I selected not send it, but just made a copy of the files first - one being the .dmp file.

So I'm not sure if you care for any of the files/info/log stuff, or if you have any other thoughts or suggestions as to what else I might try to get it to work or whatever... I thought at least i'd let you know and go from there.

No worries. Thanks! :)

.....but eventually it crashed with the standard "do you want to submit this to Microsoft" dialog, etc.


that should not have happened, protection id has its own built in seh, which will intercept such a dialog appearing.. very strange, but if you have the logs etc, it can't hurt to take a look, can you email them? (protectionid**********com)
rar'ed up preferably :)

new build coming soon too.. finishing some stuff in it currently..

a little status update:

our next version is called 6.3.0 due major improvements :)
it features highly optimized scanning routines resulting in an more accurate & faster detection than before.

we´ve tested several exe-fakers wich add signatures for other common exe protectors. the goal of this tools is to 'hide' the real protection. all of the other available scanners are fooled, we aren´t, not even in a single test, and we did a hell lot of them :)

also we did optimize the scans for the ' more common' protections / added more detailed info, like SecuROM, SolidShield / Tages, Protect DiSC & ActiveMark, added more info for the newly used Byte-Shield protection, more upx packed file infos etc...

there will also be 2 more 'tools' in pid. one will be usefull for crackers, the other one is a quite usefull for every windows user.

and as usual the bugfixes & core improvements :)

when it will be out? well... tomorrow, i´m going to visit the 'with full force' festival (http://withfullforce.de/deutsch/index.html) :)
i´ll be back at monday, so i think a release in that week is very possible.

Scanning TWW.exe from the whispered world results in crashing of v6.2.3.

can you put the exe online somewhere (rapidshare etc..) ?, so i can download and fix the crash, there's a high probability its already fixed, but it'd be nice to check before we release 6.3.5 (maybe 6.4.0), quite soon (main delay was caused by optimising code and switching to masm 9)

thanks in advance

http://rapidshare.com/files/276711593/whisp.rar

I have packed the copy prot relatated files also.

It would be nice to see pid more focusing on copy protection again than on all the other tools. Furthermore I dont understand why it has to store stuff in registry and create icons everywhere.

it stores stuff in the registry for the settings (last window location, context menu and so on, also (optionally) it adds in the setting to autoload with windows, and stores the settings like which protections to scan for etc.. allowing you to customise its scanning depending on your needs), as for 'icons everywhere', it only makes 2 shortcuts on the desktop (only if it was not loaded from removable media), one for pid itself, the other for pid safe mode (which can be used to diagnose problems), and you can easily delete them.. or did you mean something else?

grabbing files now will check and report back soon

*edit* scan completed :)

[scan report]

Scanning -> W:\temp\crashpid\TWW.exe
File Type : 32-Bit Exe (Subsystem : Win GUI / 2), Size : 3070024 (02ED848h) Byte(s)
-> File has 3053128 (02E9648h) bytes of appended data starting at offset 04200h
[File Heuristics] -> Flag : 00000000000001001100001100010111 (0x0004C317)
[!] SolidShield EXE Wrapper detected !
- Scan Took : 0.891 Second(s)

Scanning -> W:\temp\crashpid\dvm.dll
File Type : 32-Bit Dll (Subsystem : Win GUI / 2), Size : 33530022 (01FFA0A6h) Byte(s)
-> File has 33224870 (01FAF8A6h) bytes of appended data starting at offset 04A800h
[File Heuristics] -> Flag : 00000000000001001100000100000100 (0x0004C104)
[!] SolidShield Core.dll [unknown version]
[i] Tages Setup Version: v5.5.7.2
- Scan Took : 0.641 Second(s)

all the other files had nothing, so the crash appears fixed, thanks for the report :)

Just wanted to throw in a few things:

First off, thanks for keeping this tool updated - it's saved me A LOT of trouble over the years. The work you've put into it is very much appreciated.

I've noticed the latest version has a tendency to crash a lot under windows 7, generally right in the middle of scan but I can't track it down to any one file. It seems relatively random. I just get the standards windows application crash screen with the option to check for solutions and such. I'd say the crash rate is about 15% of scans, but when it does go it does detect correctly. (I realize you never gave it a go for win7, just letting you know.)

Also, I just wanted to throw in my lot for something like a "lite" version of protection id. I really don't care for all the extra tools, the registry entries or the desktop icons. I'd much rather it saved anything it really needed to save to a .ini, but without all the extra bloat/tools I don't see what it would need to save. Window sizes and such can be reset launch, no big deal. I like "clean" programs. A nice simple protection identifier would be great.

And finally, can you tell me what the "autoplay enabled/disabled" icon does? It's one of the 4 or 5 icons in the upper right (near pin, minimize to tray, etc.), looks like a little cog wheel. When you click it it gets shaded blue, but if I exit out of protection id and go back in it's white again. It doesn't seem to affect the CD or removable device autoplay setting at all - nor does it cause protection id to automatically scan or something like that. If you'd tell me what exactly this option changes (what registry entry) and what it was supposed to have done originally I'd appreciate it.

hi, thanks for the feedback, windows 7 we do actually test on, we plan a new release pretty soon, which should hopefully fix any windows 7 issues you're having, some of the registry entries (like the context menu ones) will probably remain, the desktop icons can be turned off in the configuration part of pid..

the autoplay enabled icon turns off autoplay (or rather, it responds to the message windows sends when a disk is inserted and autoplay is about to load), but another program on the system can 'override' this if it responds differently to the global message windows sends.. will look into this further on windows 7 :)

I haven't any issues on win7 x64, not one crash ;) and i've scanned a lot of files lately.

where can we get the latest beta's from ? or is is closed secret group ?
i have many new tages games that don't show tages info and also i think tages can detect pid and crash it ?

so when is a new version available?
no xmas 09 preview this year?

how does tages make the current version crash ? how is it possible for a non executed data file to make another program crash just when it looks at the inside of it's contents? secret?

it will be out when its out
tages crash has been fixed as far as i know
crash was caused by scanning past a memory boundary.. nothing magic, nothing secret, just a pointer being invalid

latest betas -> yep its a closed secret group, anyone can apply, but you'd have to have good reasons (ie: not just trying to obtain the latest version.. we look for people with good testing skills)
and well, you have 3 posts and your comment also i think tages can detect pid and crash it ? just told me you have no understanding of how pid works, or how processes work,
so you sort of shot yourself in the foot there

we had a new user coming in posting a url which supposedly had protection id available as a download, the same user made 3 posts with similar content...

as a precautionary measure i deleted the posts...

if anyone does not know where / how to get protection id from a clean source then please use...

pid.gamecopyworld.com

we do NOT post any releases of protection id on ANY other sites except the one above, if you download it from ANYWHERE else, you do so at your own risk.

...

edit : update - i downloaded the supposed file and it was a dll inside a folder called 'key'... so it wasn't protection id, thus the user was spamming some malware / virus crap and got a christmas holiday, be careful of your sources folks :)

hello folks!

We are proud to present you the next and most up2date version of protection id.
it was about time to bring this to the public, as the last version was released back in march.

During development of this version we ported it over to MASM v10,
using the latest compiler & linker available at the moment.

This version of pid features highly optimized scanning routines, resulting in very fast detections.
i.e. a 2 GB setup.exe in processed in less then 1 second (smart mode kicks in).

We tweaked nearly all scans to benefit from our new procs.


core additions / changes

- new: compiled using masm v10 compiler & linker
- new: added in new and optimized scanning routines
- new: protection id is now able to scan inside msi files
- new: clean temp tool (Extensions -> Clean Temp)
- new: added in our own fast internal zlib decompresion routines
- new: compiler detector updated to detect:
- more Visual C++
- appended flash files
- Power Basic
- Watcom C/C++
- MinGW
- GoASM

- update: reporting part on file type, now reports bitness & file subsystem
- update: added in recovery system - if a crash happens when scanning a file/cd/dvd and the crash is in the scanning thread,
the seh system will 'recover' the crash, skipping all other scan modules and simply clean things up.
So a crash when scanning does NOT take protection id down (the crash is reported to the log)
- update: windows error code resolver dialog got a face lift and some added functionality
- update: initial modification to report cpu usage on ALL available cores
- update: shortcuts are now not made if pid is run from a removable drive
- update: added in reporting for uac setting in vista or higher
- update: scan size threshold increased to 50mb
- update: added in the nfo association configuration
- update: compiler detection enabled by default now
- update: adjusted the way the systray worked
- double left click on the pid icon will cause the pid window to be shown / hidden
- right click on the pid icon will cause the right click systray context menu to appear

- bugfix: cab file handler bug fixed
- bugfix: scan file on cd/dvd did not work
- bugfix: fix for shortcuts getting fucked
- bugfix: fixed bug in the seh system, which lead to a crash
- bugfix: file queue stuff (pause, remove, clear all) fully operational again
- bugfix: logic fix, checking section count could technically be wrong if exe was x64
- bugfix: selecting scan folder 2x resulted in it messing up
- bugfix: minor adjustment to avoid closing an invalid handle
- bugfix: fixed output bug on small files
- bugfix: fixed a possible win9x issue
- bugfix: minor gui fixes


detection additions / changes

- new: check_activemark.asm - added exact version detection & more detailed output for v4, v5 & v6 of ActiveMark
- new: check_byteshield.asm - ByteShield detection got heavily updated, now it contains a lot extra more info
- new: check_ea_custom.asm - added in detection for EA Custom Protection (used in The Sims 3)
- new: check_gameguard.asm - GameGuard Launcher Module & it's version got reported
- new: check_hackshield.asm - AhnLab HackShield detection added
- new: check_impulse.asm - Impulse DRM (+ core module) detection added
- new: check_protectdisc.asm - added in new versions: v9.11.0, v9.20.0, v9.25.0 & latest v9.26.0
- new: check_protectdisc.asm - added in detection of how many trial days a Protect Disc exe is allowed to run
- new: check_safedisc.asm - updated to detect clcd32.dll, dplayerx.dll, drvmgt.dll from old safedisc 1 games
- new: check_secureebook.asm - added in Secure eBook Wrapper detection
- new: check_securom.asm - added SecuROM DFA v1 and v2 detection
- new: check_securom.asm - added SecuROM 7 dfa.dll detection
- new: check_securom.asm - added detection for SecuROM 5 and 4 (or lower) dll modules (cms*.dll sintf*.dll)
- new: check_solidshield.asm - added in Tages Setup version detection in solidshield core.dll (if found)
- new: check_solidshield.asm - SolidShield wrapped dlls will be detected now
- new: check_starforce.asm - added in detection of StarForceFileSystem containers (SFFS)
- new: check_steam.asm - added in detection of the Steam Client API Module & report Steam api usage in exe
- new: check_themida.asm - updated to show watermarking on some versions
- new: check_playfirst.asm - added in detection of the Playfirst Game Library
- new: check_playrixwrapper.asm - added Playrix Game Wrapper detection
- new: check_reflexivearcade.asm - added in detection of build 177 & build 178 of the ReflexiveArcade Wrapper
- new: check_robingameswrapper.asm - added in Robin Games Wrapper detection
- new: check_spintop.asm - added SpinTop DRM Module detection
- new: check_mfortress.asm - added MegaFortress detection
- new: check_upx.asm - added in more informative upx info

- new: check_aase.asm - added Aase detection
- new: check_adnexeprotector.asm - added ADN Exe Protector v0.5 detection
- new: check_aliencryptor.asm - added Alien Cryptor v1.0 detection
- new: check_armadillo.asm - added Armadillo v6.40 and v6.60 - v7.00 (or newer) detection
- new: check_aspack.asm - added ASPack v2.2 detection
- new: check_asprotect.asm - added ASProtect v1.4 build 04.01 Beta detection
- new: check_aurastompercrypter.asm - added AuraStomper Crypter detection
- new: check_babelobfuscator.asm - Babel .Net Obfuscator detection added
- new: check_blindspot.asm - BlindSpot File Binder v1.0 detection added
- new: check_deepseaobfuscator.asm - added in DeepSea .Net Obfuscator detection
- new: check_dotfixniceprotect.asm - added version detection for v1.0 - v2.x, v2.8 - v2.9, v3.0 - v3.6
- new: check_dotnetreactor.asm - added in detection of dotNET Reactor v4.0 (or newer)
- new: check_dsrfileprotector.asm - added dSR File Protector detection
- new: check_eprot.asm - added !EProt detection
- new: check_epprotector.asm - added EP Protector v0.1 detection
- new: check_fishnet.asm - added Fish.NET packer detection
- new: check_flyskysoftware.asm - added Fly Sky Software Custom Protector detection
- new: check_hackhoundbinder.asm - added in Hack Hound File Binder detection
- new: check_ionworxidentifier.asm - added Ionworx Identifier SDK Module detection
- new: check_leetcryptor.asm - added LeetCryptor v1 detection
- new: check_moleboxultra.asm - added in MoleBox Ultra v4.x detection
- new: check_pcguard.asm - added detection of latest PC-Guard v5.04
- new: check_alloy.asm - added PGWARE Alloy [generic] detection
- new: check_rdgpolypack.asm - added RDG PolyPack v1.1 detection
- new: check_simbioz.asm - added in SimbiOZ v2.1 detection
- new: check_skycrypt.asm - added in Sky Crypt v2.0 detection
- new: check_stultrapack2.asm - added ST Ultra Pack 2 v0.6s detection
- new: check_themisbinder.asm - added in Themis Binder v0.2 detection
- new: check_upack.asm - added detection of more detailed versions
- new: check_vprotect.asm - added VProtect detection
- new: check_zipworx.asm - added ZipWorx detection

- new: license_bentleyieg.asm - added Bentley IEG License Service detection
- new: license_crypkeysdk.asm - added CrypKey v7.0 (or newer) detection
- new: license_crypkeysdk.asm - added detection of the CrypKey License Service Installer
- new: license_desawarelicensing.asm - added Desaware Licensing System for .NET Module detection
- new: license_elicense.asm - now detecting on a dll it didn't see before
- new: license_interlok.asm - updated to detect PACE InterLok System File
- new: license_reprise.asm - added Reprise License Manager detection
- new: license_sentinelrms.asm - added SafeNet Sentinel RMS v8.x detection

- new: dongle_hasp.asm - NetHASP Network Dongles are detected
- new: dongle_hasp.asm - added in detection of the Aladdin HASP SRM Run-time Environment Installer
- new: dongle_ilok.asm - added in iLok USB Hardware Dongle detection
- new: dongle_matrix.asm - added Matrix Dongle detection
- new. dongle_microdog.asm - added SafeNet MicroDog Driver installer detection
- new: dongle_sentinel.asm - added in detection of Rainbow NetSENTiNEL SUPER PRO Dongle
- new: dongle_syncrosoft.asm - added in SyncroSoft USB Dongle detection

- new: installer_advancedinstaller.asm - added Advanced Installer detection
- new: installer_autoplay_media_studio.asm - added Indigorose - AutoPlay Media Studio
- new: installer_bitrock.asm - added BitRock InstallBuilder Module detection
- new: installer_fenomen.asm - added Fenomen Downloader detection
- new: installer_gamehouse.asm - added GameHouse Installer detection
- new: installer_setupfactory.asm - added detection of Setup Factory v8.x modules
- new: installer_uharcsfx.asm - added UHARC SFX Archive detection

- improved: check_3plock.asm - added in another generic check
- improved: check_enigmaprotector - now detects on an Enigma version it didn't 'see' before
- improved: check_hexalock.asm - optimized HexaLock detection
- improved: check_laserlok.asm - optimized Laserlok scanning speed
- improved: check_protectdisc.asm - tweaked output
- improved: check_safedisc.asm - optimized Safedisc v1 scanning speed
- improved: check_smarte.asm - added in two new checks
- improved: check_starforce.asm - improved scanning speed
- improved: check_steam.asm - updated detection on another steam variant on assassins creed and r6 vegas
- improved: check_tages.asm - improved detection of the Tages protection driver
- improved: check_vob.asm - added one more generic check
- improved: check_execryptor2.asm - code tweaked to reduce false positives

- improved: check_alawar.asm - scanning speed optimizations
- improved: check_elefunwrapper.asm - scanning speed optimizations & reports offset / size of virgin executable
- improved: check_popcapdrm.asm - scanning speed optimizations
- improved: check_reflexivearcade.asm - optimized ReflexiveArcade Wrapper detection

- improved: check_abccryptor.asm - added in a new check
- improved: check_armprotector.asm - added in one more generic check
- improved: check_asdpack.asm - scanning speed optimizations
- improved: check_aspack.asm - scanning speed improvements
- improved: check_asprotect.asm - tweaked version output
- improved: check_atreprotector.asm - added in another generic check
- improved: check_bambam.asm - added in two more checks to tighten detection
- improved: check_beria.asm - improved Beria detection
- improved: check_dalcrypt.asm - added in two new checks
- improved: check_dotfuscator.asm - optimized scanning speed
- improved: check_dotnetprotector.asm - optimized scanning speed
- improved: check_enigmaprotector.asm - added in another generic check
- improved: check_epprotector.asm - code adjusted, made faster
- improved: check_exestealth.asm - optimized scanning speed
- improved: check_ezip.asm - scanning speed optimizations
- improved: check_exestealth.asm - improved scanning speed
- improved: check_gieprotector.asm - optimised the signature scan
- improved: check_kkrunchy.asm - added in detections for old kkrunchy (2003)
- improved: check_mew5.asm - Mew 5 EXE Coder v0.1 detection tweaked
- improved: check_mpress.asm - mpress for dot.net - tweaked detection
- improved: check_mslrh.asm - added in two more generic checks
- improved: check_mucruncher.asm - rewritten MuCruncher detection
- improved: check_mz0ope.asm - added in another check
- improved: check_nidhogg.asm - optimized Nidhogg scanning speed
- improved: check_packitbitch.asm - added in two new checks
- improved: check_polyene.asm - added in more generic checks for PolyEne
- improved: check_punisher.asm - added in three new checks
- improved: check_sevlock.asm - tweaked sevLock detection
- improved: check_simplepack.asm - now detects all the simplepack exe's it didn't detect before
- improved: check_softsentry.asm - added in more checks + optimized scanning speed
- improved: check_spicesnet.asm - added in another check
- improved: check_telock.asm - improved TeLock v1.0 detection
- improved: check_upack.asm - added more detailed version checks, tweaked some detections
- improved: check_upx.asm - fixed possible wrong detection
- improved: check_vbowatch.asm - updated with a better signature
- improved: check_visualprotect.asm - added in one more check
- improved: check_vmprotect.asm - now it detects on a dll it didn't 'see' before
- improved: check_wildtangent.asm - scanning speed optimizations
- improved: check_wlcrypt.asm - optimized WL-Crypt detection
- improved: check_xprotector.asm - added in two heuristic checks
- improved: check_yzpack.asm - tweaked

- improved: dongle_hasphlenvelope.asm - now detects on wrapped sys files too
- improved: dongle_keylok2.asm - improved Key-Lok II Dongle scan speed
- improved: dongle_marx.asm - added in another check
- improved: dongle_sentinel.asm - detects Sentinel on x64 executables
- improved: dongle_wibu.asm - added in another check

- improved: minor tweaks for all license detections
- improved: license_crypkeyinstant.asm - improved scanning speed in files wrapped with CrypKey Instant
- improved: license_crypkeysdk.asm - updated / tweaked CrypKey detection
- improved: license_elicense.asm - improved eLicense scanning speed
- improved: license_haspsl.asm - speed up HASP SL Licensing System scans
- improved: license_interlok.asm - scan speed improvements + added in detection for another 'variant' of InterLok
- improved: license_ntitles.asm - scanning speed improvements

- improved: installer_akinstaller.asm - scanning speed optimizations
- improved: installer_clickteam.asm - improved generic detection
- improved: installer_createinstall.asm - scanning speed optimizations
- improved: installer_gkwaresfx.asm - improved generic detection
- improved: installer_patchwise.asm - now detects a module it did not 'see' before
- improved: installer_rarsfx.asm - updated to handle new winrar sfx

- bugfix: check_starforce.asm - fixed possible crashbug
- bugfix: check_dotnetguard.asm - fixed non register preservation
- bugfix: check_vmprotect.asm - fixed generic detection
- bugfix: check_forgot.asm - fixed non detection
- bugfix: check_quickpacknt.asm - fixed non-detection bug
- bugfix: check_shrinkwrap.asm - fixed non-detection bug
- bugfix: check_upx.asm - fixed a possible wrong detection


CD/DVD/Image file/sector scan

- added in SecuROM v7.40 (or newer) detection via sector scan
- some more updates on the iso making code, and the cddvd_api core
- tweaking the cd/dvd dialog portion, now detects and reports errors better, along with better sector calculations
(will now abort if it detects a css encrypted sector when making an iso)

very nice work you two ;)

thanks

Thanks cdkiller.
Already got first PiD crash :(
I already informed TippeX about it.

yup. looking into it when rapidshare gives me a slot to get the files, cheers blazi, it should have kicked in a recovery for the crash, if it was during the scan, or did you get the seh window appearing (or.. hopefully not the doctor watson window) ?

I got seh window.

strange blazi, the seh window was taken out in the 6.3.5 build (you will only see if if a crash happens when not scanning a file) - we added in a recovery system allowing pid to 'recover' from a crash when scanning the exe's, so you should have seen that output, and not the seh window..

if you can reproduce it, can you please check that the pid version reported in the seh window is 6.3.5.. if not, it'll explain the issue, if so, then im lost :)

i noticed that some kb update from microsoft blocked writing to the area where we put the context menu stuff, so there is a possibility your context menu is running an older pid (it was in my case)..

the fix for this is to load pid as admin once, enable the context menus, then exit.. it should then be fixed (hopefully)...

/me takes microsoft off his christmas list

Protection ID v0.6.3.5 DECEMBER has crashed...
Build 12/24/09-20:33:24

Welcome to the scene of the crash.... take me to the hospital

EAX = 000000001h, EBX = 0FFFFFFFFh, ECX = 000001029h, EDX = 000000002h
ESI = 000279080h, EDI = 004A5C4C4h, ESP = 00022FC0Ch, EBP = 00022FD60h

DS = 00023h, ES = 00023h, FS = 0003Bh, GS = 00000h, SS = 00023h
DR0 = 000000000h, DR1 = 000000000h, DR2 = 000000000h, DR3 = 000000000h
DR6 = 000000000h, DR7 = 000000000h

CCW = 0FFFF037Fh, CSW = 0FFFF0120h, CTW = 0FFFFFFFFh, CEO = 0381C745Bh
CES = 00598001Bh, CDO = 038341F48h, CDS = 0FFFF0023h, CR0NPX = 000000000h

Crash @ CS:EIP -> 0001Bh:077421994h, EFlags : 000010202h
Stack @ SS:ESP -> 00023h:00022FC0Ch

Crash Code : 0C0000005h
Crash Report : In Page Error

ThreadID : 023CCh / 09164
ThreadName : PiD Core Thread (thread 1)
Crash Happened in Scan File -> Unknown :(
Procedure Name : N/A
Crash File Line Range (low) -> 00
Crash File Line Range (high) -> 00
ProtectionID was scanning ->
Last Scan was -> Crash did NOT happen in scan thread
Scan was N/A
Next Scan is -> Crash did NOT happen in scan thread

Thread Start Va / Tag : 0x00408FFD

Pid executable range 0x00400000 -> 0x00574000 (0x00174000 bytes)

Crash address is NOT within pid's image


OS is XP SP3

intersting, yours crashes for an entirely different reason, i'll try and reproduce it, and maybe increase the crash report data so it might show return addresses, looks like it crashed in kernel32 or user32..

when i start pid, it crash. the error message is :

Protection ID v0.6.3.5 DECEMBER has crashed...
Build 12/24/09-20:33:24

Welcome to the scene of the crash.... take me to the hospital

EAX = 000000030h, EBX = 00000000Ah, ECX = 000000030h, EDX = 000000000h
ESI = 0004F3240h, EDI = 000000031h, ESP = 00022CFD0h, EBP = 00022D018h

DS = 00023h, ES = 00023h, FS = 0003Bh, GS = 00000h, SS = 00023h
DR0 = 000000000h, DR1 = 000000000h, DR2 = 000000000h, DR3 = 000000000h
DR6 = 000000000h, DR7 = 000000000h

CCW = 00000037Fh, CSW = 000004020h, CTW = 00000FFFFh, CEO = 000000000h
CES = 082936FB0h, CDO = 000000001h, CDS = 000000000h, CR0NPX = 000000000h

Crash @ CS:EIP -> 0001Bh:0761E6155h, EFlags : 000010206h
Stack @ SS:ESP -> 00023h:00022CFD0h

Crash Code : 0C0000005h
Crash Report : In Page Error

ThreadID : 03B4h / 0948
ThreadName : PiD Core Thread (thread 1)
Crash Happened in Scan File -> Unknown :(
Procedure Name : N/A
Crash File Line Range (low) -> 00
Crash File Line Range (high) -> 00
ProtectionID was scanning ->
Last Scan was -> Crash did NOT happen in scan thread
Scan was N/A
Next Scan is -> Crash did NOT happen in scan thread

Thread Start Va / Tag : 0x00408FFD

Pid executable range 0x00400000 -> 0x00574000 (0x00174000 bytes)

Crash address is NOT within pid's image

my os is windows 7 professional 32 bit

edit: in win xp pro sp3, on the same pc, it works fine.

thanks, i think its the same crash as blazi and fp reported to me, will look into it asap,
just to clarify..
you get this when double clicking on pid? or when you scan a file from the context menu?

when i open pid, it immediatly crash.

Same here, instant crash on Windows 7 Prof. x64

weird, will definately look into this.. pf, i've sent you a PM.. let me know if it works out for you :) (danke in advance) (and fingers crossed)