Themida 1.5.0.0 UnPackMe's here:

http://tuts4you.com/unpackme/index.php?path=PE32bit%2FThemida%2FThemida+1.5.0.0/

Ted.

Hi Teddy !

Is this unpackme packed by ( Registered Version of TheMida ) or ( Cracked Version And Demo Version ) ?

my friends tells me : "Cracked Version" And "Demo Version" of this packer hasn't professional anti-dump / anti-debugging feutures; and just "Registered Version" has professional anti-dump / anti-debugging feutures ... are they right ?

Edited June 8, 200619 yr by SUB Z3R0

Well put it this way, I can debug in olly and dump with LordPE.

Which tends to suggest they arent present

I have no idea what oreans are upto, they are making this easier than the earlier versions!

Very inline patchable aswell, but unlike 1.0.0.5 there are alot more stages between hard code and program code.

Edited June 8, 200619 yr by Whiterat

They were packed using the cracked version. I'm trying to get my hands on a full licence or in contact with someone with a valid licence to create some unpackme's and see if there is a difference in later Themida versions. If anyone can help please contact me...

Ted.

There should not be any difference between cracked version and registered version!

There shouldn't be if it has been reversed correctly but it would be nice to get hold of a valid licence or copy just to confirm these facts - or find a known application packed with the latest version and protection features...

Ted.

TEDDY

i found you a valid licence for these versions [posted by Celta68]

works with versions 1.3.5.5 and 1.5.3.0

works with versions 1.0.0.5 and 1.5.3.0

Edited June 10, 200619 yr by s0me0ne

Sure I do Please mail it to me at: teddyrogers@tuts4you.com

Many thanks...

Ted.

I found it already...

Ted.

i take it youve just been to unpack.cn so no need 2 mail you?

Edited June 10, 200619 yr by s0me0ne

All I need now is some of the older none demo versions...

Ted.

ill keep my eyes open

Someone already mailed it to me but I've just seen the topic over at Unpack China. I see it was a result of EMule - good find...

Ted.

SUB Z3R0, I was wrong because Ring0 protections is disabled in newer version of Themida.

I thought Ring0 protection is disbaled in demo versions.

It's gone maybe because of M$ limitations to access low level of OS (Patching Policy for x64-Based Systems).

Ring-0 protection option is still there if you have the none demo version. It was not included in early Themida versions then reappeared at about version 1.2. You could even test Ring-0 functionality out using the demo versions up until version 1.3.5.0.

In WinLicense the Ring-0 has never been used probably to provide better and reliable compatibility as a licensing tool...

Ted.

what's up nima(SUB Z3R0) ?

can you unpack this version?

Can u c any professional Anti-Dump/Debugging protections in that protected UnpackMe?

thanx alot.

Hey!

Does anyone have a cracked version of the newest THEmida?

Or if anyone has a full license?

Sure ... My tutorial works for all versions ... ( because themida hasn't changed yet ! ) ... without ring-0 driver, unpacking this protector is like drinking water !

Edited June 10, 200619 yr by SUB Z3R0

Sure ... My tutorial works for all versions ... ( because themida hasn't changed yet ! ) ... without ring-0 driver, unpacking this protector is like drinking water !

Yeah, you're right, but not in VM case.

There shouldn't be if it has been reversed correctly but it would be nice to get hold of a valid licence or copy just to confirm these facts - or find a known application packed with the latest version and protection features...

Ted.

Here is a program protected by themida(i don't know what version):

http://www.apimonitor.com/download/APIMonitorTrial.exe