MasterPlex 2010 + Keygen

ProtectionID HomePage

(c) CDKiLLER & TippeX [02/2003 - ??/2017]

Contact Email :

“ProtectionID - we innovate, we don’t replicate”

Download (current) ProtectionId.685.December.2016.rar

Download (older) ProtectionId.680.halloween.2016.rar

Download (older) ProtectionId.675.December.2015.rar

Download (older) ProtectionId.670.halloween.2015.rar

Download (older) ProtectionId.667.December.2014.rar

Download (older) ProtectionId.666.halloween.2014.rar

Download (older) ProtectionId.655.halloween.2013.rar

Download (older) : ProtectionID_v6.4.0.rar

New Version Coming Very soon (guess when)

Toggle Snow

Hi there and welcome to the home of ProtectionID - the best just got better!
As you probably know, we are always trying to put our best into ProtectionID and to keep it up to date for all
YOU users, this is of course very time consuming, and is purely a hobby.

It all started as a simple pc game protection scanner back in 2003 - look what it has become now :-)
If you are using ProtectionID on a regular basis and you like the quality and work we have put into it
(and will continue to put in), why not consider giving a donation as a reward ?
If you want to donate money click the paypal button above
If you want to donate (time, games, code, etc), contact us at the usual email address (above)
If you want to help with the project (code / test / do the web page etc) please feel free to email as well


CDKiLLER recently emailed, but never replied to my reply, so the project is still being developed only by me (TippeX),
and times are tough, hence the paypal button.. the project will still remain free, if you do donate, thankyou..

(Older Notes)
CDKiLLER has not been involved in the project since 09/09/2011, and has been totally uncontactable,
I hope he’s safe and well, and that he will get in touch. As a result the development paused for a while
as I had other things to deal with too, but I then thought that CDKiLLER would want the project continued, so
as / when / if he comes back he’ll be able to continue, and we always wanted to keep our user base happy….

So, I restarted the project relatively recently, as a result I also lost the contact information on the beta
testers, and had to try and find them, if I missed any, or indeed, if you want to beta test
then please use the email address below.

You can contact me at the email address at the top of the page


(Current News)

Well, here is the christmas release, enjoy, bugfixes and new additions and less false positives..
New scans, some tweaks, some bugfixes (pebrowse fixes are coming in the next release)
Other new features are also planned in the next release (probably jan 2017)
Thanks to the 2 people who donated.. yes.. 2..
See you all in the new year.

Download problems

Any download problems are generally server side, which is out of my control..
All the files are rar version 5 format (which means you need rar 5 to unrar them)
The update feature inside ProtectionID is broken atm, it'll report that a new version exists but
it'll download the index.html (this page) instead due to a url mishap so just download it from the
link above (i will try and fix this later.. i only noticed it now)


User manual needs to be done, I dont have time at the moment, so if anyone would like to
write one, then I would be happy to publish it (credit will obviously be given)

False Positives in scans and Undetected Protections

I always try and keep ProtectionID up to date, but there are lots of protections
out there, and I can't cover every single one, so if you find one that ProtectionID
does not detect, email me and send me a link of where to get the file and I will see
what I can do..

If you find a file that ProtectionID detects incorrectly, please email me and send me a
link of where to get the file and I will try and fix the detection code

Friends of ProtectionID GameCopyWorld

PELock Tuts4You (some great tools here) DailyIndieGame - nice, easily affordable game and bundle site Exosyphen studios - The origin of the hacker games, which i played a lot of GreenManGaming (super friendly staff and very decent prices)
Big thanks to Empire for hosting and helping on the web site stuff... much appreciated

Licensing If you are a personal user, educational user or no profit organisation you can use ProtectionID for free.

If you are a corporate or a company (with 20 or more people), then you are expected to
contact us for licensing terms and are not permitted to use ProtectionID until we
come to some agreement. (exclusions apply for AV companies, VirusTotal and Microsoft obviously)

The software is supplied AS IS, with no warranty (implied or otherwise)..
while we strive to make it bug free, you run it entirely at your own risk,
we are not liable for any damages arising from It's use.

Support and updates are entirely on an on demand basis, while we try and ensure that
we are up to date, and offer support to those who email us, we do not guarantee a reply.

Note: ProtectionID is not malware, virused or anything else, for safety you should only
         download from the Home site, and verify the file hash matches the
         one in the VirusTotal scan I include in the rar file, and It's url (so tampering with
         the text file would be pointless)... It's a simple pe scanner, it has some other tools
         sure, but nothing malicious or viral...

PROTECTiONiD features - detection of every major PC ISO Game / Application protection
- currently covers 576 detections, including win32/64 exe protectors & packers, .net protectors, dongles, licenses & installers
- sector scanning CDs / DVDs for Copy Protections
- files / folders can simply be dragged & dropped into PiD
- strong scanning routines allowing it to detect multiple protections
- easy scanning via shell context menu
- useful additional misc tools included
- coded 100% in Win32 assembly language
- fully 32bit & 64bit compliant
- working from Win9x to Windows 10
- can use peid and petools signature databases

v 6.8.5 (december 2016)

VirusTotal Scan Report

VirusTotal Scan Report (latest)

Jump to the change log

Note: At the time of release, there were 6 false positive 'hit'(s) Regarding the one from Microsoft, I will try and contact them to get this whitelisted, but there is a high probability (like on all the previous releases) that other antiviruses will jump on the bandwagon and blacklist the file again shortly after release.

The only current 'solution' is to whitelist / exclude the folder you put ProtectionID into.

The other 2 are generic and its up to the av people to sort it out.. sorry, but it happens all the time
and contacting them doesnt do a damn thing

Antivirus Detection DataBase Date Note
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9764 20161207 It's a false positive
Invincea virus.win32.parite.b 20161216 It's a false positive
Kaspersky not-a-virus:HEUR:WebToolbar.Win32.SoftonicDownloader.gen 20161224 It's a false positive, it has no toolbars, softronic or otherwise
Microsoft VirTool:Win32/Obfuscator.AX 20161224 It's a false positive, but at least Microsoft is consistent
Qihoo-360 HEUR/QVM20.1.0000.Malware.Gen 20161224 It's a false positive, 'generic'.. sigh
SUPERAntiSpyware Trojan.Agent/Generic 20161223 It's a false positive, 'generic'.. sigh

Change Log

Bugfixes, tweaked some code, and a few optimisations and new scans
PEBrowse bugs are still there, the fixes were not ready for this release, they should be in for january, along with some other features
I also didnt find any taggant v2 samples, so that didnt make it into the release either, other things did
though so i hope this release brings some pleasure to previous users.

v 6.8.0 (halloween 2016)

VirusTotal Scan Report

VirusTotal Scan Report (latest)

Jump to the change log

Note: At the time of release, there were 5 false positive 'hit'(s) Regarding the one from Microsoft, I will try and contact them to get this whitelisted, but there is a high probability (like on all the previous releases) that other antiviruses will jump on the bandwagon and blacklist the file again shortly after release.

The only current 'solution' is to whitelist / exclude the folder you put ProtectionID into.

The other 2 are generic and its up to the av people to sort it out.. sorry, but it happens all the time
and contacting them doesnt do a damn thing

Antivirus Detection DataBase Date Note
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9612 20161031 It's a false positive
Invincea virus.win32.parite.b 20161018 It's a false positive
Microsoft VirTool:Win32/Obfuscator.AX 20161031 It's a false positive, but at least Microsoft is consistent
Qihoo-360 HEUR/QVM20.1.0000.Malware.Gen 20161031 It's a false positive, 'generic'.. sigh
SUPERAntiSpyware Trojan.Agent/Generic 20161031 It's a false positive, 'generic'.. sigh

Change Log

I fixed some bugs and tweaked more code making things a bit more stable, and added some new detections
some bugs (like the pestuff ones) still exist, as they didnt make it to the 'fixed' list but should
hopefully be addressed for the christmas / holiday season release

I also didnt find any taggant v2 samples, so that didnt make it into the release either, other things did
though so i hope this release brings some pleasure to previous users.


v 6.7.5 (december 2015)

VirusTotal Scan Report

VirusTotal Scan Report (latest)

Jump to the change log

Note: At the time of release, there were 3 false positive 'hit'(s) Regarding the one from Microsoft, I will try and contact them to get this whitelisted, but there is a high probability (like on all the previous releases) that other antiviruses will jump on the bandwagon and blacklist the file again shortly after release.

The only current 'solution' is to whitelist / exclude the folder you put ProtectionID into.

The other 3 are generic and its up to the av people to sort it out.. sorry, but it happens all the time
and contacting them doesnt do a damn thing

Antivirus Detection DataBase Date Note
Microsoft VirTool:Win32/Obfuscator.AX 20151224 It's a false positive, but at least Microsoft is consistent
Rising PE:Malware.XPACK/RDM!5.1 [F] 20151224 It's a false positive, most likely from a crappy signature
SUPERAntiSpyware Trojan.Agent/Generic 20151224 It's a false positive, 'generic'.. sigh

Change Log

I fixed some bugs and tweaked more code making things a bit more stable, I plan to add in taggant v2 support soon,
but im having trouble obtaining sample files to work from (i dont use the taggant lib), so if anyone wants to help with
that please do so.

I plan to wind down this version and start on v7 as soon as possible, most will port over relatively easily and
the goal is to make an x64, x86, gui and console versions, with most of the code being in c/c++ for portability
(asm doesnt port too easily).. and will focus on it having a scanning core initially, and some pe
(perhaps elf etc too) tools built in

If you'd like to contribute to v7 please get in touch at the email above, same goes if anyone wants to donate anything


v 6.7.0 (halloween 2015)

VirusTotal Scan Report

VirusTotal Scan Report (latest)

Jump to the change log

Note: At the time of release, there was 1 false positive 'hit' from Microsoft, I will try and contact them to get this whitelisted, but there is a high probability (like on all the previous releases) that other antiviruses will jump on the bandwagon and blacklist the file again shortly after release.

The only current 'solution' is to whitelist / exclude the folder you put ProtectionID into.

Antivirus Detection DataBase Date Note
Microsoft VirTool:Win32/Obfuscator.AX 20151031 It's a false positive, but at least Microsoft is consistent

Win 8 / 10 users might find the application blocked by windows defender, this is something i am working to resolve
but until it is resolved the only way to get it working is to add it to the exclusion list
Please make sure that you downloaded it from our home site before adding it to the exclusion list
I plan to release the files and update the page publically (within the next 10 minutes of me writing this)
then we can see which av companies jump on the bandwagon for blacklisting us (It's annoying sure)

[Update] Again, as with all the other releases the antivirus people jump on the bandwagon again... 19/56 on virustotal now, this is pretty ftustrating.. especially when contacting them usually ends up going nowhere.. So, here we are.. November 1st .. here's the updated table

Oh and 5 'bad' (why?) votes and 35 good ones (thanks)

Antivirus Detection DataBase Date Note
AVware Trojan.Win32.Generic!BT 20151029 It's a false positive
Agnitum Trojan.Agent!Bz5aCfs+wnI 20151029 It's a false positive
Antiy-AVL Trojan/Win32.TSGeneric 20151029 It's a false positive
Avast Win32:Trojan-gen 20151029 It's a false positive
CAT-QuickHeal 20151029 It's a false positive
Cyren W32/Trojan.AYIN-1503 20151029 It's a false positive
Fortinet W32/Generik.BCAXNDB!tr 20151029 It's a false positive
Ikarus Win32.PePatch 20151029 It's a false positive
K7AntiVirus Riskware ( 0040eff71 ) 20151029 It's a false positive
K7GW Riskware ( 0040eff71 ) 20151029 It's a false positive
McAfee Antivirus Artemis!8B23B9F8E358 20151029 It's a false positive
McAfee-GW-Edition Artemis!Trojan 20151029 It's a false positive
Microsoft VirTool:Win32/Obfuscator.AX 20151029 It's a false positive, but at least Microsoft is consistent
SUPERAntiSpyware Trojan.Agent/Generic 20151030 It's a false positive
Symantec Trojan.Gen.2 20151029 It's a false positive
TheHacker Trojan/Generik.BCAXNDB/td> 20151028 It's a false positive
TrendMicro TROJ_GEN.R08OC0DHF15/td> 20151029 It's a false positive
VIPRE Trojan.Win32.Generic!BT5/td> 20151029 It's a false positive
ViRobot Trojan.Win32.S.Agent.1192344[h] /td> 20151029 It's a false positive

[Update - November 2nd 2015]
It would appear the antivirus people have actually realised their mistake, I checked virustotal again today, and a few
things have changed - namely the detections (! detection now from microsoft.. i can live with that) and the votes are also
changed to 0 bad and 2 good... quite surprising.. the updated link is here Antivirus Detection DataBase Date Note
Microsoft VirTool:Win32/Obfuscator.AX 20151101 It's a false positive, but at least Microsoft is consistent

This still means windows defender will need the ProtectionID folder added to the exclusion list for windows 8 / 10 users, I will see if i can get this sorted out, so please be patient.

Change Log

Some bugs fixed, some tweaks, some protection detections added, next changelog will be more detailed,
as it will give me time to catch up on what i changed, and to add other things and involve the beta testers again
but i wanted to get the release done for the traditional halloween release


v 6.6.7 (December 2014)

VirusTotal Scan Report

VirusTotal Scan Report (latest)

Jump to the change log

Note: At the time release, there was 1 false positive 'hit' from Microsoft, I will try and contact them to get this
         whitelisted, but there is a high probability (like on the halloween release) that other
         antiviruses will jump on the bandwagon and blacklist the file again shortly after release.

         The only current 'solution' is to whitelist / exclude the folder you put ProtectionID into.

update now 2 more antiviruses have jumped on the bandwagon, 8 hours after release.. slow clap

Antivirus Detection DataBase Date Note
Microsoft VirTool:Win32/Obfuscator.AX 20141225 It's a false positive, but at least Microsoft is consistent
Qihoo-360 HEUR/QVM20.1.Malware.Gen 20141225 It's a false positive "More than Security, Lightening your PC".. umm yeh - the detection also 'disappeared' on the 26th
TrendMicro-HouseCall Suspicious_GEN.F47V1224 20141225 It's a false positive

Again, like with the halloween release I decided to test these antiviruses to see how they actually detected
so I simply recompiled the christmas release executable and uploaded it to VirusTotal
Here are the results.

Predictably, the ONLY antivirus that detected (albeit a false positive) was Microsoft.. TrendMicro-HouseCall and Qihoo-360 did NOT detect anything,
which really inspires faith in their products doesnt it? It looks like they just blacklisted the file by hash

So, I decided to test a theory.. I appended 1 byte (0xFF) to the christmas public release executable and uploaded it to VirusTotal
Here are the results.

Obviously this broke the digital signature, which I guess is the reason AVG suddenly detected (which was unexpected to be honest) but Qihoo-360 and TrendMicro-HouseCall did NOT detect anything... so they clearly just blacklisted the file via It's hash or equivalent

Feel free to experiment yourself, but I think i've proven my point that some antiviruses are CLEARLY better than others

update sigh.. now It's 7 / 55 on VirusTotal

Antivirus Detection DataBase Date Note
Baidu-International Trojan.Win32.Generik.BBCAXNDB 20141226 It's a false positive, and they're a bit late to the party
Ikarus Trojan.SuspectCRC 20141226 It's a false positive "SuspectCRC" really?
K7AntiVirus Trojan ( 004b30581 ) 20141226 It's a false positive
K7GW Trojan ( 004b30581 ) 20141226 It's a false positive
Sophos Mal/Generic-S 20141226 It's a false positive

now... considering It's 'Generic' for a lot of these, how come they weren't detected on the 25th?

update - now 10/56 as ESET-NOD32 and McAfee now got on the bandwagon... bit late to the party guys...

Antivirus Detection DataBase Date Note
ESET-NOD32 a variant of Generik.BCAXNDB 20141226 It's a false positive, and they're a bit late to the party (only showed up on the 27th)
McAfee Artemis!8B23B9F8E358 20141226 It's a false positive, and they're a bit late to the party (only showed up on the 27th)
McAfee-GW-Edition Artemis 20141226 It's a false positive, and they're a bit late to the party (only showed up on the 27th)

Again, ESET-NOD32 showing a 'variant' of a 'generic' ... if It's generic, how come it wasnt seen on the day of release?
and are they using the same 'tables' as Baidu-International?

McAfee is essentially a 'dupe' as It's 2 variants of their scanner... and "Artemis (or McAfee 'Global Threat Intelligence' technology) is the enhanced heuristic detection component of McAfee SecurityCenter's virus protection module." It works by adding an extra layer to the detection engine, but instead of just detecting something it actually "calls home" to the virus database to double-check before labelling
something as a possible threat.

So, It's pretty much a 'wisdom of the crowds' thing ?..

To test (again), I simply recompiled the exe and uploaded it, just to test things.. and, well, the results are pretty damn predictable.

Quite honestly I have to applaud Microsoft on being consistent in detection (albeit on a false positive, but they are the ONLY av on VirusTotal with consistent results)

So, (like before), if I did make ProtectionID a virus / malware (It isn't and it won't be), all I would have to do is keep the execuable recompiling every hour or so, and it would only be seen by 1 of the 56 scanners on VirusTotal, thats actually a pretty frightening picture isn't it?

And it would appear that a lot of the scanners seem to be working from file hashes or equivalent, which is a very WEAK method of 'detection'.. as you might be aware I did have similar results with the halloween release, and it seems very little has changed.. but I urge any of you with doubts to simply test for yourself on VirusTotal

update - as of the 28th December It's now 17/54.. It's getting quite comical in a really pathetic way

Antivirus Detection DataBase Date Note
AVWare Trojan.Win32.Generic!BT 20141227 It's a false positive, and "Generic"
Ad-Aware Trojan.Generic.12433802 20141227 It's a false positive, and "Generic"
BitDefender Trojan.Generic.12433802 20141227 It's a false positive, and "Generic"
MicroWorld-eScan Trojan.Generic.12433802 20141227 It's a false positive, and "Generic"
Symantec WS.Reputation.1 20141227 It's a false positive, this is symantecs "wisdom of crowds thing"
VIPRE Trojan.Win32.Generic!BT 20141227 It's a false positive, and "Generic"

Now, for those "Generic" ones.. how come (if It's Generic) it wasnt 'detected' on the 25th (day of release) ?
and could it be possible that some of those antiviruses are using the same 'detection tables' ?

Either way, It's pretty lame, and would you have much faith in an antivirus that 'detects' 3 days after the fact ?
(which is more than sufficient time for something malicious to do It's job)
I certaintly would not...

And i refer you to the previous test results of the recompiled exe (Here), It's still only got one 'hit'
(from Microsoft) - that speaks volumes... (NONE of the 'Generic' results above are here)..
as for "Generic" - you use the word but i think you do not know what it means

Sigh.. 19/54 now.. with 7 'good' votes and 1 bad (why?)...

Antivirus Detection DataBase Date Note
Emsisoft Trojan.Generic.12433802 (B) 20141228 It's a false positive, and "Generic"
F-Secure Trojan.Generic.12433802 20141228 It's a false positive, and "Generic"
GData Trojan.Generic.12433802 20141228 It's a false positive, and "Generic"

update (17th January 2015)

It would appear that the false positives from the antiviruses has really caused a problem, the host for the
homepage set the homepage to a null route because of this, so the only option was to remove the file (i will put
it somewhere else, or i will make a password protected release).. I intend to do a new release soon anyway, but
this situation is getting rather aggrivating, so if you can, please report the false positive to whatever anti virus
you are using that raises it, I dont have the resources at the moment to contact them all to get this resolved...
In the future I think i will simply password protect the rar file as that seems to be the best course of action at the moment, sure, It's hardly ideal but I don't have many other options...I am open to suggestions, but removing the encryption isnt an option as it was actually put in to reduce false positives at the beginning (ironic i know)..

Change Log

updated - update system has been tweaked to work with the new file url format (direct links wont work anymore)
   - this does mean that older versions wont be able to update to the latest version but thats
     not really fixable unfortunately and i'll put information about this on the homepage
bugfix - bugfix in the .net core scanner, I rounded pointers, instead of the actual length value, was quite
   an obscure bug as it worked on all the exe's I tested before, but Hookahice found one exe
   in the 24th october beta release, but I didn't get the info until after the public halloween
   release, so i've added the fix in now (thanks Hookahice) :)
tweak - msi / cab scanning reports to the status window now (cosmetic)
new - added detection for epic games unreal development kit udk installers
new - added fnv32 to hashing function list
tweak - file hashing reports the time taken to complete the hashing and the count of hashing functions executed
   and bytes / sec (not sure how accurate that is though and in some cases it'll show 0 bytes / sec
   simply because the hashing took less than a second)
new - added in data directory processing report (It's in the configuration settings, and is disabled by default)
   Scan configuration -> Show Data Directory Info (items reported in lower case mean they are present
   but have either no size or no va)
new - added in sentinel ldk detection, thanks to whoever posted the output log on pastebin, which helped me
   to add this in (might have been easier though if you emailed me with a url :) ) as it was a lucky
new - added in timedatestamp review (idea was from this)
   so I wrote a function for it (still work in progress)
new - added in some new detections (work in progress)
tweak - some more cosmetic output fixes
new - added in fuzzy detection for a new protector (work in progress) (denuvo)
tweak - steam api usage detection tweaked (mostly for x64 targets)
tweak - ads (ntfs data streams) processing can now report the internet zone setting for the file
   (if for example, it was downloaded) - this setting is in the configuration options
   (and is disabled by default) - you would also need to enable the
   '(ADS) Show ntfs stream info (if present)' setting as they are paired
tweak - some cosmetic alterations on text and configuration settings
tweak - .net stream names are now reported
tweak - neolite detection got tweaked, one crap signature removed and code sped up a lot
tweak - version info reporting now checks the buffer for white space and if the buffer is just
   spaces or blank / empty then the output is suppressed
update - .net core detections increased -> agiledotnetrt, eazfuscator, cryptoobfuscator, dotfuscator
update - version info - reporting of version info vs_fixedfile info stuff (work in progress)
update - .net core can report entropy of the #Strings (ansi) and #US (unicode) stream(s) (if present)
   - this is in the configuration setting and is disabled by default
new - added in detection for Ubisoft 'ubx' packer
update - pespin x64 detection updated
update - yummy gameshield detection updated (thx CrAaAzzzyy)
bugfix - appended data / overlay offset calculation had a bug on some rare exe's where the last section
   physical size was greater than the virtual size, which threw off the calculation..
   It's also assumed that no overlay data can exist after the digital signature (if present)
   as that would break the signature...
new - pretty experimental (ie: not tested a lot) ssdeep hashing code added into the choices for file hashing
   (check the configuration settings) (sorry.. It's disabled atm, I didn't have time to finish it)
tweak - windows 10 current preview builds recognised for the latest versions (windows defender still doesnt
   like ProtectionID, so you'll have to add it to the exclusion lists for the meantime)..
coming - taggant v2 support as/when I see some live samples to work from
cosmetic - copyright year adjusted to 2015 (not having that old issue happen again) :)
bugfix - bugfix / sanity check added in the crypto scanner, license scanner, and cdkey and serial functions,
   i was sent some badly damaged executables from hypn0 (thanks), which reproduced the bugs
   and allowed a relatively easy fix.. very much appreciated, as they were relatively obscure
update - new setting - report all section entropies added, It's off by default, if you enable it it will report
   the entropy for each section present in the scanned file.. this can obviously cause a slowdown
   in the scanning which is why I defaulted to make it disabled..
edit - this didnt make it into this build.. sorry.. it'll be in the next
bugfix - bugfix in reporting the version fixed file info..a register got trashed and should have been preserved
   it is now.. thanks again to hypn0 - definitely getting his bugfinder achievement this month :)
fix - some buffers were not always wiped, leading to crap output.. now fixed
bugfix - installer_rtpatch_scan had a misbalanced stack (typo bug I think), which sometimes lead to a register
   mismatch messagebox.. (thanks hypn0)
bugfix - fixed bug in zipworx_scan which could lead to a crash (thanks hypn0)
bugfix - fixed bug in hmimys_scan scan (thanks hypn0)
bugfix - fixed bug in ea access scan that could lead to a crash (thanks hypn0)
bugfix - sanity / range check added to imphash code.. (thanks hypn0)
bugfix - fix in digital signature processing where a serial wasnt present
bugfix - fixed bug in Nullsoft installer scan (thanks hypn0)
bugfix - installer_gkwaresfx_scan had a bug where edx and ecx werent preserved, leading to a 'register mismatch'
   messagebox if detected (thanks hypn0)
bugfix - range / sanity check added into safedisc scan code (thanks hypn0)
bugfix - range / sanity check added into solidshield scan code (thanks hypn0)
added - launch4j detection (also has extra info if you enabled that in the configuration) - have fun Chester Fritz
tweak - revised code for appended data size and offset calculation.. need to monitor this one
update - pecompact detection updated, it now reports the internal version of the protection (thanks for the files hypn0)
bugfix - internal file version core could crash if the version info data size was incorrect (we use an internal routine and
   to calculate the size if the windows api fails.. which happens sometimes).. this was a very rare and obscure
   bug (hard to replicate) - thanks to hypn0 I found and patched it (successfully I hope) :)
bugfix - added some range checking in the convert_ functions, as a crash could occour in some very damaged files (very rare)
bugfix - check_gamehouse.asm had some range checking added, as it'd crash on particularly malformed files..
bugfix - check_upx.asm had some range checking added, as it'd crash on particularly malformed files

v 6.6.6 (halloween 2014)

i waited 11 years for this version number ;p

core additions / changes
tweaks, updates, fixes etc... oh and moved to masm v14 and linker v14


v 6.5.5 (halloween 2013)

core additions / changes
honestly can't remember, just updates, some bugfixes etc... oh and moved to masm v12 and linker v12


v 6.4.0

core additions / changes
- new: added in whois capabilities to IP/Name resolver
- new: compiler detector updated to detect:
       - more Borland Delphi
       - more Visual C/C++
       - more MinGW
       - Visual Objects
       - Liberty BASIC
       - PureBASIC
       - REALbasic
- update: changed output for rar/zip etc. which is non protection related to be displayed in the log window only.
            (protection report will only display protected files like securom/starforce containers etc.)
- update: some tweaks for the shortcut creation system
- bugfix: possible digital signature check crash fixed
- bugfix: peid extension code tweaks & some fixes
- bugfix: fixed closing a bad handle
detection additions / changes
- new: check_cenega.asm - added in Cenega ProtectDVD detection (custom protection for cenega .pl games)
- new: check_protectdisc.asm - added in generic v9.27 (or higher) detection
- new: check_protectdisc.asm - added in exact Protect DiSC versions for v9.26, v9.28 & v9.30
- new: check_steam.asm - added in Valve CEG - Custom Executable Generation detection for Steam exe's
- new: check_ubidrm.asm - added in UBISoft Online DRM detection
- new: check_armadillo.asm - added in Armadillo v7.20 (or newer) detection
- new: check_asprotect.asm - added in ASProtect v2.56 (or newer) detection
- new: check_boxedapppacker.asm - added in detection for BoxedAppPacker bundled files
- new: check_clisecure.asm - added in detection for CliSecure .NET Code Protector
- new: check_codewall.asm - added in detection of CodeWall Technologies .NET Protector
- new: check_dyamarobfuscator.asm - added in DYAMAR Obfuscator detection
- new: check_enigmaprotector.asm - detection of Enigma Protector v2.xx wrapped files
- new: check_obsidium.asm - added in Obsidium v1.4.0.0 (or newer) detection
- new: check_reflexivearcade.asm - added in Reflexive Arcade Wrapper version info for build 179, 180, 181, 182, 183 & v184
- new: check_safeengine.asm - added Safengine Licensor v1.7.2.0 (or newer) detection
- new: check_salamandernet.asm - added in detection of Salamander .NET Protector & the core.dll (incl. version)
- new: check_shoecakedrm.asm - added in detection of Shoecake Games Activation
- new: check_softanchor.asm - added in UniLoc SoftAnchor detection
- new: check_themida.asm - detection of Themida using a new variant of Hide from PE Scanner
- new: check_xenocode.asm - added in detection for Xenocode Postbuild 2009
- new: check_xenocode.asm - added in detection for XenoCode Virtual Application Studio 2010
- new: check_apecsoftswftoexe.asm - added in ApecSoft SWF2EXE Converter v1.0 module detection
- new: check_babelobfuscator.asm - added in Babel .Net Obfuscator v3.x (or higher) detection
- new: check_exedefender.asm - added in ExeDefender v1.0 detection
- new: check_larp.asm - added in LARP v2.x detection
- new: check_netspider.asm - added in NET.Spider v1.0 (or older) and v1.1 (or higher) detection
- new: check_noobyprotect.asm - updated to detect NoobyProtect v1.7.x.x
- new: check_refruncycrypter.asm - Refruncy Crypter detection added
- new: check_scobfuscator.asm - added in SC Obfuscator detection
- new: check_scpack.asm - added in SC Pack v0.1 & v0.2 detection
- new: check_vprotect.asm - rewritten to detect VirtualizeProtect v1.0 (or newer)
- new: check_yincrypt.asm - added in YinCrypt v1 (Public) detection
- new: license_activelock.asm - added in ActiveLock Licensing Module for DotNET detection
- new: license_icelicense.asm - added in detection of IonWorx - ICE License
- new: license_iceni.asm - added Iceni Technology License Wrapper detection
- new: license_interlok.asm - added iLok USB device driver detection
- new: license_protectionplus.asm - added in detection of the Protection Plus v4.6 Wrapper
- new: dongle_marx.asm - now detects the MARX CryptoBox PE Envelope
- new: dongle_proteqcompact.asm - added in Proteq Compact-500 Dongle detection + driver & version reporting
- new: dongle_sentry.asm - added in detection for the Sentry Hardware Lock USB driver + version
- new: dongle_softdog.asm - added in SoftDog driver check + version reporting
- new: installer_adobeextract.asm - added in Adobe Extractor detection
- new: installer_nanozip.asm - added NanoZip SFX Module detection

- improved: check_activemark.asm - ActiveMark is now detected properly in games with a digital signature
- improved: check_copyminder.asm - updated CopyMinder scan, does now detect on a game it didn't see before
- improved: check_dotnetreactor.asm - rewritten dotNet Reactor detection (more accurate)
- improved: check_ea_custom.asm - update cucko detection with another pattern using a new routine
- improved: check_execrytor2.asm - added in another generic check & updated to detect on 2 files it didn't 'see' before
- improved: check_moleboxultra.asm - now detects on MoleBox Virtualization Solution v4.2321 too
- improved: check_pecompact.asm - added in two more generic checks
- improved: check_popcapdrm.asm - now detects on recent popcap games too
- improved: check_protectdisc.asm - better handling for newer versions
- improved: check_securom.asm - updated to detect SecuROM SLL files a bit better
- improved: check_securom.asm - improved paul.dll detection (where version info was removed)
- improved: check_solidshield.asm - added in another generic check for the core.dll
- improved: check_themida.asm - tweaked, detects now on a file it did not 'see' before
- improved: check_upx.asm - added in another check for unknown / modified UPX
- improved: check_vmprotect.asm - added in another generic check
- improved: check_cryptic.asm - added in another check for Cryptic v2.0
- improved: check_darkcrypt.asm - updated DarkCrypt 1.2 detection with heuristic check
- improved: check_gieprotector.asm - added in two more checks for Gie Protector v0.2
- improved: check_mpress.asm - updated to handle MPress v2.12 (and newer)
- improved: check_noobyprotect.asm - NoobyProtect code adjusted to handle 2 files it didn't 'see'
- improved: check_pearmor.asm - added in another check for a newer version
- improved: check_pecrypt.asm - tweaked code results in faster scanning
- improved: check_privateexe.asm - updated detection code for v3.x
- improved: check_rdgpolypack.asm - tweaked, now detects on an exe it did not see before (thx ReverseB00n)
- improved: check_safeengine.asm - updated Safengine Licensor with another check
- improved: check_yodacrypt.asm - tweaked YodaCrypt v1.3 detection (does now detect on an exe it didn’t see before)
- improved: check_zprotect.asm - ZProtect signature updated + it detects unknown versions now
- improved: dongle_copylock.asm - added detection for another variant
- improved: dongle_dinkey.asm - now detects on an application it did not 'see' before
- improved: dongle_rockey.asm - updated to detect Rockey2 on an application it did not 'see' before
- improved: dongle_softdog.asm - updated with another check for SoftDog dongles
- improved: installer_7zip.asm - another variant of 7z SFX gets detected now
- improved: installer_bitrock.asm - rewritten BitRock InstallBuilder detection to be more generic
- improved: installer_install_anywhere - added another check for (newer) InstallAnywhere Self Extractor Modules
- bugfix: check_securom.asm - fixed matroschka detection in securom - the name output was corrupted on a recent exe
- bugfix: dongle_copylock.asm - fixed internal bug
- bugfix: installer_gkwaresfx.asm - fixed double output


v 6.3.5

Hello folks!
We are proud to present you the next and most up to date version of ProtectionID.
it was about time to bring this to the public, as the last version was released back in march.
During development of this version we ported it over to MASM v10,
using the latest compiler & linker available at the moment.
This version of PiD features highly optimised scanning routines, resulting in very fast detections.
ie: a 2 GB setup.exe in processed in less than 1 second (smart mode kicks in).

We tweaked nearly all scans to benefit from our new procs.
core additions / changes
- new: compiled using masm v10 compiler & linker
- new: added in new and optimised scanning routines
- new: ProtectionID is now able to scan inside msi files
- new: clean temp tool (Extensions -> Clean Temp)
- new: added in our own fast internal zlib decompression routines
- new: compiler detector updated to detect:
       - more Visual C++
       - appended flash files
       - Power Basic
       - Watcom C/C++
       - MinGW
       - GoASM
- update: reporting part on file type, now reports bitness & file subsystem
- update: added in recovery system - if a crash happens when scanning a file/cd/dvd and the crash is in the scanning thread,
                the seh system will 'recover' the crash, skipping all other scan modules and simply clean things up.
                So a crash when scanning does NOT take ProtectionID down (the crash is reported to the log)
- update: windows error code resolver dialog got a face lift and some added functionality
- update: initial modification to report cpu usage on ALL available cores
- update: shortcuts are now not made if PiD is run from a removable drive
- update: added in reporting for uac setting in vista or higher
- update: scan size threshold increased to 50mb
- update: added in the nfo association configuration
- update: compiler detection enabled by default now
- update: adjusted the way the systray worked
                - double left click on the PiD icon will cause the PiD window to be shown / hidden
                - right click on the PiD icon will cause the right click systray context menu to appear

- bugfix: cab file handler bug fixed
- bugfix: scan file on cd/dvd did not work
- bugfix: fix for shortcuts getting corrupted
- bugfix: fixed bug in the seh system, which lead to a crash
- bugfix: file queue stuff (pause, remove, clear all) fully operational again
- bugfix: logic fix, checking section count could technically be wrong if exe was x64
- bugfix: selecting scan folder 2x resulted in it messing up
- bugfix: minor adjustment to avoid closing an invalid handle
- bugfix: fixed output bug on small files
- bugfix: fixed a possible win9x issue
- bugfix: minor gui fixes
detection additions / changes
  - new: check_activemark.asm - added exact version detection & more detailed output for v4, v5 & v6 of ActiveMark
- new: check_byteshield.asm - ByteShield detection got heavily updated, now it contains a lot extra more info
- new: check_ea_custom.asm - added in detection for EA Custom Protection (used in The Sims 3)
- new: check_gameguard.asm - GameGuard Launcher Module & it's version got reported
- new: check_hackshield.asm - AhnLab HackShield detection added
- new: check_impulse.asm - Impulse DRM (+ core module) detection added
- new: check_protectdisc.asm - added in new versions: v9.11.0, v9.20.0, v9.25.0 & latest v9.26.0
- new: check_protectdisc.asm - added in detection of how many trial days a Protect Disc exe is allowed to run
- new: check_safedisc.asm - updated to detect clcd32.dll, dplayerx.dll, drvmgt.dll from old safedisc 1 games
- new: check_secureebook.asm - added in Secure eBook Wrapper detection
- new: check_securom.asm - added SecuROM DFA v1 and v2 detection
- new: check_securom.asm - added SecuROM 7 dfa.dll detection
- new: check_securom.asm - added detection for SecuROM 5 and 4 (or lower) dll modules (cms.dll sintf.dll)
- new: check_solidshield.asm - added in Tages Setup version detection in solidshield core.dll (if found)
- new: check_solidshield.asm - SolidShield wrapped dlls will be detected now
- new: check_starforce.asm - added in detection of StarForceFileSystem containers (SFFS)
- new: check_steam.asm - added in detection of the Steam Client API Module & report Steam api usage in exe
- new: check_themida.asm - updated to show watermarking on some versions
- new: check_playfirst.asm - added in detection of the Playfirst Game Library
- new: check_playrixwrapper.asm - added Playrix Game Wrapper detection
- new: check_reflexivearcade.asm - added in detection of build 177 & build 178 of the ReflexiveArcade Wrapper
- new: check_robingameswrapper.asm - added in Robin Games Wrapper detection
- new: check_spintop.asm - added SpinTop DRM Module detection
- new: check_mfortress.asm - added MetaFortress detection
- new: check_upx.asm - added in more informative upx info
- new: check_aase.asm - added Aase detection
- new: check_adnexeprotector.asm - added ADN Exe Protector v0.5 detection
- new: check_aliencryptor.asm - added Alien Cryptor v1.0 detection
- new: check_armadillo.asm - added Armadillo v6.40 and v6.60 - v7.00 (or newer) detection
- new: check_aspack.asm - added ASPack v2.2 detection
- new: check_asprotect.asm - added ASProtect v1.4 build 04.01 Beta detection
- new: check_aurastompercrypter.asm - added AuraStomper Crypter detection
- new: check_babelobfuscator.asm - Babel .Net Obfuscator detection added
- new: check_blindspot.asm - BlindSpot File Binder v1.0 detection added
- new: check_deepseaobfuscator.asm - added in DeepSea .Net Obfuscator detection
- new: check_dotfixniceprotect.asm - added version detection for v1.0 - v2.x, v2.8 - v2.9, v3.0 - v3.6
- new: check_dotnetreactor.asm - added in detection of dotNET Reactor v4.0 (or newer)
- new: check_dsrfileprotector.asm - added dSR File Protector detection
- new: check_eprot.asm - added !EProt detection
- new: check_epprotector.asm - added EP Protector v0.1 detection
- new: check_fishnet.asm - added Fish.NET packer detection
- new: check_flyskysoftware.asm - added Fly Sky Software Custom Protector detection
- new: check_hackhoundbinder.asm - added in Hack Hound File Binder detection
- new: check_ionworxidentifier.asm - added Ionworx Identifier SDK Module detection
- new: check_leetcryptor.asm - added LeetCryptor v1 detection
- new: check_moleboxultra.asm - added in MoleBox Ultra v4.x detection
- new: check_pcguard.asm - added detection of latest PC-Guard v5.04
- new: check_alloy.asm - added PGWARE Alloy [generic] detection
- new: check_rdgpolypack.asm - added RDG PolyPack v1.1 detection
- new: check_simbioz.asm - added in SimbiOZ v2.1 detection
- new: check_skycrypt.asm - added in Sky Crypt v2.0 detection
- new: check_stultrapack2.asm - added ST Ultra Pack 2 v0.6s detection
- new: check_themisbinder.asm - added in Themis Binder v0.2 detection
- new: check_upack.asm - added detection of more detailed versions
- new: check_vprotect.asm - added VProtect detection
- new: check_zipworx.asm - added ZipWorx detection
- new: license_bentleyieg.asm - added Bentley IEG License Service detection
- new: license_crypkeysdk.asm - added CrypKey v7.0 (or newer) detection
- new: license_crypkeysdk.asm - added detection of the CrypKey License Service Installer
- new: license_desawarelicensing.asm - added Desaware Licensing System for .NET Module detection
- new: license_elicense.asm - now detecting on a dll it didn't see before
- new: license_interlok.asm - updated to detect PACE InterLok System File
- new: license_reprise.asm - added Reprise License Manager detection
- new: license_sentinelrms.asm - added SafeNet Sentinel RMS v8.x detection
- new: dongle_hasp.asm - NetHASP Network Dongles are detected
- new: dongle_hasp.asm - added in detection of the Aladdin HASP SRM Run-time Environment Installer
- new: dongle_ilok.asm - added in iLok USB Hardware Dongle detection
- new: dongle_matrix.asm - added Matrix Dongle detection
- new. dongle_microdog.asm - added SafeNet MicroDog Driver installer detection
- new: dongle_sentinel.asm - added in detection of Rainbow NetSENTiNEL SUPER PRO Dongle
- new: dongle_syncrosoft.asm - added in SyncroSoft USB Dongle detection
- new: installer_advancedinstaller.asm - added Advanced Installer detection
- new: installer_autoplay_media_studio.asm - added Indigorose - AutoPlay Media Studio
- new: installer_bitrock.asm - added BitRock InstallBuilder Module detection
- new: installer_fenomen.asm - added Fenomen Downloader detection
- new: installer_gamehouse.asm - added GameHouse Installer detection
- new: installer_setupfactory.asm - added detection of Setup Factory v8.x modules
- new: installer_uharcsfx.asm - added UHARC SFX Archive detection
- improved: check_3plock.asm - added in another generic check
- improved: check_enigmaprotector - now detects on an Enigma version it didn't 'see' before
- improved: check_hexalock.asm - optimised HexaLock detection
- improved: check_laserlok.asm - optimised Laserlok scanning speed
- improved: check_protectdisc.asm - tweaked output
- improved: check_safedisc.asm - optimised Safedisc v1 scanning speed
- improved: check_smarte.asm - added in two new checks
- improved: check_starforce.asm - improved scanning speed
- improved: check_steam.asm - updated detection on another steam variant on assassins creed and r6 vegas
- improved: check_tages.asm - improved detection of the Tages protection driver
- improved: check_vob.asm - added one more generic check
- improved: check_execryptor2.asm - code tweaked to reduce false positives
- improved: check_alawar.asm - scanning speed optimizations
- improved: check_elefunwrapper.asm - scanning speed optimizations & reports offset / size of virgin executable
- improved: check_popcapdrm.asm - scanning speed optimizations
- improved: check_reflexivearcade.asm - optimised ReflexiveArcade Wrapper detection
- improved: check_abccryptor.asm - added in a new check
- improved: check_armprotector.asm - added in one more generic check
- improved: check_asdpack.asm - scanning speed optimizations
- improved: check_aspack.asm - scanning speed improvements
- improved: check_asprotect.asm - tweaked version output
- improved: check_atreprotector.asm - added in another generic check
- improved: check_bambam.asm - added in two more checks to tighten detection
- improved: check_beria.asm - improved Beria detection
- improved: check_dalcrypt.asm - added in two new checks
- improved: check_dotfuscator.asm - optimised scanning speed
- improved: check_dotnetprotector.asm - optimised scanning speed
- improved: check_enigmaprotector.asm - added in another generic check
- improved: check_epprotector.asm - code adjusted, made faster
- improved: check_exestealth.asm - optimised scanning speed
- improved: check_ezip.asm - scanning speed optimizations
- improved: check_exestealth.asm - improved scanning speed
- improved: check_gieprotector.asm - optimised the signature scan
- improved: check_kkrunchy.asm - added in detections for old kkrunchy (2003)
- improved: check_mew5.asm - Mew 5 EXE Coder v0.1 detection tweaked
- improved: check_mpress.asm - mpress for - tweaked detection
- improved: check_mslrh.asm - added in two more generic checks
- improved: check_mucruncher.asm - rewritten MuCruncher detection
- improved: check_mz0ope.asm - added in another check
- improved: check_nidhogg.asm - optimised Nidhogg scanning speed
- improved: check_packitbitch.asm - added in two new checks
- improved: check_polyene.asm - added in more generic checks for PolyEne
- improved: check_punisher.asm - added in three new checks
- improved: check_sevlock.asm - tweaked sevLock detection
- improved: check_simplepack.asm - now detects all the simplepack exe's it didn't detect before
- improved: check_softsentry.asm - added in more checks + optimised scanning speed
- improved: check_spicesnet.asm - added in another check
- improved: check_telock.asm - improved TeLock v1.0 detection
- improved: check_upack.asm - added more detailed version checks, tweaked some detections
- improved: check_upx.asm - fixed possible wrong detection
- improved: check_vbowatch.asm - updated with a better signature
- improved: check_visualprotect.asm - added in one more check
- improved: check_vmprotect.asm - now it detects on a dll it didn't 'see' before
- improved: check_wildtangent.asm - scanning speed optimisations
- improved: check_wlcrypt.asm - optimised WL-Crypt detection
- improved: check_xprotector.asm - added in two heuristic checks
- improved: check_yzpack.asm - tweaked
- improved: dongle_hasphlenvelope.asm - now detects on wrapped sys files too
- improved: dongle_keylok2.asm - improved Key-Lok II Dongle scan speed
- improved: dongle_marx.asm - added in another check
- improved: dongle_sentinel.asm - detects Sentinel on x64 executables
- improved: dongle_wibu.asm - added in another check
- improved: minor tweaks for all license detections
- improved: license_crypkeyinstant.asm - improved scanning speed in files wrapped with CrypKey Instant
- improved: license_crypkeysdk.asm - updated / tweaked CrypKey detection
- improved: license_elicense.asm - improved eLicense scanning speed
- improved: license_haspsl.asm - speed up HASP SL Licensing System scans
- improved: license_interlok.asm - scan speed improvements + added in detection for another 'variant' of InterLok
- improved: license_ntitles.asm - scanning speed improvements
- improved: installer_akinstaller.asm - scanning speed optimisations
- improved: installer_clickteam.asm - improved generic detection
- improved: installer_createinstall.asm - scanning speed optimizations
- improved: installer_gkwaresfx.asm - improved generic detection
- improved: installer_patchwise.asm - now detects a module it did not 'see' before
- improved: installer_rarsfx.asm - updated to handle new winrar sfx
- bugfix: check_starforce.asm - fixed possible crash bug
- bugfix: check_dotnetguard.asm - fixed non register preservation
- bugfix: check_vmprotect.asm - fixed generic detection
- bugfix: check_forgot.asm - fixed non detection
- bugfix: check_quickpacknt.asm - fixed non-detection bug
- bugfix: check_shrinkwrap.asm - fixed non-detection bug
- bugfix: check_upx.asm - fixed a possible wrong detection
CD/DVD/Image file/sector scan
- added in SecuROM v7.40 (or newer) detection via sector scan
- some more updates on the iso making code, and the cddvd_api core
- tweaking the cd/dvd dialog portion, now detects and reports errors better, along with better sector calculations
   (will now abort if it detects a css encrypted sector when making an iso)

v 6.2.3

- bugfix: check_starforce.asm - starforce 'crap output' bug fixed
- update feature - updated to show version number on update as well, instead of some 'strange' number

v 6.2.2

core additions / changes
- new: incorporated PEiD / PE Tools database usage
         -> additionally displays the protection found via the user databases
         -> peid database is expected to be in the same folder as ProtectionID
             and should be called peid_database.txt
         -> petools database is expected to be in the same folder as ProtectionID
             and should be called petools_signs.txt 

             - enable/disable: go to Configuration -> Allowed Scanning Types -> peid / petools (3rd party scan)
             - once enabled you can browse the signature files when
               clicking the 'Extensions' tab (second icon from the bottom right)
             - note: in cases of multiple hIt's, the highest probability is automatically figured out and reported 

- new: work on compiler detection began
         -> The compiler detection simply reports what compiler was used to make
              the executable, It can also sometimes report the programming language
              the executable was made with. 

              current detections: dotnet, visual basic & visual, some visual c/c++, borland c++, delphi
              enable/disable: Configuration -> Allowed Scanning Types -> Enable Compiler Detection Scan 
- new: tooltip preview (configurable option in the settings - under the gui portion)
- new: added in drive type reporting in the misc tools section
- new: added in option in configuration to dedicate 1 cpu to scanning core (if multiple cpu's are found on the system)
- new: added in little pause/resume button in the main dialog (green square when you load PiD)
- new: added in activity reporting on hdd reads, PiD is so quick though, you may not notice it,
           but on large files, It's useful because it’s an indicator PiD is doing something 
- update: turned on scan inside Microsoft cab files as default
- update: added more informative comments into pe stuff
- update: file queue now reports the amount of files it has processed
- update: updated detection routine to report dll compiled in native mode
- update: folderwatch cleanup now works and reporting is handled correctly
- update: updated version info core to handle 'strange' exes with bad / corrupt version info,
               or version information that version.dll does not 'see'
- update: fixed some imports so that PiD now loads on windows nt 4.0 (and probably 3.x)
               without the system throwing an import missing error and exiting the process
- update: services now disables It'self if the os is 9x/me (9x/me doesn’t have 'services')
               shares also disables It'self if the os is 9x/me (api not present in these os'es)
- update: gui -> cd/dvd tools and the folderwatch buttons are now automatically disabled if
               the operating system is windows 9x/me (i.e.: less than windows 2000)
- update: folder location shell32 output now made 9x/me compliant(old comctl32.dll listview issue)
- update: added in minimize to systray if it’s set in the configuration
               if set, PiD will minimize It'self when It's loaded for the first time
- update: added in another handler for smbios, It's quicker, but only available in vista or higher
- update: windows product key updated code, now should be good for all windows versions except nt 4.0
- update: windows product key is now also reported for 9x/me
- update: updated code so that windows 95, windows nt 3.x and nt 4.x do NOT have ownerdrawn menus
             (95 couldn't handle them properly anyway, and nt 3/4 had issues too)
- update: added battery reporting into misc tool window
- update: dep reporting done in misc tools information section
- update: fixed icons in 9x looking too big (now PiD looks the same in 98, me, 2k, xp, vista)
- update: pause / resume is now properly functional
- update: added in pause checking into the cab file handler
- update: progress bar resets once scan is complete
- update: added in animated rect for sizing (work in progress)
- update: added tooltip to sizer window
- bugfix: fixed 9x/me crash (bsod) issue in petools stuff
- bugfix: fixed crash issue when viewing reloc information on some x64 files
- bugfix: silent exit / crash issue fixed in win2000 server
- bugfix: fixed position saving bug (reported by Blazkowicz)
- bugfix: fixed os detection (win nt was detected as 2000)
- bugfix: fixed the strange drag -> drop, file added to queue but scanning not started bug
- bugfix: fix for buffer overrun error when saving a protection log containing lots and lots of files
- bugfix: folderwatch - fixed crash when trying to add more than 2 folders
- bugfix: dirty buffer used in folderwatch reporting code
- bugfix: 9x sizing issue fixed
- bugfix: fixed some problems with windows 95 original (before 95a, 95b and 95c...) where the versioninfoex struct
               is expected to be a different size, this resulted in a failure in detecting the operating system
- bugfix: various other tweaks & fixes...
detection additions / changes
- new: check_protectdisc.asm - added ProtectDisc v9.5.0 detection & detection of ProtectDisc drivers
- new: check_byteshield.asm - added ByteShield Software Activation Client detection
- new: check_safedisc.asm - now also detects Safedisc 1 icd file as being protected &secdrv.sys
- new: check_tages.asm - code updated to detect Tages protection drivers
- new: check_armadillo.asm - added Armadillo v6.24 (or newer) detection
- new: check_pcguard.asm - added PC Guard v5.03 detection
- new: check_themida.asm - added detection for Themida / Winlicense with Hide PE Scanner Option
- new: check_asprotect.asm - added exact detection of ASProtect v2.3 Build 05.14 & ASProtect v1.40 Build 11.20
- new: check_privateexe.asm - added Private EXE Protector v3.0 (or newer) detection
- new: check_stardock.asm - added Stardock Product Activation Module detection
- new: check_reflexivearcade.asm - added ReflexiveArcade Wrapper - Build 171 and newer detection
- new: check_realarcade_drm.asm - added in RealArcade DRM Module detection
- new: check_popcapdrm.asm - added PopCap DRM Protect detection
- new: check_elefunwrapper.asm - added Elefun Trial Game Wrapper detection
- new: check_playfirst.asm - added PlayFirst DRM Module detection
- new: check_oberonmediatime.asm - added detection for Oberon Media Time Protection Module
- new: check_wildtangent.asm - added detection of the Wild Tangent Wrapper v2.1.2.26 (or newer)
- new: check_dotnetreactor.asm - added .Net Reactor v3.x Library mode (+ Necrobit) detection
- new: check_macrobjectnet.asm - added Macrobject Obfuscator.NET 2008 detection
- new: check_noobyprotect.asm - added NoobyProtect v1.0.x.x and v1.1.x.x - v1.4.x.x.
- new: check_spicesnet.asm - added Spices.Net Obfuscator detection
- new: check_pegasyscustom.asm - added PEGASYS Custom Layer detection
- new: check_serialshield.asm - added Ionworx SerialShield Core.dll & it´s version detection
- new: check_dotnetguard.asm - added detection of the DotNet Guard HVM Runtime Library Module
- new: check_eakey.asm - added in EA Key Module detection
- new: check_sevlock.asm - added sevLock detection
- new: check_asscrypter.asm - added ass - crypter detection
- new: check_billarcrypter.asm - added Billar Crypter v2.0 detection
- new: check_bitfrostcrypter.asm - added Bifrost Crypter v1 detection
- new: check_cigicigi.asm - added Cigicigi File Crypter v1.0 detection
- new: check_cryptdmarnar.asm - added Crypt Dmar Nar v0.5 detection
- new: check_darkavengard.asm - added DarkAvengard Crypter detection
- new: check_dexcrypt.asm - added DeX-Crypt v2.0 detection
- new: check_dirtycrypt0r.asm - added DirTy CrYpt0r detection
- new: check_dhcripter.asm - added DH Cripter v0.1 detection
- new: check_etcv.asm - added ETCV v1.0 detection
- new: check_fishpacker.asm - added FishPacker v1.03 & v1.04 detection
- new: check_flashbackscrambler.asm - added Flashback Scrambler v1.3.x detection (all 3 modes :-))
- new: check_idapplicationprotector.asm - added ID Application Protector v1.2 detection
- new: check_freecryptor.asm - added FreeCryptor v0.3b Build 3 detection
- new: check_gentlemancrypter.asm - added Gentlemen Crypter v1 detection
- new: check_gkripto.asm - added GKripto v1.0 detection
- new: check_haccrewcrypter.asm - added Hac-Crew Crypter detection
- new: check_hipacryp.asm - added HipACryp v0.0.1 detection
- new: check_icrypt.asm - added ICrypt v1.0 detection
- new: check_keycrypter.asm - added KeyCrypter detection
- new: check_lordcrypter.asm - added L0rD Crypter v1.0 detection
- new: check_maskpe.asm - added MaskPE v2.0 detection
- new: check_ncode.asm - added N-Code v0.2 detection
- new: check_nidhogg.asm - added Nidhogg v1.0 Final, v1.1 Beta 1 and [unknown version] detection
- new: check_novacipher.asm - added NovaCipher 1.0 Beta detection
- new: check_npack.asm - added nPack v2.0.100.2008 detection
- new: check_pfecx.asm - added PFE CX v0.1 detection
- new: check_poherna.asm - added Pohernah v1.02, v1.03 & v1.07 detection
- new: check_pokescrambler.asm - p0ke Scrambler v1.2 detection added
- new: check_rdgtejoncrypter.asm - added RDG Tejon Crypter v0.6, v0.7 & v0.8 detection
- new: check_rewolfdllpackager.asm - added ReWolf DLLPackager v1.0 detection
- new: check_roguepack.asm - added RoguePack v4.1 detection
- new: check_scancryptic.asm - added ScanCryptic v2.0 detection
- new: check_securepe.asm - added SecurePE v1.6 detection
- new: check_supercrypt.asm - added Super Crypt v1.0 detection
- new: check_tgrcrypter.asm - added TGR Crypter v1.0 detection
- new: check_vegancrypter.asm - added Vegan-Crypter v0.7 detection
- new: check_yokohcrypter.asm - added Yokoh Crypter v1.3 detection
- new: license_adobelm.asm - Adobe Systems License Manager Module detection added
- new: license_deploylx.asm - added DeployLX Licensing for DotNet detection
- new: license_esellerate.asm - added eSellerate Activation System Core Module detection
- new: license_infralution.asm - Infralution Licensing System for DotNET detection added
- new: license_isquicklicense.asm - added Interactive Studios Quick License Manager detection
- new: license_mirage.asm - added detection for Mirage License Protector
- new: license_sentinelrms.asm - added SafeNet Sentinel RMS Core.dll detection
- new: license_xheolicensing.asm - added Xheo Licensing Module for DotNet detection
- new: dongle_biteboard.asm - added Bite-Board USB Dongle detection
- new: dongle_copylock.asm - added CopyLock Dongle detection
- new: dongle_marx.asm - MARX Crypto-BOX Dongle detection added
- new: dongle_rockey.asm - added Rockey2 / Rockey4 Dongle detection
- new: dongle_sentinel.asm - added detection of the NetSentinel Win32 Client DLL
- new: dongle_sentry.asm - added Sentry Hardware Lock detection
- new: dongle_wizzkey.asm - added Wizzkey Dongle detection
- new: installer_digital_river_downloader.asm - Digital River Download Manager detection
- new: installer_gpinstall.asm - added GP-Install Module detection
- new: installer_lymesfx.asm - added Lyme SFX Extractor Module detection
- new: installer_install_anywhere.asm - added InstallAnywhere detection
- new: installer_installshield.asm - added InstallShield v15 detection & Installshield PackageForTheWeb Installers
- new: installer_lindersoftsetup.asm - added Lindersoft Setup Builder Module detection
- new: installer_omnisetup.asm - added Omni Setup Module detection
- new: installer_popcap.asm - added PopCap Installer detection
- new: installer_realarcade_downloader.asm - added RealArcade Download Manager detection
- new: installer_reflexive_arcade.asm - added Reflexive Arcade Install Wrapper detection
- new: installer_smart_install_maker.asm - added Smart InstallMaker detection
- new: installer_visual_patch.asm - added detection for Visual Patch Installer
- improved: check_starforce.asm
                - updated to handle those strange starforce 5.60 exe's that didn't have version information
                - updated to handle Gothic 3 Forsaken Gods (russian)
- improved: check_securom.asm - code updated to detect the drm dyn data module
- improved: check_protectdisc.asm - added one more older version (v7.7.0)
- improved: check_codelok.asm - scanning speed optimizations
- improved: check_sysiphus.asm - optimised detection & scanning speed
- improved: check_solidshield.asm - update for those strange exe's and dll's with no version information
- improved: check_themida.asm - better version detection (v1.8.2.0 - v1.9.5.0, v1.9.7.0 - v1.9.9.0,
                   v2.0.0.0 - v2.0.2.0, v2.0.3.0 - v2.0.4.0, v2.0.5.0 (or newer))
- improved: check_acprotect.asm - faster scanning results
- improved: check_armadillo.asm - armadillo detection code updated
- improved: check_asprotect.asm - rewritten for better version detection
- improved: check_xenocode.asm - tweaked detection
- improved: check_thinstall.asm - updated with another detection method for v3.207
- improved: check_upx.asm - fixed UPX detection code so it detects upx'ed dlls too
- improved: check_xprotector.asm - added in another check (this also fixed a possible wrong detection
                   of Themida / WinLicense protected DotNet executables)
- improved: check_vmprotect.asm - made more generic, adjusted version info output
- improved: check_andpakk2.asm - rewritten, additionally we exactly detect the 2 versions now (v0.06 & v0.18)
- improved: check_anslympacker.asm – rewritten
- improved: check_cicompress.asm - tweaked & optimizsed
- improved: check_exestealth.asm - added in one more generic check
- improved: check_mew10.asm - tweaked mew 10 detection
- improved: check_pebundle.asm - updated, now detects on an exe which didn´t before
- improved: check_rdgtejoncrypter.asm - added in a more generic detection method
- improved: check_telock.asm - tweaked TeLock v0.96 detection
- improved: license_elicense.asm - completely rewritten (better v3.2 & v4.0 detection)
- improved: license_flexlm.asm - optimised detection & scanning speed
- improved: license_flexnet.asm - optimised detection & scanning speed
- improved: license_haspsl.asm - added another check for HASP SL
- improved: license_interlok.asm - added in one more generic check
- improved: license_salesagent.asm - optimised detection & scanning speed
- improved: license_sentinellm.asm – optimised
- improved: generic speed improvements in almost all license scans
- improved: dongle_keylok2.asm - updated KeyLok2 Dongle detection for better detection
- improved: generic speed improvements in all dongle scans
- improved: installer_7zip.asm - code updated, now detects an exe it never 'saw' before
- improved: installer_installaware.asm - updated to detect a custom version wich was un-detected before
- improved: installer_installshield.asm - installshield detection is now more generic and improved
- improved: installer_mscabsfx.asm - Microsoft cab sfx format detection is now made better
- improved: installer_nullsoft.asm - updated to handle nullsoft sfx exe's with the data in the resource section
- improved: installer_rarsfx.asm - WinRAR SFX detection updated
- improved: installer_zylomgames.asm - detection of another variant of Zylom Games Setup
- bugfix: fixed bug in Cactus Data Shield file scan (discovered by Blazkowicz on acrobat.dll)
- bugfix: check_obsidium.asm - bugfix in obsidium detection code
- bugfix: check_polyene.asm - fixed possible crash bug
- bugfix: installer_redshift.asm - fixed potential bug

v 6.1.3

faster, more accurate, still better and no more beta - xmas release #2
Core Code changes

- new: width-RESIZEABLE main window
- new: user can now choose what protection scans to skip
- new: added in new configuration item allowing the user to specify if iso, ccd, mds
           etc modules are to be treated as discs (and thereby subject to a sector scan)
- new: ability to scan inside Microsoft cab files has been implemented
- update: we are now v0.6.1.3
- update: faster scanning core :)
- update: configuration window has a new look
- update: better 64 bit file handling support added
- update: appended data detection tweaked a little
- update: now if PiD is running and an exe is scanned from the context menu, the main
               window will change to the log window (looks better.. suggested by loki)
- update: lnk file resolving is now complete, if user has selected to resolve links,
               the system handles this all automatically
- update: window position is now centred if a previous window location was not recorded
- update: adjusted ia64/x64 vs. machine check portion of code (thx to teddy rogers)
- update: configuration - windows product key showing is now a configuration item
- update: configuration - now 'themes' and 'flat mode' can not be selected at the same time,
               this is how it should be as themes override flatmode etc... so now only one can
               be selected, and the other is 'auto unselected' (suggested by syk0)
- update: configuration - added in code to enable/disable the 'protection report bubble' after a scan is completed
- update: Memory Optimiser - the progress bar should get to the start again when user
               clicked on Optimize and Purge was successful
- update: Memory Optimiser - code heavily updated, to work in chunks (if largest size requested is not available),
               so, end result - more reliable, faster and optimised
- update: misc tools - added in quick uninstall tab
- update: misc tools - added in CD/DVD Filter Driver scanner tab
- update: misc tools - added in Windows Error Code Resolver tab
- update: misc tools - added in CPU Info tab
- update: misc tools - added in windows directory in the system info output
- update: misc tools - added in Folder Locations scanner
- update: misc tools - system information window now reports graphic device names (geforce, etc),
                                  username & computer name and terminal services availability also reported
- update: misc tools - windows install date (from registry) is now reported in the misc tools 'system info part',
                                  windows install date (from folder) is now also reported.
- update: misc tools - tweaked x64 os detection code, so it’s a lot more reliable
- update: misc tools - windows product key reporting now also handles x64 systems
- update: nfo viewer - extra checking now added - zip, rar and mz executables will NOT be displayed,
                                   instead, a warning message is displayed
- update: process view - added in check for terminate, dump, priority change..
                                       if selected process is PiD, the menu items are disabled (for safety and security)
- update: sfv checking now reports current offset on the line when processing
- update: sfv processing now works with quoted filenames
- update: winspy - process name is now also reported (if we could obtain it.. )
- update: log window in cd/dvd operations now has a context menu, allowing for...
               clear log
               copy selection to clipboard
               copy log to clipboard
               save selection (txt)
               save selection (csv)
               save log (txt)
               save log (csv)

- bugfix: admin reflection / reporting was incorrect on 9x/ME systems
- bugfix: 'admin shield' icon is now moved, it looked out of place if the other progress bars
              showing cpu usage etc were turned off.. (reported by loki)
- bugfix: Export as .txt doesn't work properly, only the first file does get saved
- bugfix: event bug fixed, which sometimes resulted in PiD sticking at about 35% cpu
- bugfix: pause/resume in the queue window was sometimes wrong for the text (reported by r!co)
- bugfix: Fixed SFV bug - Click on make, don't select any files and press abort.
              You can't use the complete SFV feature as it's all grayed out (reported by Blazkowicz)
- bugfix: sfv output for large files (mb, gb etc) was VERY wrong, it’s since corrected
- bugfix: fixed 'disappearing window' problem
- bugfix: 'large icons' issue fixed in 9x
- bugfix: sfv - abort now works
- bugfix: sfv - output issue should be 110% fixed now (new buffering system used)
- bugfix: task manager -> potential stack bug fixed
- bugfix: configuration - shortcut creation was broken
- bugfix: nfo viewer - fixed potential memory leak on drag/drop
- bugfix: bug in the code checking for digital signatures (found by blazi)
              code now performs a sanity check on accessed memory areas

detection additions / changes
- new: check_activemark.asm - added version detection for v6.3.562
- new: check_alawar.asm - added Alawar Try & Buy Activation detection
- new: check_hexalock.asm - added HexaLock Copy Protection detection
- new: check_protectdisc.asm - added more Protect DiSC v8 subversions
- new: check_securom.asm - added in detection for sll modules + SecuROM Matroschka Package

- new: check_acprotect.asm - added ACProtect v2.1, v2.1.1 and v2.1.2 detection
- new: check_angelscrypter.asm - added Angel's Crypteur v0.2 detection
- new: check_antidote.asm - added AntiDote v1.4 SE detection
- new: check_armadillo.asm - added version detection v6.00 or newer
- new: check_atreprotector.asm - added AT4RE Protector v1.0 detection
- new: check_avlock.asm - added AVLock detection
- new: check_budcrypter.asm - added BUD Crypter detection
- new: check_coolcrypt.asm - added COOLcryptor 0.9 detection
- new: check_cryptwoz.asm - added CryptWOZ v1.0 detection
- new: check_darkcrypt.asm - added DarkCrypt v1.2 (Private Version) detection
- new: check_dcrypt.asm - added DCrypt Private v0.9b detection
- new: check_dotfixniceprotect.asm - added DotFix NiceProtect v1.0 detection
- new: check_dotnetreactor.asm - added dotNet Reactor v3.3 (or newer) detection
- new: check_enigmaprotector.asm - added version grabber for Enigma Protector
- new: check_execrypt.asm - added ExeCRyPT v1.0 [ReBirth] detection
- new: check_exefog.asm - added EXEFog v1.1 detection
- new: check_exewrapper.asm - added ExeWrapper v3.0 (533Soft) detection
- new: check_expressor.asm - added ExPressor v1.6 detection
- new: check_fakuscrypter.asm - added Fakus Crypter detection
- new: check_fastfilecrypt.asm - added FastFileCrypt v1.6 Public detection
- new: check_fatalzcrypt.asm - added Fatalz Crypt v2.14a detection
- new: check_flashbackprot.asm - added Flashback Protector v1.0 detection
- new: check_gieprotector.asm - added Gie Protector v0.2 detection
- new: check_imppacker.asm - added IMP-Packer v1.0 detection
- new: check_kcryptor.asm - added K!Cryptor v0.11 detection
- new: check_kgbcrypter.asm - added KGB Cypter v1.0a detection
- new: check_leetcryptor.asm - added 1337 Cryptor v2 detection
- new: check_lilithcrypter.asm - added Lilith Crypter detection
- new: check_maxtocode.asm - added MaxtoCode .Net Encryption detection
- new: check_minke.asm - added Minke v1.0.1 Executable Crypter detection
- new: check_moneycrypter.asm - added Money Crypter detection
- new: check_morphna.asm - added Morphna Beta 2 detection
- new: check_mortalteamcrypter.asm - added Mortal Team Crypter v2 detection
- new: check_mpress.asm - added MPRESS NET compressor detection
- new: check_mushroomcrypter.asm - added Mu$hr00M CryPtOR v1.0 detection
- new: check_nme.asm - added NME Executable Crypter v1.1 detection
- new: check_npack.asm - added nPack v1.1.500.2008 Beta detections
- new: check_obfuscatornet.asm - added Macrobject Obfuscator.NET detection
- new: check_privateexe.asm - added version detection for v2.00 - v2.25 and v2.30 - v2.70
- new: check_puricrypt.asm - added Puri Crypt v1.2 detection
- new: check_quickpacknt.asm - added QuickPack NT v0.1 detection
- new: check_rcryptor.asm - added RCryptor v1.6d detection
- new: check_rdgpack.asm - added RDG Pack Lite Edition v0.2 detection
- new: check_rdgtejoncrypter.asm - added RDG Tejon Crypter v0.3 detection
- new: check_rlp.asm - added ReversingLabs Protector v0.7.4 beta detection
- new: check_rlpack.asm - added RLPack v1.20 detection
- new: check_roguepack.asm - added RoguePack v3.3 detection
- new: check_russiancryptor.asm - added Russian Cryptor v1.0 detection
- new: check_securepe.asm - added SecurePE v1.5 detection
- new: check_secureshade.asm - added Secure Shade v1.8 detection
- new: check_snoopcrypt.asm - added SnoopCrypt detection
- new: check_thinstall.asm - added THInstall detection
- new: check_tstcrypter.asm - added TsT Crypter detection
- new: check_undergroundcrypter.asm - added UndergroundCrypter v1.0 detection
- new: check_unlimitedcrypter.asm - added UnLimited Crypter v1.0 detection
- new: check_unopix.asm - added UnoPiX v0.94 detection
- new: check_upxlock.asm - added UPX Lock v1.01 - v1.02 detection
- new: check_weruscrypter.asm - added Werus Crypter v1.0 detection
- new: check_wildtangent.asm - added Wild Tangent v2.1 Activation detection
- new: check_windofcrypt.asm - added WindOfCrypt detection
- new: check_wingscrypt.asm - added Wingscrypt v2.0 detection
- new: check_winutilitiesexeprot.asm - added WinUtilities EXE Protector v2.1 detection
- new: check_wlcrypt.asm - added WL-Crypt v1.0 detection
- new: check_xenocode.asm - added XenoCode .NET protector detection
- new: check_xenocode.asm - added XenoCode Postbuild 2007 + 2008 for .NET detection
- new: check_xhackercryptor.asm - added xHacker Cryptor detection
- new: check_xshell.asm - added XShell v1.5 detection
- new: check_zprotect.asm - added ZProtect v1.4.3 detection
- new: check_zylomwrapper.asm - added Zylom Wrapper Crypted Game.exe detection

- new: license_nalpeiron_scan.asm - added Nalpeiron Licensing Service detection

- new: installer_install4y.asm - added Install4j Wizard Module detection
- new: installer_installshield.asm - added InstallShield v12 BETA Version detection
- new: installer_squeezesfx.asm - added Squeeze Self Extractor Module detection
- new: installer_trymediadownload.asm - added Trymedia Systems Download Manager detection

- new: msi and 7zip file type reporting is now done to the log window (similar to the .rar, zip etc reporting)
- new: added in quick detection for starforce protected pdf file


- update: check_aspack.asm - added additional check for ASPack 2.x to avoid a false positive
               when scanning a file wrapped by FlashBack with ASPack entrypoint signature
- update: check_codelok.asm - improved detection
- update: check_dotnetreactor.asm - some parts recoded to be more generic & faster
- update: check_execryptor2.asm - improved detection with heuristic checks
- update: check_laserlok.asm - updated to handle older (v3) versions of laserlok
- update: check_passlock2000.asm - improved detection
- update: check_reflexivearcade.asm - executables builds are now reported (if found)
- update: check_safedisc.asm - updated to detect safedisc lite
- update: check_securom.asm - updated to handle VERY old versions & updated to detect a modified paul.dll
- update: check_solidshield.asm - minor modifications, but results in better reporting
- update: check_starforce.asm - updated to handle the new variant (v5.5) and also report bitness of the exe
- update: check_sysiphus.asm - optimised detection
- update: check_themida.asm - updated to handle dll protected Themida files
- update: check_vmprotect.asm - added new generic detection code (catches now dlls we missed before)
- update: check_upx.asm - improved to be 'more generic'
- update: check_vob.asm.asm - updated to handle older version (4 or less)

- update: dongle_guardant.asm - added reporting of old Guardant Dongle Protections
- update: dongle_hasphlenvelope.asm - improved detection

- update: license_sentinellm - improved for better detection

- update: installer_7zip.asm - improved detection

- bugfix: check_telock.asm - fixed v1.0 detection
- bugfix: check_yzpack.asm - fixed bug resulting in non detections
- bugfix: installer_installshield.asm - fixed possible non detections

CD/DVD/Image file/sector scan
- new: b6i image added into the supported file list
- new: added in 'Extract Boot Sector', now the boot sector from the cd/dvd can
            be 'extracted' to a file.. for use with something else maybe :)

- new: cddvd_cactus.scan.asm - Cactus Audio detection added to file scan in cddvd module
- new: cddvd_protectdisc.scan.asm - added in sector scan module for protectdisc / protectcd

- update: if a disk is detected as being protected when making the iso, the user will be prompted to continue or not
- update: sector stuff - updated handler to handle udf format disks (BEA01 header instead of CD001)
- update: sector scan - tweaked sector scan for tagés a little
- update: sector scan - tweaked the safedisc detection code
- update: sector scan - updated to now NOT stop if a sector 16 read failure happened
- update: sector scan - securom scan updated to handle version 4.x (and probably lower),
               which used a different 'fingerprint' and some minor tweaks / fixes
- update: sector scan - starforce + starforce keyless scan was heavily updated..
               reducing probability of false positives as well as catching some we missed before

- bugfix: sector scan - codelok scan fixed

v 6.0

if you ever used an older version you will experience a totally new tool with v6.0.
PiD got a major overhaul on It's GUI for a new and very easy using experience.
many protections have been added and tweaked for maximum detection speed
and as much accuracy as possible with the new core code additions.
Dongles, Licenses, polymorphic protectors and Installer detections are just some of the new additions...
our goal is to release a very easy to use tool for detecting all kinds of protections.
PiD is easy to use for newbies due to the cd/dvd scan and drag & drop feature.
Reverse engineers will also benefit when using ProtectionID due the detailed informations
like multiple protections in one file, detection of nearly all protectors (commercial and freeware)
and more informations like appended data etc...

we hope you will enjoy the new generation of our tool :-)
/cdkiller & x/xxx
Core Code changes

- added: new PE Entry Point verification code
- added: RVA - File Offset and vice versa converter
- added: checks if PE file is damaged
- added: checks if Executable is not designed for this CPU
- added: checks if Executable is not designed for this OS

- improved: many code optimizations wich will result in a highly stable program (should be very stack safe now)
GUI changes

- added:Protection Report window showing a table with filename / protection
- added: File Queue window to GUI showing all the queued files (pause, remove and clear function)
- added: Configuration window with a lot of options the user can choose from
- added: CD/DVD Util window to GUI
- added: filter log, where output in the status window can now be filtered to only report protected files
- added: right click menus into the status window, so that output can be copied to clipboard or saved to file
- added: more servers for the update system
- added: folder drag & drop support
- added: ability to drag & drop the cd/dvd icon into PiD to scan all files on a cd/dvd

- changed: Log window size extended a bit
CD/DVD scanning

- added: sector scanning for Codelok (encryption key will be extracted)
- added: sector scanning for Safedisc v1, Safedisc v2 / v3 / v4
- added: sector scanning for SecuROM (if version is older than v4.84.84, it will be displayed)
- added: sector scanning for StarForce 3 keyless
- added: sector scanning for StarForce 3 DVD Games
New detections

- added: more CD/DVD-Checks
- added: more CD/DVD Key or Serial Checks
- added: ARM Protector v0.1, v0.2, v0.3 detection
- added: Alex Protector v1.0 Beta 2 detection
- added: BamBam v0.1 detection (+ Debug Info)
- added: Beria v0.0.7 detection (+ Debug Info)
- added: BIt'shape PE Crypt v1.5 detection
- added: BJFNT v1.1 and v1.2 detection
- added: CICompress v1.0 detection
- added: CodeCrypt version detection for v0.15, v0.16 - v0.161, v0.163 - v0.164
- added: DBPE v2.33 detection
- added: Daemon Protect v0.6.7 detection
- added: DePack detection
- added: Dot Fix Fake Signer detection
- added: Duals Exe Encryptor v1.0 and v1.1b detection
- added: Encrypt PE v1.2003.5.18 and v2.2004.8.10 detection
- added: Enigma Protector v1.03 Build 3.10, v1.03 Build 4.00 detection, v1.11 and v1.12 detection
- added: EP Protector v0.3 detection
- added: EXE32Pack v1.42 detection
- added: EXE Guard v1.x detection
- added: EXE Locker detection
- added: EXE Password 2004 v1.111, v1.112, v1.114 detection
- added: EXE Protector v2.x detection
- added: EXE ReFactor v0.2 detection
- added: EXE Safe v2.0 detection
- added: EXE Shield [unknown version] detection
- added: EXE Shield version detection for v2.7a, v2.7b, v2.8a, v2.9
- added: EXE Stealth v2.75 and v2.75a (latest version) detection
- added: ExPressor v1.0, v1.1, v1.2, v1.3 and v1.4 detection
- added: Forgot v1.0 detection
- added: French Layor v1.81 detection
- added: Goat´s PE Mutilator v1.6 detection
- added: Hide PE v1.0 [ASPack New strain method] detection
- added: Hide PE v1.1 [ASPack New strain method] detection
- added: Hide PE v1.x [VBOX v4.3 MTE method] detection
- added: Hying´s PE-Armor v0.x detection
- added: Ion Ice EXE Lock v1.0 detection
- added: JD Pack v1.01 detection
- added: Krypton version detection for v0.2, v0.3, v0.4, v0.5
- added: License Checks
- added: MazePath EXELockout v3.0 detection
- added: Mew 5 EXE Coder v0.1 detection
- added: Mew 10 v1.x detection
- added: Mew 11 SE v1.0 and v1.1 / v1.2 detection
- added: Morphine v1.2, v1.3, v1.4 - v2.7 detection
- added: MSLRH v0.31a, v0.32 and [unknown version] detection
- added: Obsidium version detection for v1.0.0.61, v1.1.1.0, v1.1.1.4, v1.2.0.0, v1.2.5.0, v1.3.0.0 anf v1.3.0.4
- added: Packanoid v1.0 and v1.1 detection
- added: Packman v0.0.0.1 detection
- added: Pack Master v1.6 detection
- added: PE Bundle v3.20 (latest version) detection
- added: PE Crypt v1.0x detection
- added: PE LockNT v2.01, v2.03 and v2.04 detection
- added: PE Pack v0.99 and v1.00 detection
- added: PE Spin v0.3, v0.41, v0.7, v1.0, v1.1 and v1.3 detection
- added: Petite version detection for v1.2, v1.3, v1.4, v2.2, v2.3 and unknown versions
- added: PEStubOEP v1.x detection
- added: PolyCrypt PE [generic] detection
- added: PolyEnE detection
- added: Protect v0.1.3 detection
- added: Protect EXE v0.4a Beta detection
- added: Private EXE v2.x detection
- added: Program Protector v1.x - v2.x detection
- added: SD Protector v1.12 and [unknown version] detection
- added: Shegerd EXE Protector & Anti-Debugger detection
- added: Shrinker v3.4 detection
- added: SLVc0deProtector v0.61 detection
- added: SoftSentry [generic] detection
- added: Softwrap (XtremeLok) detection
- added: Smoke´s ExeShield v0.5 detection
- added: Stealth PE v2.x detection
- added: Stone's PE Cryptor v1.13 detection
- added: SVKP version detection for v1.051, v1.11 and v1.3x - v1.4x
- added: TELock version detection for v0.42, v0.51, v0.60, v0.70, v0.80, v0.85f, v0.90, v0.92a, v0.95, v0.96, v0.98 and private versions
- added: Themida v1.0.0.1 - v1.0.0.5 detection
- added: Trial Master v2.x detection
- added: Upack v0.10b - v0.12, v0.20, v0.21, v0.22 - v0.23, v0.24 - v0.28, v0.29 - v0.33, v0.34 - v0.35 and v0.36 detection
- added: UPX Mutanter v0.2
- added: UPX Mutator detection
- added: UPX Protector v1.0e detection
- added: UPX$HiT 0.0.1 detection
- added: Visual Protect [generic] detection
- added: Vcasm-Protector detection
- added: Visual UPX v0.2 detection
- added: VMProtect v1.00 - v1.04 and v1.05 - v1.07 detection
- added: WinLicense v1.0.0.0 - v1.0.0.3 detection
- added: XCR v0.12 and v0.13 detection
- added: X-Treme Protector v1.07 Build 12-12-03, v1.08 Build 15-12-03 and v1.08 FiNAL detection
- added: Yoda´s Crypter v1.1 and v1.3 detection
- added: Yodas Protector v1.0b, v1.02b, v1.02d, v1.02.05, v1.03.1 and v1.03.2 Beta 3 detection
- added: Z-Code v1.01 detection
- added: Dongle - Dinkey detection
- added: Dongle - Hardlock detection
- added: Dongle - HASP Hardware Lock detection
- added: Dongle - HASP4 Net detection
- added: Dongle - Key-Lok II detection
- added: Dongle - Sentinel detection
- added: Dongle - Sentinel Super Pro detection
- added: Dongle - WIBU detection
- added: License - CrypKey detection
- added: License - FlexLM detection
- added: License - FlexNET detection
- added: License - HASP SL detection
- added: License - InterLok detection
- added: License - nTitles Activator detection
- added: License - SalesAgent detection
- added: License - Sentinel LM detection
- added: License - ViaTech E-license detection

- added: Installer - 7-Zip SFX Module detection
- added: Installer - Aquarius Soft Self-Extractor detection
- added: Installer - Astrum Install Wizard detection
- added: Installer - AW Install Engine Module detection
- added: Installer - BinPatch Module detection
- added: Installer - Bit-Arts Install Wrap detection
- added: Installer - Blizzard PrePatch Module detection
- added: Installer - Clickteam Install Maker detection
- added: Installer - Clickteam Patchmaker detection
- added: Installer - Create Install 2003 detection
- added: Installer - Gentee Installer detection
- added: Installer - Ghost Installer detection
- added: Installer - GKWare SFX Setup Archive detection
- added: Installer - Inno Setup Archive detection
- added: Installer - Installer 2 Go detection
- added: Installer - InstallShield v5.53, v6.31.100.1221, v7.1.100.1248, v8.x, v9.1.0.429, v10 and v10.5 detection
- added: Installer - Install Zip detection
- added: Installer - IZarc Self Extractor Module detection
- added: Installer - Microsoft SFX CAB Module detection
- added: Installer - Nullsoft SFX Setup Archive detection
- added: Installer - Patch Wise Module detection
- added: Installer - Paquet Builder - Enhanced Self-Extracting Zip Module detection
- added: Installer - PKSFX Archive detection
- added: Installer - Power Archiver SFX 2003 detection
- added: Installer - QSetup SFX Kernel detection
- added: Installer - Red Shift Installation System Module detection
- added: Installer - RTPatch Module detection
- added: Installer - Setup Factory detection
- added: Installer - SFX Factory! detection
- added: Installer - Silicon Realms Install Module detection
- added: Installer - Sony Self-Extracting Packager Archive detection
- added: Installer - Spoon Installer Module detection
- added: Installer - Tarma Installer Module detection
- added: Installer - VISE Mindvision Wizard detection
- added: Installer - WinAce Self-Extractor Module detection
- added: Installer - WinRAR SFX Archive detection
- added: Installer - WinZip SFX Archive detection
- added: Installer - Wise Installation Wizard Module detection
- added: Installer - Zip Central SFX detection
- added: Installer - Zip SFX Module detection
- added: Installer - Z-Up Maker SFX Archive detection
Improved detections

- improved: Codelok detection (bye bye 'icd1' section check)
- improved: appended data size verification for a few exe crypters, resulting in an even more accurate detection
- improved: Air EXE Lock detection
- improved: DEF v1.0 detection rewritten
- improved: EXE32 pack detection rewritten
- improved: EXEProt detection
- improved: EXE Stealth detection wich wouldn´t recognize crypted exe´s with the retail version (shareware messed up some EP bytes)
- improved: E-Zip detection (also speed increase)
- improved: Krypton detection rewritten (much faster and more accurate now)
- improved: LameCrypt detection
- improved: Neolite v1.x - v2.x detection
- improved: NFO detection
- improved: Noodle Crypt v2 detection
- improved: Obsidium detection rewritten to be more generic with all available versions till v1.2.5.0
- improved: PassLock 2000 detection
- improved: PE Diminisher v0.1 detection
- improved: PE Lock v1.06 detection
- improved: PE Nguincrypt detection
- improved: PE Ninja detection rewritten
- improved: PE Shield detection code optimised
- improved: PeX v0.99 detection
- improved: PKLite32 v1.1 detection
- improved: Shrinker detection
- improved: Software Defender detection rewritten
- improved: Special EXE Password Protector detection
- improved: SVKP detection recoded, much faster and more accurate
- improved: TELock detection code rewritten
- improved: Virogen Crypt v0.75 detection
- improved: WinKrypt v1.0 detection
- improved: WWPack32 v1.xx detection rewritten
- improved: Yoda´s Crypter v1.2 detection

- fixed: possible crash bug when scanning a 'Zero Entrypoint DLL' (i.e. Ahead\Nero\Nerodeu.nls)
- fixed: EXE32Pack wasn´t detected in v5.0 due a file size checking bug
- fixed: ExeProt crash bug when scanning files < 1500h bytes
- fixed: cosmetic bug on status window, if mouse was over it when it was first created, the cursor was an hour glass
- fixed: a few detection strings with missing zero terminators (didn´t affect scanning, just a cosmetic fix)
- removed: PE Bundle generic detection (heh it could be fooled too easily)
- removed: Krypton [generic] detection (version checks will do a better job)
- plus many minor fixes and improvements I can´t remember anymore ;-)

[ -= NOTES = -]

Dongle detections:  To check commercial applications for a Dongle protection, we recommend to use the folder scan.
                                    we know Dongle protections aren´t widely used in most apps but the usage of Dongles in 3D/CAD/CAM
                                    applications is growing.
                                    examples  - AICON 3D Studio v3.6.00                        -   Hardlock
                                                    - Avisoft-SASLab Pro.4.36.22                     -   Hardlock
                                                    - Image Craft AVR ANSI C Tools v7.00b    -   DinKey
                                                    - BrainVoyager2000 v491                            -   HASP
                                                    - Canops ProCoder v2.0                              -   HASP PE Envelope
                                                    - Solidscape JewelCAD v5.12                      -   Key-Lok II
                                                    - Quark XPress v6.1                                    -   Sentinel
                                                    - NewTek LightWave 3D v8.0                     -    Sentinel
                                                    - Electronic Image Animation System v5.5.1 -    Sentinel Super Pro
                                                    - PointLineCAD Version 19                         -    WIBU

License detections
: To detect if an application is protected by a License, we recommend to use the folder scan and select the install dir.
                                    i.e. DivX v5.2.1 is using 'nTitles Activator'. Scan the DivX folder and you will notice bgregister.exe in the Protection Report
                                    Window. The file will import the serial functions of a file called 'PSIKey.dll' wich is present in your application dir or
                                    (like in this case) in C:Windows\System32. Scan the dll and you´ll know the version.
                                    examples 1 - Avid Softimage XSI Advanced v4.0                -   FlexLM v6.1     (ilImageTPF.dll)
                                                      - Intel C++ Compiler for Win.v8.0.046             -    FlexLM v7.1    (codecov.exe, xilink.exe...)
                                                      - Gauss v6.0                                                     -    FlexLM v8.1    (gauss.exe, tgauss.exe)
                                                      - Pixar Renderman Artist Tools v6.0                  -    FlexLM v8.2    (rampEditor.exe, slim.exe...)
                                                      - Code Warrior v9.3                                         -    FlexLM v8.4    (lmgr8c.dll)
                                                      - Digital Fusion Render Note v4.04c                 -    FlexLM v9.0    (DFRNode.exe)
                                                      - Cambridge Animations Systems Animo v6.0   -    FlexLM v9.2    (lot´s of .dll files in \bin dir)
                                                      - Geoslope Geostudio 2004 v6.02                    -    FlexNET v10.0 (GeoStudio.exe and lots of .dll files)
                                    examples 2 - Minnetonka Disc WELDER Bronze v1.01      -   Sentinel LM
                                                      - IronCAD Inovate v7.0                                    -   Sentinel LM v7.2.0.0
                                                      - CSI SAFE v8.0.4                                           -   Sentinel LM v7.2.0.18
                                    examples 3 - DivX v5.2.1                                       -   nTitles Activator v1.3.6.18    (bgregister.exe, PSIKey.dll)
                                                      - Corel Word Perfect Office v12           -   nTitles Activator v1.3.4.89   (Prwin12,exe, PSIKey.dll...)
                                                      - Kaydara Motion Builder v5.5             -   nTitles Activator v1.3.4.13    (klicense.dll, PSIKey.dll)
                                                      - PowerQuest Drive Image v7.03          -  nTitles Activator v1.3.0.43    (PQV2iSvc.exe)
Safecast detections:    examples:  - Dreamweaver MX 2004 v7.0.1               -  Safecast v2.42.000 (actlib.dll, MMxpt.dll)
                                                      - ArcSoft Media Card Companion v1.0     -   Safecast v2.50.030 (Media Card Companion.exe)
                                                      - Autodesk Inventor Professional v9.0        -   Safecast v2.51.000 (invadlm.dll, invaip09.dll)
                                                      - Data Becker Web To Date v3.1              -   Safecast v2.60.030 (web2date.exe)
                                                      - Adobe Photoshop CS2                           -   Safecast v2.67.010 (Tw10122.dat)

v 5.1f

- added: SecuROM 7.27.xxxx detection
- added: Protect DiSC v7.5 (or newer) detection
- added: Starforce 4 protection level (Basic / Pro) detection
- added: Starforce ProActive v4 Protect.exe detection
- added: Safedisc detection for v4.70 in executables without version string
- added: PC Guard v5.01 detection
- added: SD Protector v1.12, v1.16 and [unknown version] detection
- added: TheMida v1.0.0.0 - v1.8.0.0 (or newer) detection
- added: License - eLicense v3.x, v3.20 and v4.0 detection
- added: License - Protection Plus v4.x detection
- improved: ActiveMark detection split into v4 & v5
- improved: Xtreme Protector detection code improved
- improved: SecuROM 7.26.xxxx detection, added more detailed versions
- improved: Protect DiSC version detection, added support for most common versions
- fixed: crash during Tages scanning if entrypoint is between offset 2h to 4h
/cdkiller & [x/xxx]

v 5.1e

- added: SecuROM 7.26 detection
- added: SecuROM 7.xx.xxxx subversions (tested on 90+ executables)
- added: Safedisc separated detection for v4.50 & v4.60 in executables without version string
- added: Laserlok build detection for v5
- added: Starforce v4 detection inside protect.exe
- added: NSPack v3.3 & v3.5 detection
- improved: Laserlok Marathon detection
- improved: CodeLok detection
- fixed: Protect DiSC v6.2 build number bug
/cdkiller & [x/xxx]

v 5.1d

- added: SecuROM version detection for v7.01, v7.02, v7.10, v7.11, v7.12, v7.20, v7.21, v7.24 and newer
- added: StarForce BASiC detection (no drivers included) (valid only for SF v3.x)
- added: StarForce ProActive v3 detection (you need to scan the protect.exe)
- added: Tages scanning if Device Driver is called (Disc Check)
- fixed: StarForce bug sometimes not reporting if VFS is used
finally a working SecuROM 7 version detection.
scanners just detecting v7.00.00.xxxx are simply wrong.
short game list:

Constantine                SecuROM v7.01
GTA San Andreas     SecuROM v7.02
F.E.A.R.                    SecuROM v7.11
Indigo Prophecy         SecuROM v7.12
Stubbs The Zombie    SecuROM v7.18
Serious Sam 2            SecuROM v7.19
Rogue Trooper           SecuROM v7.20
Sensible Soccer 06     SecuROM v7.21
Hitman Bloodmoney   SecuROM v7.24
/cdkiller & [x/xxx]

v 5.1c

 - added: Protect Disc v7.0 - v7.1 (or newer) detection
 - added: Starforce Protect.exe v3.5.xx.xx and v3.6.10.06 - detection
 - added: ActiveMARK detection (+ check for unknown versions/cracked files)
 - added: detection if Tages SDK or Tages BASiC is used in protected files
 - added: Armadillo v4.44 detection
 - added: PC Guard v5 detection
- improved: ASPack detection (detects v1.01b, v1.02b, v1.03b, v1.05b, v1.06b - v1.061b, v1.07b, v1.08x, v1.083, v1.084
                    v2.000, v2.001, v2.1, v2.11, v2.11c - v2.11d, v2.12 and v2.12b)
- improved: TeLock detection (detects v0.42, v0.51, v0.60, v0.70, v0.71, v0.880, v0.85f, v0.90
                    v0.92a, v0.95, v0.96, v0.98b1, v0.98b2, v0.99, v1.00 and v0.98 Special Build)
/cdkiller & [x/xxx]

v 5.1b

this build is updated again to detect the latest protections and to squeeze a few bugs.
 - added: Tages v5.3.0.0 - v5.5.0.1 (or newer) detection
 - added: Laserlok build date detection if possible
 - added: StarForce protection infos (depending on what options were used to protect the game)
 - added: Armadillo v4.42 detection
 - added: ASprotect v2.1, v2.2 and v2.3 detection
 - added: ASProtect v2.x [unknown version] detection
 - added: MoleBox v2.x.x [generic] detection
 - added: MoleBox v2.2.3, v2.2.4, v2.2.5, v2.2.6, v2.2.8 and v2.3.0, v2.3.3, v2.4.0, v2.5.0, v2.5.5, v2.5.12 detection
 - added: NSPack v1.0 - v2.8, v2.9, v3.0, v3.1, v3.4, v3.6 and generic detection
 - added: UPX v2.00 detection
 - improved: ASProtect v2.0 detection
- fixed: Armadillo v4.40 was detected as v4.10 - v4.20 in some files
- fixed: annoying Starforce bug not reporting protected dlls anymore after executable scanning
- fixed: Protect Disc detection (added a generic string search too)
- fixed: SmartE detection is Softlocx6.ocx
            (this protection uses the same wrapper, except only 1 byte difference ;P)
expect a new build soon :-)
/cdkiller & [x/xxx]

v 5.1

The last public version (v5.0 Final c) was released on 14.12.2004.
Right after releasing it, the development of v6.0 began and still continues.
Now we release v5.1 to keep you up to date.
New protections were added, important ones got updated and improved, bugs got fixed...

- added: JoWood X-Prot detection
- added: Laserlok Marathon detection
- added: Ring-Protech detection
- added: SecuROM v7.xx.xx detection
- added: SmartE Copy Protection detection
- added: Starforce v3.x version is now displayed with build number
- added: Tages v5 detection
- added: VOB Protect CD/DVD v5.9x with build number detection instead of showing "VOB Protect CD/DVD [modified version] detected"
- added: ACProtect version detection for v1.09, v1.10, v1.20, v1.21, v1.22, v1.23, v1.3c, v1.32, v1.35 / v1.40, v1.41 and v2.0
- added: Armadillo version detection for v1.00 - v1.84, v2.00 - v2.40, v2.60 - v3.00, v3.05 - v3.20
              v3.30 - v3.61, v3.70 - v3.75, v3.76 - v3.77, v3.78, v4.00 - v4.05, v4.10 - v4.20, v4.30 and v4.40
- added: ASProtect version detection for v1.0, v1.1, v1.11, v1.2, 1.22 - v1.23 Beta, 1.23 RC4 -, 1.23 RC4 (Registered),
              v1.31, v1.32, v1.33, v2.0 Alpha and v2.1 - v2.11
- added: EXE Cryptor v2.0 - v2.1.xx, v2.2.0 - v2.2.4 and v2.3.0 - v2.3.7 detection
- added: FSG v1.0, v1.2, v1.3 - v1.31, v1.3.3, v1.33a and v2.0 detection
- added: PE Compact v2.xx generic detection
- added: PE Compact version detection for v1.00 - v1.3x, v1.40 - v1.50, v1.55, v1.56 - v1.65, v1.66 - v1.84,
              v2.0 Beta Build v52, v2.00 - v2.10 and v2.20 - v2.64
- added: some more CD/DVD-Check detections
- improved: Laserlok detection
- improved: Safedisc [generic v1, v2, v3, v4] verification code making it possible to detect a faked Safedisc protection were the SD string
                  'BoG_ 90.0&!! Yy>' was simply added to the PE header, also added another piece of code checking for 'real' Safedisc
- improved: Safedisc v3.20 - v4.xx [unknown version] is more accurate due new checks
                  (i.e. NBA Live 2006, version is removed, PiD detects 'Safedisc v4.00.001 - v4.00.003)
- improved: Safecast detection in safecast´ed executables
- improved: SecuROM detection, added one more check to speed up scanning in non SecuROM´ed files
- improved: StarForce detection
- improved: UPX detection
- improved: VOB Protect CD/DVD detection completely rewritten

some notes about... SecuROM v7...

well you´ve probably seen SecuROM 7 "versions" displayed like 7.00.00.xxxx.
I don´t think it´s the "real" version, check out the following version and their release dates:
SecuROM (Crashday)                                       -    25.01.2006
SecuROM (Conflict Global Storm)                    -    17.08.2005 (!)
SecuROM (CSI-3 Dimensions of Murder          -    22.02.2006 (!)
SecuROM (Project Snowblind)                         -    09.04.2005 (one of the first securom 7 titles)
SecuROM (F.E.A.R.)                                       -    05.09.2005
SecuROM (Star Wars Empire at War)              -    20.01.2006
just my thoughts on securom... the string is decrypted, yes, but it doesn´t mean it´s part of the version.
if i´m wrong i´m going to correct it in the next release... but is there any proof ? ;-)
cdkiller & [x/xxx]


v 5.0c (Protection Update #1)

v6.0 is progressing very well and the changes are incredible but we thought
we should release v5.0c to keep you up to date because protections have changed...
- added: Safedisc v3.20 - 4.xx detection with removed version
   i.e. Need For Speed Underground 2, Flatout, The Lord of The Rings The Battle For Middle-Earth, Knight Rider 2
- added: 3PLock detection (i.e. Kreed, RTL Ski Jump 2005, RTL Ski Alpine 2005)
  (consider our protection as the most proper one because we don´t simply scan for the section names, we are analysing the exe ;-)
- improved: totally rewritten Safedisc detection (much faster and highly accurate)
Our goal is to keep you up to date. While continuing work on v6.0 we might put out some more minor updated v5.0x versions,
depends on how much PC Game protections will change.
cdkiller & [x/xxx]

v 5.0b (BugFixed)

sorry for the fixed version... but there were some minor annoying bugs in the FiNAL ;-)
- added: Auto Update feature to support ProtectionID´s new website (
- added: Server selection when doing an Auto Update
- added: VOB Protect CD [modified version] detection (i.e. Sacred german )
- added: 2 more CD-Checks to scan for (MVP Baseball 2004, Battle Mages)
- fixed: Win9x system lock
- fixed: corrupt path names in log window when scanning a rar file
- fixed: [!] Unknown Protection issue when file is non executable or too small to be executable
- fixed: CDCheck bug displaying 'No Protection found' when certain CDCheck strings were found
- fixed: SecuROM detection when no version (crypted or unencrypted) was found
- fixed: LogWindow cursor now shown as normal cursor and not like the I-bar one
thx again x/xxx for all your help !


v 5.0 FiNAL

Don´t get me wrong, I labeled it 'FiNAL' because I released a public Beta some weeks ago.
Nor does it mean I´ll stop developing this popular tool ;-)
during the development of v5.0 many things have been added, improved, changed, bugfixed and tweaked.
ProtectionID got a totally new core with lots of enhancements, so I don´t write every fix etc
into the changelog because they will make it explode...
also, may I say, our tool is the only one with a 99% Tagés detection.
other tools sometimes have trouble in detecting Tagés or detect Tagés wrong on a CD/DVD where another protection is used.
the Tagés scanning feature is only available on Win2k / WinXP / Win2k3 without the need of ASPI drivers.
soon it will be Win9x compatible, also without any additional drivers !
added: aggressive scan (read notes) for a more powerful detection
added: CD/DVD sector scanning for ISO protections (Tagés only in v5.0, more will follow)
added: CD/DVD file scanning for all possible protections if executable is present in an uncompressed state
added: context scan menu for all files (can be enabled / disabled in the GUI) (read notes)
added: drag & drop support for the GUI, simply select as many files as you want and drop them into ProtectionID
added: folder scanning
added: glowing buttons to GUI
added: log window showing all detected protections
added: online update (systray menu -> support -> check for updates)
added: progress bar showing total progress of scan to be completed
added: queue window, displaying the files in queue when doing a multiscan or drag & drop of more than one file
added: status window displaying the current operations
added: systray icon / menu (single / multi scan, folder / cd / dvd scan, drop me a mail, check website, download update, visit
added: updater wich will download the latest version for you (systray menu -> support -> check for updates) (read notes)
added: detailed information about a program crash
added: detection for Laserlock version (if detection is possible...)
added: detection for Settec Alpha ROM (used in Korean games, will hit Europe soon... thx mate for the exe !)
added: detection for VOB Protect CD version
added: detection for Air ExeLock
added: detection for Crypto-Lock
added: detection for E-Zip
added: detection for latest EXEStealth v2.74
added: detection for Perplex PE Protector
added: detection for UPX Scrambler
added: detection for latest X-treme Protector v1.07
added: detection if a  CD-Key is required (i.e Call of Duty, Savage, Quake 3 Arena...)
added: more CD/DVD-Check detection strings to database (i.e. Fire Starter, Massive Assault, Apache Longbow Assault...)
added: scanning in all files wich are valid PE files (i.e. in Lords of Everquest, the Lords.ree is protected with SecuROM)

improved: totally new scanning routines (much faster and more stable)
improved: ASPack detection
improved: FSG detection
improved: Krypton detection
improved: Neolite detection
improved: PE Compact detection
improved: PE Lock detection
improved: PE Shield detection
improved: Softdefender version checking
improved: Special EXE Password Protector detection
improved: Stealth PE detection
improved: UPX detection (to detect fakes and modified versions)
improved: VBO Watch detection
improved: VGCrypt detection
improved: X-treme Protector v1.00 - v1.07 detection (i.e. Spellforce exe is protected with v1.06)
improved: checks if a file was cracked by an iso / dox / rip group
removed: checks for possible CD-Check API Calls (i got enough CD-Check strings wich should find the checks)
removed: scanning exefiles for Tagés (use the proper detection with the cd/dvd sector scan feature)
fixed: 4 KB file scanning crash
Aggressive Scan [default: on]

a very usefull feature wich enables you to check if a file is protected by more than one protection.
Games: i.e. you can check if a SecuROM protected exe also has CD/DVD-Checks
Apps: some crypters are faking / hiding the real protection like Stealth PE.
          i.e. if you scan an ASPack protected file where Stealth PE is used to hide the real protection, both will be detected by ProtectionID
Context Menu

once enabled in the GUI you are able to scan every (!) file with a right click 'Scan with ProtectionID...'
CD/DVD scanning

sector scanning only supports Tagés in v5.0 (for other protections simply scan the programs exe)
file scanning supports all kind of protections.

once ProtectionID is started it will pop up a tray icon.
click on it and select 'Scan File(s) / Folders / CD/DVD' -> 'CD/DVD drive file/ sector' -> your drive letter
Auto - Updates

tray icon -> support -> check for updates
will check if a new update is available and it will be downloaded

v 4.2

added: detection for encrypted SecuROM versions newer than 4.87.00 (thx to CirKutz)
added: detection for more Armadillo versions
added: detection for more TeLock versions
added: detection for Akala EXELock
added: detection for Stealth PE
added: more CD/DVD-Check detection strings to database (i.e. Secret Weapons over Normandy)

improved: SecuROM detection code
improved: VOB Protect CD detection
improved: ACProtect detection
improved: BJFnt detection
improved: Exe Bundle detection
improved: ExeStealth detection
improved: FSG detection
improved: Pex detection
improved: PE Bundle detection
improved: PKLite32 detection
improved: Shrinker detection

v 4.1

added: more CD/DVD-Check detection strings to database (i.e. Chaos Legion, Kelly Slaters Pro Surfer, NHL 2004, Reel Deal Poker...)
added: detection for more UPX versions

improved: CD/DVD-Check detection
improved: scanning speed of Multiscan function
improved: SecuROM detection (hopefully fixed the 'was protected with SecuROM but has been unwrapped' bug in a few non-cracked files)

fixed: Bug when scanning more than 2 unwrapped Safedisc files wich always showed 'No additional CD/DVD-Checks'
fixed: Bug in unwrapped SecuROM files wich says 'Protected with additional CD-Checks' when a certain string was found
fixed: crash bug when scanning files < 4 KB
fixed: SecuROM version bug (i.e. PiD v4.0 detected SecuROM, but real version is 4.84.85 only, coz it´s zero terminated)

removed: detection if a game was cracked by RAZOR 1911 due to a request

v 4.0

added: new logo by Eboy [SAC]
added: check if the scanned file is a valid Executable
added: message when scanning files >20 MB
added: scanning for CD-Checks in cracked SecuROM files
added: detection for ASProtect
added: detection for BJFnt
added: detection for Def v1.0
added: detection for Exe Bundle
added: detection for ExeProt
added: detection for Krypton
added: detection for PE Mangle
added: detection for PE Pack/Crypt
added: detection for PhrozenCrew PE Shrinker
added: detection for PKLite32
added: detection for Simple PE Crypter
added: detection for Stone´s PE Encrypter
added: detection for TeLock
added: detection for hacked UPX versions
added: detection for VBO Watch
added: detection for VGShrink
added: detection for WWPack32
added: more CD-Check detection strings to database
added: detection if ASPack was unwrapped with ASPackDie

improved: Armadillo detection
improved: ASPack detection (v2.11, v2.12)
improved: CD-Check API detection
improved: CodeLock detection
improved: FSG detection speed
improved: Neolite detection
improved: NFO detection
improved: Noodle Crypt detection
improved: Obsidium Software Protection
improved: PEnguincrypt detection
improved: PeX detection
improved: Petite detection scanning speed
improved: VGCrypt detection for both encryption modes (added section, installed code into cave)
improved: SecuROM detection code optimised

fixed: UPX detection bug
fixed: ProtectionID cannot be started more than once at the same time
fixed: some grammar issues (thx BountyWarrior)
...and finally the easter egg became a picture...

ProtectionID public