Set features and parameters for the protected system.
Select the method you want to protect the application program. The
available shell methods are as follows.
·
Injection-1. The Injection-1 shell method encrypts the code section of the
executable. At the same time, it injects the shell protection code into the
header and stub of the executable, which enables it to interface with the
Updater and decrypt the code section at run time. This method allows the
protected executable to remain as a single entity. However, it may not work
with some type of the executables if there is a restriction that does not allow
modifying the header and stub.
·
Injection-2. The Injection-2 shell method uses the same concept as the Injection-1
method, but with variant techniques. It is recommended to try to use the
Injection-2 method if the Injection-1 method does not work with your
application.
·
EXE Scramble. The EXE Scramble shell method scrambles and encrypts the whole
executable. At the same time, it creates a loader that can interface with the
Updater and decrypt the executable at run time. The protected executable (e.g.,
ProtectedProgram.exe) is hence composed of the loader and the scrambled
executable. The first time the protected executable is run, the scrambled
executable is created as a separate PKS file (e.g., ProtectedProgram_PKS.exe).
Then and later, the protected executable ProtectedProgram.exe works as
the loader to decrypt ProtectedProgram_PKS.exe at run time. Because this
method does not modify the header and stub of the executable, it has no
restriction such as found in the Injection methods. It is recommended to try to
use the EXE Scramble method if the Injection methods do not work with your
application.
·
.NET Encryption. The .NET Encryption shell method encrypts the whole managed assembly.
At the same time, it creates a loader that can interface with the Updater and
decrypt the assembly at run time. Two versions of the encrypted assembly are
created in the form of a native executable: ProtectedProgram32.exe
(32-bit) composed of the Win32 loader and the encrypted assembly, and ProtectedProgram64.exe
(64-bit) composed of the Win64 loader and the encrypted assembly. In addition,
this method creates a 32-bit executable (e.g., ProtectedProgram.exe),
which works as the main program for both ProtectedProgram32.exe and ProtectedProgram64.exe.
When ProtectedProgram.exe is started, it determines whether its process
is running on 32-bit Windows or WOW64 (Windows-on-Windows 64-bit) emulator, and
then executes the corresponding version of the encrypted assembly. Either ProtectedProgram32.exe
or ProtectedProgram64.exe may be deployed individually. However, both
files and ProtectedProgram.exe should be included together to ensure
that the encrypted assembly can run on both 32-bit and 64-bit platforms.
The shell protection itself includes anti-debugging and anti-tracing
schemes. In addition, you can add the following code protection options.
·
Enable code section encryption to protect against decompilation.
·
Enable self checksum to protect against code modification.
Automatic software update enables the protected program to interface
with the Updater that automatically checks for updates on the server.
Specify the condition to perform automatic update.
·
Always perform auto-update. The protected application always performs automatic
update regardless of its license status.
·
Perform
auto-update if the subscription is valid. Before performing automatic update, the protected application connects
to the Activation Server to check its subscription status. It performs
automatic update if the subscription is valid.
·
Terminate the application before executing the downloaded update. The Updater terminates the
protected program before executing the downloaded update.
Enable the protected program to operate as one process (or one task)
only. The protected program blocks all additional processes that might be
executed.
·
Module Name. Assign a unique name for the protected program. This module name is
used by the protection system in the process of blocking multiple processes. A
unique name is assigned when the Auto detect is checked.
This option allows you to specify how the protected program running in
background process handles errors.
·
Terminate the protected program without confirmation prompt. The protected program
running as a background process is sometimes not connected to a console. For
instance, an ActiveX/COM DLL runs on an IIS platform server as a web-based
application. The error messages may not be accessed by the end-user. When an
error occurs, this option enables the protected program to terminate itself
without displaying a confirmation prompt. This option should be enabled when
characteristic of the protected program is set to Service or ActiveX/COM
DLL.