Closed digocesar closed 2 years ago
It's not the end of the world if you disable the protection.
There is something on your runtime environment that triggers the protection. There is away to find out what exactly is causing it, by adding some messages to the FailFast
calls. That would be here. If you do that and protect your assembly with this self compiled version, you are going to see the message if the failure reason in the event log.
This would help to identify the root of the issue.
Hi @mkaring
This suggestion of log message on FailFast will show me in what point of the code it is stopping. But if it point me to Debugger.IsAttached
validation, how can I find which program on user's machine is trying to debug my application?
Is your application launched by any other application that may attach as a debugger?
Alternatively it could be something using the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
registry key. Is your executable name listed in there and has the key value called "Debugger" ?
You also could use the Process Monitor to check if any other application is interacting with yours during startup.
I had tested and find that the debug protection is killing my application because COR_ENABLE_PROFILING variable is set to "1". https://github.com/mkaring/ConfuserEx/blob/master/Confuser.Runtime/AntiDebug.Safe.cs#L14-L16
Do you know what program use this variable? A solution should be just set this variable to "0"? Or broke some other application on the user machine?
This issue needs more information and has not had recent activity. Please provide the missing information or it will be closed in 7 days. Thanks!
Closing this issue because it needs more information and has not had recent activity. Please re-open this issue if more details can be provided. Thanks!
This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
On some Windows 10 machines the application does not start if I use Anti Debug protection. In Windows Event Viewer it says the following callstack:
I've tried safe mode and win32 mode. But it didn't work. I have no idea what might be going on. Would it be too bad to distribute the application without this protection?