Enigma Protector

Hi,
I've got a problem with The Engima Protector. After I protect (JUST protecting, no plugins, no checks, no virtualize, nothing) my executable it adds two threads (as I could see) and I am wondering if threads does ever close or not during the execution of the software.

.

Cataclismo wrote:I've got a problem with The Engima Protector. After I protect (JUST protecting, no plugins, no checks, no virtualize, nothing) my executable it adds two threads (as I could see) and I am wondering if threads does ever close or not during the execution of the software.

What is the problem to have these threads...?

I'm doing a thread check from inside my application. If the threads would close then that could be a problem. I've tested a bit (for about 2 mins) and I saw they are not closing. I hope they won't do it later.

.

As zylongaming suggested, this is not a good idea to check every thread you application has inside since threads can vary depending on OS and installed system software.

Well, thank you for helping. Yeah, I've found that the threads count is different on every operating system. On Windows XP is always 15, but in Windows 7 it's between 25 and 30.
I wanted to do that to detect injection, but it seems I can't.

You may detect injection by the name of the injected module. Use Windows API to enumerate all modules and detect injects by:
- file name
- or, even better, by the module signature, for eg, content of import/export directory, resources, hash of code section etc