#2 : Fix code

Protector/AntiDebug.cpp → Protector/AntiDebug.hpp

@@ -1,9 +1,18 @@
 #include <Windows.h>
-
+#include "AntiLibrary.hpp"
 inline bool BasicDebugTriggered()
 {
     if (IsDebuggerPresent())
         return true;
+    //get peb
+#ifdef _WIN64
+    PPEB peb = (PPEB)__readgsqword(0x60);
+    #else
+    PPEB peb = (PPEB)__readfsdword(0x30);
+    #endif
+    auto NtGlobalFlag = peb->NtGlobalFlag;
+    if (NtGlobalFlag & 0x70)
+        return true;
 
     return false;
 }

Protector/AntiLibrary.cpp → Protector/AntiLibrary.hpp

@@ -1,9 +1,13 @@
+#pragma once
 #include <Windows.h>
 #include <stdio.h>
 #include <string>
 #include "Utils.hpp"
+#ifdef _WIN64
 #pragma comment(linker, "/INCLUDE:_tls_used") //Use TLS
-
+#else
+#pragma comment(linker, "/INCLUDE:__tls_used") //Use TLS
+#endif
 typedef struct _PEB_LDR_DATA
 {
     ULONG Length;
@@ -150,9 +154,6 @@ void NTAPI TlsCallback(PVOID DllHandle, DWORD dwReason, PVOID Reserved)
 {
     if (dwReason == DLL_PROCESS_ATTACH)
     {
-        //Check if debugger is present
-        if (IsDebuggerPresent())
-            ExitProcess(0);
         printf("Checking library %p\n", DllHandle);
     }
 }
@@ -191,8 +192,7 @@ __forceinline void CheckLibrary()
             printf("Failed to check digital signature of %ws\n", path);
             continue;
         }
-        printf("file: %ws\n", path);
-        PrintSignatureInfo(signType, catalogFile, SignChain);
+        //printf("file: %ws\n", path);
+        //PrintSignatureInfo(signType, catalogFile, SignChain);
     }
-    system("pause");
 }