diff --git a/include/transform.hpp b/include/transform.hpp
index bc2ef88..f0a4624 100644
--- a/include/transform.hpp
+++ b/include/transform.hpp
@@ -211,7 +211,7 @@ namespace vm
}
}
- inline bool has_imm( zydis_decoded_instr_t *instr )
+ inline bool has_imm( const zydis_decoded_instr_t *instr )
{
return instr->operand_count > 1 && ( instr->operands[ 1 ].type & ZYDIS_OPERAND_TYPE_IMMEDIATE );
}
diff --git a/src/vminstrs.cpp b/src/vminstrs.cpp
index 99ebf3f..9d92817 100644
--- a/src/vminstrs.cpp
+++ b/src/vminstrs.cpp
@@ -7,48 +7,48 @@ namespace vm
std::pair< std::uint64_t, std::uint64_t > decrypt_operand( transform::map_t &transforms, std::uint64_t operand,
std::uint64_t rolling_key )
{
- const auto generic_decrypt_0 = &transforms[ transform::type::generic0 ];
- const auto key_decrypt = &transforms[ transform::type::rolling_key ];
- const auto generic_decrypt_1 = &transforms[ transform::type::generic1 ];
- const auto generic_decrypt_2 = &transforms[ transform::type::generic2 ];
- const auto generic_decrypt_3 = &transforms[ transform::type::generic3 ];
- const auto update_key = &transforms[ transform::type::update_key ];
-
- if ( generic_decrypt_0->mnemonic != ZYDIS_MNEMONIC_INVALID )
+ const auto& generic_decrypt_0 = transforms[ transform::type::generic0 ];
+ const auto& key_decrypt = transforms[ transform::type::rolling_key ];
+ const auto& generic_decrypt_1 = transforms[ transform::type::generic1 ];
+ const auto& generic_decrypt_2 = transforms[ transform::type::generic2 ];
+ const auto& generic_decrypt_3 = transforms[ transform::type::generic3 ];
+ const auto& update_key = transforms[ transform::type::update_key ];
+
+ if ( generic_decrypt_0.mnemonic != ZYDIS_MNEMONIC_INVALID )
{
operand = transform::apply(
- generic_decrypt_0->operands[ 0 ].size, generic_decrypt_0->mnemonic, operand,
+ generic_decrypt_0.operands[ 0 ].size, generic_decrypt_0.mnemonic, operand,
// check to see if this instruction has an IMM...
- transform::has_imm( generic_decrypt_0 ) ? generic_decrypt_0->operands[ 1 ].imm.value.u : 0 );
+ transform::has_imm( &generic_decrypt_0 ) ? generic_decrypt_0.operands[ 1 ].imm.value.u : 0 );
}
// apply transformation with rolling decrypt key...
- operand = transform::apply( key_decrypt->operands[ 0 ].size, key_decrypt->mnemonic, operand, rolling_key );
+ operand = transform::apply( key_decrypt.operands[ 0 ].size, key_decrypt.mnemonic, operand, rolling_key );
// apply three generic transformations...
{
operand = transform::apply(
- generic_decrypt_1->operands[ 0 ].size, generic_decrypt_1->mnemonic, operand,
+ generic_decrypt_1.operands[ 0 ].size, generic_decrypt_1.mnemonic, operand,
// check to see if this instruction has an IMM...
- transform::has_imm( generic_decrypt_1 ) ? generic_decrypt_1->operands[ 1 ].imm.value.u : 0 );
+ transform::has_imm( &generic_decrypt_1 ) ? generic_decrypt_1.operands[ 1 ].imm.value.u : 0 );
operand = transform::apply(
- generic_decrypt_2->operands[ 0 ].size, generic_decrypt_2->mnemonic, operand,
+ generic_decrypt_2.operands[ 0 ].size, generic_decrypt_2.mnemonic, operand,
// check to see if this instruction has an IMM...
- transform::has_imm( generic_decrypt_2 ) ? generic_decrypt_2->operands[ 1 ].imm.value.u : 0 );
+ transform::has_imm( &generic_decrypt_2 ) ? generic_decrypt_2.operands[ 1 ].imm.value.u : 0 );
operand = transform::apply(
- generic_decrypt_3->operands[ 0 ].size, generic_decrypt_3->mnemonic, operand,
+ generic_decrypt_3.operands[ 0 ].size, generic_decrypt_3.mnemonic, operand,
// check to see if this instruction has an IMM...
- transform::has_imm( generic_decrypt_3 ) ? generic_decrypt_3->operands[ 1 ].imm.value.u : 0 );
+ transform::has_imm( &generic_decrypt_3 ) ? generic_decrypt_3.operands[ 1 ].imm.value.u : 0 );
}
// update rolling key...
auto result =
- transform::apply( update_key->operands[ 0 ].size, update_key->mnemonic, rolling_key, operand );
+ transform::apply( update_key.operands[ 0 ].size, update_key.mnemonic, rolling_key, operand );
// update decryption key correctly...
- switch ( update_key->operands[ 0 ].size )
+ switch ( update_key.operands[ 0 ].size )
{
case 8:
rolling_key = ( rolling_key & ~0xFFull ) + result;
@@ -70,18 +70,18 @@ namespace vm
transform::map_t inverse;
inverse_transforms( transforms, inverse );
- const auto generic_decrypt_0 = &inverse[ transform::type::generic0 ];
- const auto key_decrypt = &inverse[ transform::type::rolling_key ];
- const auto generic_decrypt_1 = &inverse[ transform::type::generic1 ];
- const auto generic_decrypt_2 = &inverse[ transform::type::generic2 ];
- const auto generic_decrypt_3 = &inverse[ transform::type::generic3 ];
- const auto update_key = &inverse[ transform::type::update_key ];
+ const auto& generic_decrypt_0 = inverse[ transform::type::generic0 ];
+ const auto& key_decrypt = inverse[ transform::type::rolling_key ];
+ const auto& generic_decrypt_1 = inverse[ transform::type::generic1 ];
+ const auto& generic_decrypt_2 = inverse[ transform::type::generic2 ];
+ const auto& generic_decrypt_3 = inverse[ transform::type::generic3 ];
+ const auto& update_key = inverse[ transform::type::update_key ];
auto result =
- transform::apply( update_key->operands[ 0 ].size, update_key->mnemonic, rolling_key, operand );
+ transform::apply( update_key.operands[ 0 ].size, update_key.mnemonic, rolling_key, operand );
// make sure we update the rolling decryption key correctly...
- switch ( update_key->operands[ 0 ].size )
+ switch ( update_key.operands[ 0 ].size )
{
case 8:
rolling_key = ( rolling_key & ~0xFFull ) + result;
@@ -96,29 +96,29 @@ namespace vm
{
operand = transform::apply(
- generic_decrypt_3->operands[ 0 ].size, generic_decrypt_3->mnemonic, operand,
+ generic_decrypt_3.operands[ 0 ].size, generic_decrypt_3.mnemonic, operand,
// check to see if this instruction has an IMM...
- transform::has_imm( generic_decrypt_3 ) ? generic_decrypt_3->operands[ 1 ].imm.value.u : 0 );
+ transform::has_imm( &generic_decrypt_3 ) ? generic_decrypt_3.operands[ 1 ].imm.value.u : 0 );
operand = transform::apply(
- generic_decrypt_2->operands[ 0 ].size, generic_decrypt_2->mnemonic, operand,
+ generic_decrypt_2.operands[ 0 ].size, generic_decrypt_2.mnemonic, operand,
// check to see if this instruction has an IMM...
- transform::has_imm( generic_decrypt_2 ) ? generic_decrypt_2->operands[ 1 ].imm.value.u : 0 );
+ transform::has_imm( &generic_decrypt_2 ) ? generic_decrypt_2.operands[ 1 ].imm.value.u : 0 );
operand = transform::apply(
- generic_decrypt_1->operands[ 0 ].size, generic_decrypt_1->mnemonic, operand,
+ generic_decrypt_1.operands[ 0 ].size, generic_decrypt_1.mnemonic, operand,
// check to see if this instruction has an IMM...
- transform::has_imm( generic_decrypt_1 ) ? generic_decrypt_1->operands[ 1 ].imm.value.u : 0 );
+ transform::has_imm( &generic_decrypt_1 ) ? generic_decrypt_1.operands[ 1 ].imm.value.u : 0 );
}
- operand = transform::apply( key_decrypt->operands[ 0 ].size, key_decrypt->mnemonic, operand, rolling_key );
+ operand = transform::apply( key_decrypt.operands[ 0 ].size, key_decrypt.mnemonic, operand, rolling_key );
- if ( generic_decrypt_0->mnemonic != ZYDIS_MNEMONIC_INVALID )
+ if ( generic_decrypt_0.mnemonic != ZYDIS_MNEMONIC_INVALID )
{
operand = transform::apply(
- generic_decrypt_0->operands[ 0 ].size, generic_decrypt_0->mnemonic, operand,
+ generic_decrypt_0.operands[ 0 ].size, generic_decrypt_0.mnemonic, operand,
// check to see if this instruction has an IMM...
- transform::has_imm( generic_decrypt_0 ) ? generic_decrypt_0->operands[ 1 ].imm.value.u : 0 );
+ transform::has_imm( &generic_decrypt_0 ) ? generic_decrypt_0.operands[ 1 ].imm.value.u : 0 );
}
return { operand, rolling_key };
diff --git a/src/vmprofiler.vcxproj b/src/vmprofiler.vcxproj
deleted file mode 100644
index 29a1f7d..0000000
--- a/src/vmprofiler.vcxproj
+++ /dev/null
@@ -1,184 +0,0 @@
-
-
-
-
- DBG
- x64
-
-
- Release
- x64
-
-
-
- 16.0
- Win32Proj
- {D0B6092A-9944-4F24-9486-4B7DAE372619}
- vmprofiler
- 10.0
- vmprofiler
-
-
-
- StaticLibrary
- false
- v142
- true
- Unicode
-
-
- StaticLibrary
- false
- v142
- true
- Unicode
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- false
- $(ProjectDir);$(ProjectDir)..\dependencies\zydis\msvc;$(ProjectDir)..\dependencies\zydis\dependencies\zycore\include;$(ProjectDir)..\include;$(ProjectDir)..\dependencies\zydis\include;$(IncludePath)
-
-
- false
- $(ProjectDir);$(ProjectDir)..\dependencies\zydis\msvc;$(ProjectDir)..\dependencies\zydis\dependencies\zycore\include;$(ProjectDir)..\include;$(ProjectDir)..\dependencies\zydis\include;$(IncludePath)
-
-
-
- Level3
- true
- true
- true
- NDEBUG;_CONSOLE;ZYDIS_STATIC_DEFINE;%(PreprocessorDefinitions)
- true
- stdcpplatest
- Disabled
- MultiThreadedDLL
-
-
- Console
- true
- true
- true
- $(ProjectDir)..\libs\*;%(AdditionalDependencies)
-
-
- true
-
-
-
-
- Level3
- true
- true
- true
- NDEBUG;_CONSOLE;%(PreprocessorDefinitions)
- true
- stdcpplatest
- Disabled
- MultiThreadedDebugDLL
-
-
- Console
- true
- true
- true
- $(ProjectDir)..\libs\*;%(AdditionalDependencies)
-
-
- true
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- {88a23124-5640-35a0-b890-311d7a67a7d2}
-
-
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/vmprofiler.sln b/vmprofiler.sln
index 016b13a..c4b9ee3 100644
--- a/vmprofiler.sln
+++ b/vmprofiler.sln
@@ -3,12 +3,14 @@ Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio Version 16
VisualStudioVersion = 16.0.30907.101
MinimumVisualStudioVersion = 10.0.40219.1
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "vmprofiler", "src\vmprofiler.vcxproj", "{D0B6092A-9944-4F24-9486-4B7DAE372619}"
-EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Zydis", "dependencies\zydis\msvc\zydis\Zydis.vcxproj", "{88A23124-5640-35A0-B890-311D7A67A7D2}"
EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "vmprofiler", "vmprofiler.vcxproj", "{D0B6092A-9944-4F24-9486-4B7DAE372619}"
+EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
+ DBG|x64 = DBG|x64
+ DBG|x86 = DBG|x86
Debug Kernel|x64 = Debug Kernel|x64
Debug Kernel|x86 = Debug Kernel|x86
Debug MD DLL|x64 = Debug MD DLL|x64
@@ -33,49 +35,10 @@ Global
Release|x86 = Release|x86
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug Kernel|x64.ActiveCfg = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug Kernel|x64.Build.0 = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug Kernel|x86.ActiveCfg = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug Kernel|x86.Build.0 = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MD DLL|x64.ActiveCfg = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MD DLL|x64.Build.0 = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MD DLL|x86.ActiveCfg = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MD DLL|x86.Build.0 = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MD|x64.ActiveCfg = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MD|x64.Build.0 = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MD|x86.ActiveCfg = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MD|x86.Build.0 = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MT DLL|x64.ActiveCfg = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MT DLL|x64.Build.0 = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MT DLL|x86.ActiveCfg = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MT DLL|x86.Build.0 = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MT|x64.ActiveCfg = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MT|x64.Build.0 = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MT|x86.ActiveCfg = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MT|x86.Build.0 = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release Kernel|x64.ActiveCfg = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release Kernel|x64.Build.0 = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release Kernel|x86.ActiveCfg = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release Kernel|x86.Build.0 = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MD DLL|x64.ActiveCfg = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MD DLL|x64.Build.0 = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MD DLL|x86.ActiveCfg = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MD DLL|x86.Build.0 = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MD|x64.ActiveCfg = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MD|x64.Build.0 = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MD|x86.ActiveCfg = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MD|x86.Build.0 = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MT DLL|x64.ActiveCfg = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MT DLL|x64.Build.0 = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MT DLL|x86.ActiveCfg = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MT DLL|x86.Build.0 = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MT|x64.ActiveCfg = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MT|x64.Build.0 = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MT|x86.ActiveCfg = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MT|x86.Build.0 = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release|x64.ActiveCfg = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release|x64.Build.0 = Release|x64
- {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release|x86.ActiveCfg = Release|x64
+ {88A23124-5640-35A0-B890-311D7A67A7D2}.DBG|x64.ActiveCfg = Debug MT|x64
+ {88A23124-5640-35A0-B890-311D7A67A7D2}.DBG|x64.Build.0 = Debug MT|x64
+ {88A23124-5640-35A0-B890-311D7A67A7D2}.DBG|x86.ActiveCfg = Debug MT|Win32
+ {88A23124-5640-35A0-B890-311D7A67A7D2}.DBG|x86.Build.0 = Debug MT|Win32
{88A23124-5640-35A0-B890-311D7A67A7D2}.Debug Kernel|x64.ActiveCfg = Debug Kernel|x64
{88A23124-5640-35A0-B890-311D7A67A7D2}.Debug Kernel|x64.Build.0 = Debug Kernel|x64
{88A23124-5640-35A0-B890-311D7A67A7D2}.Debug Kernel|x64.Deploy.0 = Debug Kernel|x64
@@ -124,6 +87,52 @@ Global
{88A23124-5640-35A0-B890-311D7A67A7D2}.Release|x64.Build.0 = Release MD DLL|x64
{88A23124-5640-35A0-B890-311D7A67A7D2}.Release|x86.ActiveCfg = Release MT DLL|Win32
{88A23124-5640-35A0-B890-311D7A67A7D2}.Release|x86.Build.0 = Release MT DLL|Win32
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.DBG|x64.ActiveCfg = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.DBG|x64.Build.0 = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.DBG|x86.ActiveCfg = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug Kernel|x64.ActiveCfg = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug Kernel|x64.Build.0 = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug Kernel|x86.ActiveCfg = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug Kernel|x86.Build.0 = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MD DLL|x64.ActiveCfg = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MD DLL|x64.Build.0 = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MD DLL|x86.ActiveCfg = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MD DLL|x86.Build.0 = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MD|x64.ActiveCfg = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MD|x64.Build.0 = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MD|x86.ActiveCfg = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MD|x86.Build.0 = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MT DLL|x64.ActiveCfg = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MT DLL|x64.Build.0 = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MT DLL|x86.ActiveCfg = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MT DLL|x86.Build.0 = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MT|x64.ActiveCfg = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MT|x64.Build.0 = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MT|x86.ActiveCfg = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Debug MT|x86.Build.0 = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release Kernel|x64.ActiveCfg = Release|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release Kernel|x64.Build.0 = Release|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release Kernel|x86.ActiveCfg = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release Kernel|x86.Build.0 = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MD DLL|x64.ActiveCfg = Release|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MD DLL|x64.Build.0 = Release|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MD DLL|x86.ActiveCfg = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MD DLL|x86.Build.0 = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MD|x64.ActiveCfg = Release|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MD|x64.Build.0 = Release|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MD|x86.ActiveCfg = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MD|x86.Build.0 = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MT DLL|x64.ActiveCfg = Release|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MT DLL|x64.Build.0 = Release|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MT DLL|x86.ActiveCfg = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MT DLL|x86.Build.0 = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MT|x64.ActiveCfg = Release|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MT|x64.Build.0 = Release|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MT|x86.ActiveCfg = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release MT|x86.Build.0 = DBG|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release|x64.ActiveCfg = Release|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release|x64.Build.0 = Release|x64
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}.Release|x86.ActiveCfg = Release|x64
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
diff --git a/vmprofiler.vcxproj b/vmprofiler.vcxproj
new file mode 100644
index 0000000..760225c
--- /dev/null
+++ b/vmprofiler.vcxproj
@@ -0,0 +1,182 @@
+
+
+
+
+ DBG
+ x64
+
+
+ Release
+ x64
+
+
+
+ 16.0
+ Win32Proj
+ {D0B6092A-9944-4F24-9486-4B7DAE372619}
+ vmprofiler
+ 10.0
+ vmprofiler
+
+
+
+ StaticLibrary
+ false
+ v142
+ true
+ Unicode
+
+
+ StaticLibrary
+ false
+ v142
+ true
+ Unicode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ false
+ $(ProjectDir)dependencies\zydis\msvc;$(ProjectDir)dependencies\zydis\dependencies\zycore\include;$(ProjectDir)include;$(ProjectDir)dependencies\zydis\include;$(IncludePath)
+
+
+ false
+ $(ProjectDir)dependencies\zydis\msvc;$(ProjectDir)dependencies\zydis\dependencies\zycore\include;$(ProjectDir)include;$(ProjectDir)dependencies\zydis\include;$(IncludePath)
+
+
+
+ Level3
+ true
+ true
+ true
+ NDEBUG;_CONSOLE;ZYDIS_STATIC_DEFINE;%(PreprocessorDefinitions)
+ true
+ stdcpplatest
+ Disabled
+ MultiThreadedDLL
+
+
+ Console
+ true
+ true
+ true
+ $(ProjectDir)..\libs\*;%(AdditionalDependencies)
+
+
+ true
+
+
+
+
+ Level3
+ true
+ true
+ true
+ NDEBUG;_CONSOLE;%(PreprocessorDefinitions)
+ true
+ stdcpplatest
+ Disabled
+ MultiThreadedDebugDLL
+
+
+ Console
+ true
+ true
+ true
+ $(ProjectDir)..\libs\*;%(AdditionalDependencies)
+
+
+ true
+
+
+
+
+ {88a23124-5640-35a0-b890-311d7a67a7d2}
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/src/vmprofiler.vcxproj.filters b/vmprofiler.vcxproj.filters
similarity index 50%
rename from src/vmprofiler.vcxproj.filters
rename to vmprofiler.vcxproj.filters
index 8d3fb39..99d0148 100644
--- a/src/vmprofiler.vcxproj.filters
+++ b/vmprofiler.vcxproj.filters
@@ -9,236 +9,230 @@
{93995380-89BD-4b04-88EB-625FBE52EBFB}
h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd
-
- {b85373f1-1f33-4b4f-aadd-04432b6d62f0}
+
+ {388154c1-cb08-493f-88fb-7e16cfffa010}
-
- {f57dabfd-2fe1-46a9-96d5-990cd620eda3}
+
+ {5bb0ecc9-da37-4a13-8958-3c8eef2ceab5}
-
- {40b5c3d5-2a68-4f45-b655-b621ef669204}
+
+ {89c9e25e-6ed2-4fe5-a340-d1069097b7cf}
- {4dc3025a-a1f4-460d-b992-1ed53e44f2c0}
+ {a2348d30-59b2-4f94-b3fd-56a5ba9fdf82}
-
- {a4d9e340-8f8c-4606-bce8-58b86119c829}
+
+ {ea095705-fd73-4d97-af37-9960074282fb}
-
- {388154c1-cb08-493f-88fb-7e16cfffa010}
+
+ {e64d3416-311e-4d5d-8855-266011fdbcec}
-
- {5bb0ecc9-da37-4a13-8958-3c8eef2ceab5}
+
+ {b4d15e7c-77b4-497f-89ea-cb7366955816}
-
- Source Files
-
-
- Source Files\vmprofiles
-
-
- Source Files\vmprofiles
-
-
- Source Files\vmprofiles
-
-
- Source Files\vmprofiles
-
-
- Source Files\vmprofiles
-
-
- Source Files\vmprofiles
-
-
- Source Files\vmprofiles
-
-
- Source Files\vmprofiles
-
-
- Source Files\vmprofiles
-
-
- Source Files\vmprofiles
-
-
- Source Files\vmprofiles
-
-
- Source Files\vmprofiles
-
-
- Source Files\vmprofiles
-
-
- Source Files\vmprofiles
-
-
- Source Files
-
-
- Source Files
-
-
- Source Files
-
-
- Source Files\vmprofiles
-
-
- Source Files\vmprofiles
-
-
-
-
- Header Files
+
+ Header Files\Zycore
-
- Header Files
+
+ Header Files\Zycore
-
- Header Files
+
+ Header Files\Zycore
-
- Header Files\Zydis\Generated
+
+ Header Files\Zycore
-
- Header Files\Zydis\Generated
+
+ Header Files\Zycore
-
- Header Files\Zydis\Generated
+
+ Header Files\Zycore
-
- Header Files\Zydis\Generated
+
+ Header Files\Zycore
-
- Header Files\Zydis\Generated
+
+ Header Files\Zycore
-
- Header Files\Zydis\Internal
+
+ Header Files\Zycore
-
- Header Files\Zydis\Internal
+
+ Header Files\Zycore
-
- Header Files\Zydis\Internal
+
+ Header Files\Zycore
-
- Header Files\Zydis\Internal
+
+ Header Files\Zycore
-
- Header Files\Zydis\Internal
+
+ Header Files\Zycore
-
- Header Files\Zydis\Internal
+
+ Header Files\Zycore
-
- Header Files\Zydis
+
+ Header Files\Zycore\API
-
- Header Files\Zydis
+
+ Header Files\Zycore\API
-
- Header Files\Zydis
+
+ Header Files\Zycore\API
-
- Header Files\Zydis
+
+ Header Files\Zycore\API
-
+
Header Files\Zydis
-
+
Header Files\Zydis
-
+
Header Files\Zydis
-
+
Header Files\Zydis
-
+
Header Files\Zydis
-
+
Header Files\Zydis
-
+
Header Files\Zydis
-
+
Header Files\Zydis
-
- Header Files\Zycore\API
-
-
- Header Files\Zycore\API
-
-
- Header Files\Zycore\API
+
+ Header Files\Zydis
-
- Header Files\Zycore\API
+
+ Header Files\Zydis
-
- Header Files\Zycore
+
+ Header Files\Zydis
-
- Header Files\Zycore
+
+ Header Files\Zydis
-
- Header Files\Zycore
+
+ Header Files\Zydis\Internal
-
- Header Files\Zycore
+
+ Header Files\Zydis\Internal
-
- Header Files\Zycore
+
+ Header Files\Zydis\Internal
-
- Header Files\Zycore
+
+ Header Files\Zydis\Internal
-
- Header Files\Zycore
+
+ Header Files\Zydis\Internal
-
- Header Files\Zycore
+
+ Header Files\Zydis\Internal
-
- Header Files\Zycore
+
+ Header Files\Zydis\Generated
-
- Header Files\Zycore
+
+ Header Files\Zydis\Generated
-
- Header Files\Zycore
+
+ Header Files\Zydis\Generated
-
- Header Files\Zycore
+
+ Header Files\Zydis\Generated
-
- Header Files\Zycore
+
+ Header Files\Zydis\Generated
-
- Header Files\Zycore
+
+ Header Files
-
+
Header Files
-
+
Header Files
-
+
Header Files
-
+
Resources
+
+
+ Source Files\vmprofiles
+
+
+ Source Files\vmprofiles
+
+
+ Source Files\vmprofiles
+
+
+ Source Files\vmprofiles
+
+
+ Source Files\vmprofiles
+
+
+ Source Files\vmprofiles
+
+
+ Source Files\vmprofiles
+
+
+ Source Files\vmprofiles
+
+
+ Source Files\vmprofiles
+
+
+ Source Files\vmprofiles
+
+
+ Source Files\vmprofiles
+
+
+ Source Files\vmprofiles
+
+
+ Source Files\vmprofiles
+
+
+ Source Files\vmprofiles
+
+
+ Source Files\vmprofiles
+
+
+ Source Files\vmprofiles
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
+ Source Files
+
+
\ No newline at end of file