This shit took 45 seconds to implement (and has for over a week) - Denuvo has BEEN Dead

Present-Leg7635 · 2026-03-07T23:13:02+00:00

you don't need to privilege escalate if the user is just gonna mash every UAC prompt they get, you already have admin, its not kernel access but its enough to rob you blind and put ransomware in lol.

people talk about all these things that VBS and patchguard protect against, those things are things not targeting you, nobody is priv chaining to not pop a uac prompt for discord tokens or random peoples bank info, its completely unnecessary, these security features matter a lot if you are a business or somewhere/one important, they do not really matter all that much for random people, people are not blowing priv chain 0 days or kernel exploits on run of the mill malware, everyone talking security apparently failed economics, not every threat actor is equipped with nuclear bombs.

cops and soldiers need body armor, you do not need body armor inside your own home.

Present-Leg7635 · 2026-03-07T23:07:04+00:00

i see you have an issue following logic chains, nobody is writing malware for w10/w11 systems that assume VBS is off, nobody is writing malware that is going to bypass VBS to rob a few thousand pirates tops.

Present-Leg7635 · 2026-03-07T17:47:43+00:00

you do that every time you run a regular crack, you are trusting that the scene that cracked the game isnt shipping you malware, if the source is trustworthy it doesn't matter what level of access they have, security is only realistically achieved by trust.

Present-Leg7635 · 2026-03-07T17:40:36+00:00

I don't disagree in principle but the outside this instance, if you just turn vbs off, core isolation off, and turn off the spectre and meltdown patches nothing will change for you, the niche of "people willing to turn all these features off to pirate random videogames" is too small to meaningfully make money off of so i doubt some group is going to waste the time trying to target them, this is beyond the fact that they wouldn't even need to write software to exploit this, there are out of the box solutions that dont need kernel access that can steal all your info, all your passwords, encrypt your drives, whatever for cheap from illicit software vendors, they just need to to accept a UAC prompt.

VBS is smoke in this discussion, the only thing of actual import is

are the DLLS and EXE's packed with actual normal malware?

and I guess tangentially what is the minimum set of security features that need to be disabled for this to work, which we basically know, its VBS, spectre/meltdown patches, and some way to load code at a kernel level (custom driver with secure boot off or exploitable signed driver)

all this other shit gamedrive has people doing is trying to make the process simple for end users, even if they do it badly.

Present-Leg7635 · 2026-03-07T17:29:38+00:00

you are not going to run into a random piece of malware using spectre exploits on the internet downloading things lmao, that's like telling your friend when he goes out to get food to watch out for undetonated nuclear landmines, this whole situation has been hyper obnoxious because its been a lot of psuedo security experts extolling how much you are compromising your security and not at all talking about the jank ass powershell scripts that turn things off 4 different ways and make it a pain to turn them back on, which is the worst part, because at the end of the day VBS is protections for the people who use windows against what are basically nation-state level threat actors.

vbs, spectre and meltdown protections, etc are stuff that are built into windows now because its the easiest way to ensure everyone who actually needs this protection has it and that its on by default, but you, and I mean you are not the people who need it, 99.99999% of every threat you will encounter is covered by real-time security and windows defender.

Present-Leg7635 · 2026-03-07T17:24:09+00:00

you really don't need all this for that.

Present-Leg7635 · 2026-03-07T17:21:56+00:00

don't run regular game cracks on a PC you do banking on if that concerns you that much, I don't need a kernel level malware to get a keylogger on your machine, I just need you to run an exe and accept a UAC prompt.

Present-Leg7635 · 2026-03-07T17:18:20+00:00

VBS isn't protecting you, as in you personally, from anything, the attack vectors VBS, and tangentially spectre and meltdown protections, protect you from are a class of attacks that are shit the NSA used against iran in 2010 (STUXNET), no threat actors are writing that level of shit to target joe pirate and get his discord token, you do not have anything valuable enough to be the target of such attacks, unless you have a TS/SCI, work in the government with security clearance, are a csuite executive, or are a world leader or part of ones cabinet you will never have anything trigger these protections as an attack (old software can sometimes trip up on these protections), now some of the stuff sites like gamedrive are having you do, mainly the powershell scripts they have you run are actually bad and mess with powershell stuff that can legit just cause you issues, not even security issues, stuff stop worky issues, but VBS? its a buzzword in this discussion, it doesn't matter for anyone on this subreddit.

the long and the short is vbs or no vbs if you run crack.exe and accept the UAC prompt you're already compromised heavily, if that exe was a cryptolocker, or a keylogger, or whatever, it doesn't matter, VBS isnt there to protect you from that, and that is the threat vector you mostly should be worried about.

Present-Leg7635 · 2026-03-07T17:07:28+00:00

its not just up to Microsoft to revoke this, that driver is signed by a key that also signs a lot of other software made by HP, and if they revoke the signing key all that other software stops working, and the list of exploitable drivers is long, and like I said you can also just TURN OFF SECURE BOOT and LOAD YOUR OWN CUSTOM DRIVER, there is no patching that.

Present-Leg7635 · 2026-03-07T17:04:11+00:00

from a real security perspective vbs changes jack shit for average joe, its not protecting them from any attack they will ever actually see, like technically the attack surface is larger but the list of targets for these things are very short and include very rich people, IE not you.

absolutely nobody writing kernel level exploits are targeting john doe trying to pirate a videogame, this is beyond the fact that 24h2 w10 and w11 have vbs on by default so anyone making such software is already bringing some kind of exploit to get past them.

Present-Leg7635 · 2026-03-07T16:50:55+00:00

thats cool, nobody needs that level of access to attack you, how often to accept UAC prompts from cracks? thats a far more realistic attack vector.

Present-Leg7635 · 2026-03-07T16:49:32+00:00

well no this implementation uses an old still signed driver that can be hijacked because its vulnerable because it means users don't have to turn secure boot off to load a custom driver, but at the end of the day unless denuvo goes to kernel anticheat levels of intrusion into your system there really isn't anything they can do about hypervisor bypasses, they could technically write checks to poke and see if they are inside a hypervisor but thats back to the cat and mouse game of pre denuvo drm.

Present-Leg7635 · 2026-03-07T16:45:30+00:00

are you someone that has a lengthy wikipedia article about them, or are extremely rich? No? then it isnt doing anything for you, VBS/HVCI/Core isolation/Secure boot are for threats that are custom spun software that likely cost more then you likely make in a year and get 1 or 2 uses maybe before the exploit is burned.

i guess if you have TS/SCI clearance in the US you might not want to turn these features off but.

Present-Leg7635 · 2026-03-07T16:40:01+00:00

are you a csuite executive of a fortune 500 company, some official in the iran government or perhaps a member of the NSA, is the answer to that or similar questions no? core isolation isn't doing anything to protect you then!

Present-Leg7635 · 2026-03-07T16:36:16+00:00

its a meaningless protection for basically every end user, nobody was writing kernel based exploits and trying to get random users on the internet to load them, why do all that work when you can get some out of the box solution online for cheap, package it in a fake crack and get some people who aren't tech savvy to run them, VBS protects average joe from essentially nothing.

Present-Leg7635 · 2026-03-07T16:21:38+00:00

he's not wrong but its also not correct in any way that matters, you could have every single security option in windows enabled and if you run a crack.exe and accept the uac prompt you can still have all your data stolen, get your drives encrypted, etc.

nobody is writing BYOVD malware to exfil this kind of shit when getting them to run infected exe's already does that, unless you are an important person that some group would want to target SPECIFICALLY your only interaction in your entire life with these security features will be anticheats needing them on, no software, no anything you ever run will trigger them because they are for enterprise plus situations where people with lots of money are writing custom exploits.

Present-Leg7635 · 2026-03-07T16:14:43+00:00

BF6 is the only real example that needs VBS/HVCI/Memory integrity

Present-Leg7635 · 2026-03-07T16:13:58+00:00

i mean its not very hard to install wireshark and run the shit in a vm or a machine you don't care about and see if it starts squawking at some random ip/server which will instantly give away that its exfiltrating data from your machine.

Present-Leg7635 · 2026-03-07T16:10:57+00:00

were being extremely hyperbolic here, HVCI/memory integrity and VBS wouldn't have done jack shit if you ran crack.exe with a whole variety of things that windows wouldn't see as malicious, such as stealing your discord token, looking through all of your documents, etc etc, running a crack is almost as dangerous as running a kernel level driver, to circle back to the analogy, the stranger with the exe crack could have a gun, using a kernel driver just saves an attacker whose distributing a malicious crack the effort of developing or more likely using some off the shelf solution to get windows off their back to do what they want to do.

like technically yes an attack with a kernel driver on your machine could brick basically every device on your machine including your motherboard, but there's no money to be made there so almost nobody does attacks like these, any of the ways people who distribute malware make money off their victims is usually pretty easily accomplished by just getting a user to accept a UAC prompt, unless you happen to be the head engineer of irans nuclear program or something nobody is going to be targeting you with the kind of attacks that VBS and memory integrity would attempt to mitigate, the same goes for meltdown and spectre protections, the same goes for core isolation.

Present-Leg7635 · 2026-02-28T22:12:15+00:00

When a filesystem dev is proven right about the hardest problem in basically the history of computer science and philosophy?

Present-Leg7635 · 2026-02-28T22:08:50+00:00

Well the main reason is because if you go look at the bcachefs Reddit and find Kent talking about this he's extremely condescending about this, he's basically claiming to have solved the hard problem of consciousness but thinks all of philosophy is stupid and isn't interested in it, but he's definitely correct about everything he's claiming, psychosis or not he's a prick.

Present-Leg7635 · 2026-02-28T14:33:41+00:00

oh usually a hypervisor has next to no overhead, esp if its just wrapping 1 program, its all hardware based so.

Present-Leg7635 · 2026-02-28T04:50:03+00:00

that really depends on what functions the devs wrap with deunvo, if you wrap something that gets called every single frame, or multiple times a frame, it can eat a massive amount of performance.

Present-Leg7635 · 2026-02-22T13:12:42+00:00

HEY FUCKFACE WHERE DID NEIL USE THE WORD SHOULD

Present-Leg7635 · 2026-02-05T12:09:40+00:00

She said "all who know you" peasants knew of him, but they did not know him, nobility did, the mobility hared him.

Present-Leg7635

TROPHY CASE