Protected Windows driver has subsystem changed from Native to Windows GUI

Issues related to VMProtect
Post Reply
maxion
Posts: 2
Joined: Mon May 11, 2026 2:15 pm

Protected Windows driver has subsystem changed from Native to Windows GUI

Post by maxion »

Hello,

We use VMProtect to virtualize some functions in our Windows driver. The driver is working fine after it is packed with VMProtect but I noticed the subsystem of the driver was changed from Native to Windows GUI. Do I need to do post-processing on the driver to fix this or I did something wrong here?

Thanks.
Top
Admin
Site Admin
Posts: 2823
Joined: Mon Aug 21, 2006 8:19 pm
Location: Russia, E-burg
Contact:
Contact Admin

Re: Protected Windows driver has subsystem changed from Native to Windows GUI

Post by Admin »

Do you have an example (original SYS+VMP file) that shows your problem?
Top
maxion
Posts: 2
Joined: Mon May 11, 2026 2:15 pm

Re: Protected Windows driver has subsystem changed from Native to Windows GUI

Post by maxion »

Just found out it was our mistake. We have changed linker flags from /DRIVER:WDM to /DRIVER, which also cause subsystem to change from NATIVE to WINDOWS. Specify /SUBSYSTEM:NATIVE manually fixed the problem.
Top
Admin
Site Admin
Posts: 2823
Joined: Mon Aug 21, 2006 8:19 pm
Location: Russia, E-burg
Contact:
Contact Admin

Re: Protected Windows driver has subsystem changed from Native to Windows GUI

Post by Admin »

The latest version of VMProtect shows all fields from PE headers:
Attachments
screen.png
screen.png (77.72 KiB) Viewed 53 times
Top
Post Reply

Return to “Technical questions”