PE protection

[Deye]

Hi,

Not sure if I understand how a compiled script loads
Like if there is any protections implemented - to some level at the loading time

Or is it that there shouldn't be any special difference if I simply include my functions at the beginning the script for protections and this has nothing to do with what the compiler does or adds or could do in the PE header ..

Functions that will act like: for instance :

https://www.codeproject.com/Articles/1090943/Anti-Debug-Protection-Techniques-Implementation-an
https://www.codeproject.com/articles/30815/an-anti-reverse-engineering-guide

One more thing:

https://www.pelock.com/products/pelock
Section: Compatibility with antivirus software 

what can possibly be made to make things work as mentioned there

trying to find any good leads on the topic 

Thanks

Edit:

I'm guessing these kind of things are done with a PE Wrapper\packer

here is a list for some available packers  https://en.wikipedia.org/wiki/Executable_compression#List_of_packers 

I understand most are not all suited for an autoit compiled script .. and offer very little compared to pelock

The autoit compiler offers the /no/pack option 
what can be a plan to extend its options and have it do other stuff with  added features as in pelock

I'm after being able to run some custom made functions at the Wrapper time
For instance get an HWID string and run it against some other string to check if it correctly decrypts to some protected string

All in all that it can be protected to some level, especially from wannabe hackers 

@ thriving to solve the false positive alerts as well ..

Edited February 9, 2018 by Deye

[Deye]

To any expert one reading: if you have an interest in any of the points I had tried pointing out to @ OP and can briefly or extendedly explain about a strategy..  Then please pitch in

Thanks