shit Asprotect 2.0 help please
 

hi

try many Days create a loader or unpack this File please help me to find the rigt way

ok i load my proggy on olly press F9 ,then stopt ,i press 37 times shif+F9 then i must patch a int41 ( CD 41 ) fill with nop press shit F9 again ,F9 another CD41 must patch the proggi start's with a nag i click ok then come a CD68 fill with NOP and it Runs but i can't find the OEP
another test peid say OEP ist 00420b30 ok I look and I have trace on this point but the fucking ITA :eek: :confused:

can someone help me please

BTW its create a nice reg key ,you cant read or change

Hi the_beginner
 

to get rid of the nag, see why the target comes to 48bf7c check the two calls above and go inside the 48bf7c. I think your oep is at 4110e4 but it is emulated, you don't have to nop anything. To make your life easier patch GetTickCount. By the way you , if you are inline patching then you can get by without knowing the oep.

Regards.

hi

thanks you write i dont nop anything but if i dont nop it terminatet :-( ,bpx on getTickCount wont work ,because the Autor of the Software use a own 30 day counter Trick ist very nice (can't delete :mad: )

cu

I don't mean bpx ,you aren't hiding olly very well, I checked it using olly on xp1 and it works without closing.GetTickCount is also used for protection, but I doubt it will effect olly.

in respond to your post below , please check your pm.

hmmm
i have rename the ollydbg ,have patched the ollydbg,exe hide debugger runs ,i know what you mine but how can I better Hiding???

edit : I have try on 2 pc and 3 system 2xWin2k 1 xp pro sp1 if I not NOP the cd41 and CD68 it's crash :mad: :mad:

OEP: 004727D0 ;)

know be prepared for manual IAT repair

thanks ,but I dont know how can repair my IAT :confused:

Asprotect destroy IAT so you most find it and dump it from memory then you will have to do manual fix and maybe finish it with imprec ..by now i give you my quick working solution.. try ! Nag should be gone as well :D

@Crk

I am interested in unpacking this thing to. I have the same problems like the_beginner
with this stuff.

Can you please discribe how you find the OEP and how you fix the IAT ?

Unfortunately, i can't download your attachement.

i find OEP manually with BPX on API getmodulehandlea and about IAT i can't fix it. this is newest Asprotect 2.x. maybe britedream has a solution for us :D

@ Crk tahks for your loader but it's work on my PC :-( ,i have many play with the Date soo my time it's over , can you tell me how you make the loader so ca i fix the exe file because I Know what I must change (I have cracked some version befor packet with yoda then asprotect 1,2x)
cu

if you know what you must change, then make a loader. killing the process crc check is easy (pm me if you want to know how)...