[hobgoblin]

Greetings on the board,
I have just spent some time trying to unpack a program called Newsleecher 1.0 beta 18. (I have a few weeks a go unpacked beta 15 without problems). Now, when I use same method as last time, I get problems. This is the kind of arma that uses WriteProcessmemory with 2 bytes and so on. I manage to dump it, and to fix the IAT table ( at least that's how it looks to me). The problems occur when I try to run the dumped file. The program stops when it arrives at some strange jumps. When I trace this jumps in the original file, the program executes some code that looks quite uneccessary ( it looks unecessary to me), then it jumps back to the code location right after the jump instruction. The jump leads to a location in the arma code, I believe. But since it jumps right back, it can be skipped. (Again, that's how it looks to me).
My question is: Can someone interested in Arma stuff please take a look at this program, and (hopefully) tell me what seems to be the problem?
If the interested person(s) prefer to communicate via mail, this is my address:
hobgoblin.at.chello.no
The program can be found at hxxp.www.newsleecher.com.

For the record: I don't care about the program, I'm just interested in unpacking it.

regards and TIA,
hobgoblin