hehe i already used that on icztutes if you didnt happen to notice in my post
Quote:
so i tried encrypting icztutes messagebox.exe with all the check boxes checked
it said file successfully encrypted
but i try to run it it doesnt run
i see it fails
CALL ntdll.LdrpRunInitializeRoutines
|
also i loaded the exe itself onto ollydbg to find the magic it uses
seems straight forward i only see it is transforming some thing in pe header to wtf?
and then ciphering off all the import table structure i think that is the problem
he must probably leave a pointer to a dummy import table atleast that points to some dummy import which may or may not be used i think ill try tinkering with the exe that it crypts and then post here
actually i wanted to understand the problem with ollydbg ( i mean what you were meaning by the first question rather than getting involved with unpacking and tinkering with this cryptor but it seems i have to
i did not understand the problem at all
if f99ned olly should run without going to the handler
if shift f99ned olly should run by going through handler
if you used windbg you might have noticed
go with handler
go without handler and all its variants its
the same in olly too
any way unless i have a valid exe with a valid problem i cant check
what the problem is