[LaBBa]

well all that i have found out more about the Crashes of the App
is this :

00402262 . 83C0 03 ADD EAX,3
00402265 > C1F8 02 SAR EAX,2
00402268 . 8B15 24E65600 MOV EDX,DWORD PTR DS:[56E624]
0040226E . 8B5482 F4 MOV EDX,DWORD PTR DS:[EDX+EAX*4-C]
00402272 . 85D2 TEST EDX,EDX
00402274 . 74 79 JE SHORT Dump_.004022EF
00402276 . 8BF2 MOV ESI,EDX
00402278 . 8BC6 MOV EAX,ESI

at : MOV EDX,DWORD PTR DS:[EDX+EAX*4-C]
with an error of Read Access Violation
and ther is more of those
some with an Error of Write Access Violation..

at the Packed file at Olly u can see that

DWORD PTR DS:[EDX+EAX*4-C] = 00000000

and at the unpacked file u can see that :

DWORD PTR DS:[EDX+EAX*4-C] = ?????????

realy wierd ! all other places are like that ..

well at ASPR Stripper i saw it doing somtimes those lines at some other unpacked apps : i.e :

ApiEntry RVA :0001e984 *esp = (00a738fd, 00a63861, 0012ffe0)
ApiEntry RVA :000181dc *esp = (00a739f1, 00000010, 00000010)
ApiEntry RVA :000012cc *esp = (00a73b2f, 004012c8, 0012ffe0)

what those lines are for ??? i think this could help to solve this thing...