Avast 5 and Debugging

[TmC]

Hi All,
I've tried to debug Avast5 Internet Security, basically to create a keygenerator, to find out it is debug-protected.

No packers, only plain C++ Code. I succesfully killed the AvastUI process and tried to debug in Olly, but there is something that protects memory and wont let me debug it.

I have been not able to understand if the driver is detecting the process and is trying to protect it, nor if the Process itself tries to protect itself.
I also tried to play with Olly Settings to break not at WinMain OEP but at system breakpoint and even the other third option(thinking of execryptor that performed antidebugging before OEP), but memory errors occur before (can't read/write memory).

So here is the question/discussion: has anyone beein able to debug it? are there any papers to read and learn from with these kind of protections?

I am thinking about building a virtual box with Windows 2000 and Softice and try there. (A thought that came to my mind is that maybe the licensing routine is in the avast driver, to keep it away from prying eyes and RING3 debuggers, but I don't have enough evidence to state that).

I tried to use syser but apart from the point that i don't know the program at all, when i try to load avast i get memory errors again, so maybe the problem is not RING3/RING0 but enforced memory protection by Avast.