|
|
|
|
#1
01-08-2008, 18:21
|
||||
|
||||
|
I am not an unpacker, but when it comes to antidebug stuff i can recommend hanolly.
Read more here: http://www.tuts4you.com/forum/index.php?showtopic=14168 There is source of the plugin included (look for drizz post) so you can adjust it to suit your needs. Take care not to have running any other olly releases with hanolly as it will couse BSOD. BR, ChupaChu! 
|
|
#2
01-09-2008, 15:42
|
|||
|
|||
|
Tools:
- Modified Olly (names, classes,exports,....) - HideOD: all options checked and ZwQueryInformationProcess (method 2) after bypassing <CreateProcessA> Fill with NOP <ResumeThread> API (very important) then continue unpacking.... Last edited by Magic_h2001; 01-09-2008 at 16:10.
|
 |
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| SVKP, Armadillo or SDProtector | TmC | General Discussion | 15 | 12-10-2004 22:19 |
| Unpacking SdProtector Pro | bLaCk-eye | General Discussion | 2 | 08-12-2004 22:10 |
Hybrid Mode
