hi guys, my first post here

i try to reverse a piece of software, and i'm facing a problem. if i'm opening the main exe in a hexeditor, i can find all the strings i'm looking for (Demo, License Expired, etc.). but in the dead list (olly, IDA, Wdasm), i cannot find any of them. any hint?

thanks alot,
zombie

They might be strings in the Resource Directory (just check with CFF, ResHack, ...), thus, they'll be loaded via LoadString(A for ASCII, W for Unicode), LoadResource or similar functions. Just check MSDN, will help you a lot.

thanks for your kind reply. i just checked with both programs you mentioned, and can't find anything

Obiously, you are NOT loading the resource section in IDA>
Wdasm cannot read it because MOSTLY all resources are in UNICODE and Wdasm stumbles there>
Don;t know about olly...

Have Phun

did Reshacker spit out a message saying
"file may be packed"?

does it have any resources?

I'm loading the resources in IDA

ResHacker does not say anything about packing. And I don't think it's packed, since the exe file is quite big (13 Mb). But ResHacker is showing very few resources (Icons and Cursors, nothig more). PEiD show "Nothing found [Overlay] *"

Thank you all for your time.