first off all i'd like to thank all who were so kind to help me out before. but i have stumbled into another problem yet again, and i hope some of you out there are willing to help me...

problem is... after using revirgin, a few missing api's remain. trying to find them manually i ran into this..

at c6e944:

PUSH 00
CALL KERNEL32!GetModuleHandleA
PUSH DWORD PTR [00C76714]
POP EAX
RET

at c6e8e4:

PUSH EBP
MOV EBP,ESP
MOV EAX,[EBP+08]
TEST EAX,EAX
JNZ 00C6E8F5
MOV EAX,[00C76624]
JMP 00C6E8FB
PUSH EAX
CALL KERNEL32!GetModuleHandleA
POP EBP
RET 0004

at c6e900:

PUSH 00
CALL KERNEL32!GetModuleHandleA
PUSH DWORD PTR [00C76704]
POP EAX
RET

is this all correct!? as they all seem to give the same api.
im a newbie at asprotect, and have struggeled with it for a long
time already, but whithout some help i dont seems to get it all
done.

thanx in advance.

Please read the post by +SplAj first
http://www.woodmann.net/forum/showthread.php?s=&threadid=2603


The above is NOT GetModuleHandleA.
Try typing "dd 00C76714" to get the return value of redirected API


yes, the above is GetModuleHandleA


The above is NOT GetModuleHandleA.
Try typing "dd 00C76704" to get the return value of redirected API

thanx Solomon for your help once again.

i did read the splaj post, but it didnt quite give me what i searched for. i managed to get the return values.

for example PUSH DWORD PTR [00C76714] give the
return value of 819545D8.
but i cant get myself to link them to the correct api.

probably it's my ignorance, but i truly am willing to learn. i just
hope there are some willing to teach...

i still keep on trying but no luck.

please can someone give me some pointers.. i'm plane stuck right now. i tried all possible ways i can think of using the return values, but still no succes.