I'm having problems finding the OEP in aspr 1.2[NewStrain].

Which generic methods exists to find it?.
I cannot find the signature (61,ff,e0) in memory with Sice.

even if i get a supposed OEP with OEPfinder or peid 0.8, i cannot get sice to popup. (i use a bpm in the supposed OEP address, and i use SuperBPM).

any tips?.

thanks.

please search the old posts. This has been discussed many times

yes, i've downloaded and readed *ALL* posts about asprotect, but all posts always assume that u can found the OEP.

my problem is with the bpm's.

maybe i'm not helping much,since i'm a newbie, but....
do u have bpm problems how? the prog doesn't run, error message?

keep your eyes open for instrunctions like:

jmp eax

jmp far address that is in a difference range than current eip (ex:eip = 450000 and u jmp 401000)

push reg/mem and then ret

call far address (after the prog finishes, control returned to packer and packer exits)

popads





<
even if i get a supposed OEP with OEPfinder or peid 0.8, i cannot get sice to popup. (i use a bpm in the supposed OEP address, and i use SuperBPM).

any tips?.
>

the packer problably fools both those progs nicely so your best option is to do it manually




ps: i've your desperate try using Christoph Gabler's GenericUnpacker (hope i idn't misspeled his name