With ImpRec I get :
FThunk : 00095148 Nb Func : 8B valid : No
rva : 00095418 mod : kernel32.dll ord : 01B5 name : GetProcessVersion
etc.... etc...
but 5 unidentified ptrs.
-----------------
I got 3 of them resolved (using Trace Level 1 and Asp.1.2x plugin) :

rva 00095264 ptr : 011f13b4 GetCurrentProcess
rva 000952b4 ptr : 011f1360 invalid
rva 00095328 ptr : 011f1388 Getversion
rva 00095338 ptr : 011f13e4 invalid
rva 00095368 ptr : 011f13cc GetVersion
--------------------

I traced manually the remaining two and I am unable to link them to any API. Stuck there I would appreciate some help.

TIA
Artifex

Hi

There is a lot of thread about this.
AS Pre-processed api are :
GetVersion
GetVersionExA
GetCurrentProcess
GetCurrentProcessId
GetCommandLineA
FreeResource
LockResource

SV

Artifex

There is loads of info on this subject but to save you the TROUBLE of searching here are some tips;

FreeResource
LockResource
GlobalUnlock

There are others but it's too early in the morning so I can't think!

/hobferret