Hi,
First it wasn't breaking only with msvbvm50.dll API. But after some time it stopped breaking even with kernel32.dll API.
Then I type "bpx GetSystemTime" and then "bl", I see "00) BPX #00FE:000069F9". Earlier this behaviour was only with msvbvm50.dll API - kernel32.dll API was displayed correctly "00) BPX GetSystemTime".
Even in code window I cannot see "call GetSystemTime", etc. anymore - I only see "call 12345678" instead
Any clues?

00FE happens on XP, ye?

mostly, to avoid this, start NTICE manually, soon after desktop starts.

also, you can get back exports, if you will unload-reload them in Loader32.

I have Windows 2000.
You are right - if I start SoftIce then system starts, I cannot see kernel32 symbols, but if I start SoftIce manually, kernel32 sybmols are visible.
But problem with msvbvm50 still remains
I also noticed, if i reboot machine, start VB program and only after start SoftIce - msvbvm50 symbols are visible!!! But this works only one time after machine reboot If I close vb program and run it again - msvbvm50 symbols not visible anymor

What do you mean by "also, you can get back exports, if you will unload-reload them in Loader32"?

:-

well, when you start Numuga's program Loader32 (NTICE is active),
then it shows list of DLLs, which's exports are loaded.

Then_IF some DLL's exports looks bad, you can remove & load again..

If you are talking about [Loader32 menu] -> [Edit] -> [SoftICE Initialization Settings...] -> [Exports], this wouldn't help, because these settings are only interface to Winace.dat file. After changing setting it is needed to reboot machine to apply them.

:--

maybe you try better read what i wrote??

I am sorry. I started working with SoftICE, assembler instructions and other cracking stuff 2 days ago . Could you explain me in more details?

well, if you are 2-day old newbie, read&read tutorials for newbies.
Read included Softice DOCUMENTATION,
ask quetions after about 1-2 month.

Ok,

Since you are supposed to be learning on your own, I won't spell it out explicitly, but do some research and its going to be OK.

1. You have to be in the correct context to break.
2. msvbvm50.dll is for OLD versions of visual basic. So its probably best to include the dll into your exports.
3. Then do what Evaluator told you to. If exports are bad (prolly corrupt), reimport the entire dll. If same problem persists, search google for bundles of vb runtime dlls for v5.

But in any case it still does not work then:

1. Disassemble msvbvm50.dll using IDA
2. Get a list of functions marked (EXPORTED) by outputting a map file
3. Use IDASYM.exe to get the SYM and convert to NMS
4. Import table into Loader. You're done.

Maybe you also need to try and use Smartcheck ya? (ya? = Cameron Diaz in Charlie's angels, initial bullwhacker scene) YA!

Have Phun

Thanks, for hints . I definitely will follow them.
But first I am going to install newer version of SoftICE - in russian forum I found that this could be some kind of SoftICE bug.

P.S.
Smartcheck doesn't help much me in this case. It shows code, but I can't find what I need in this code. Maybe after 2 months of RTFM I will take a look at this code from different angle and will find what I need .

Finally it works!!!
I installed SoftICE 4.2.7.
Loader32 from this version allows to load/unload exports.
So each time I run my VB program, reload msvbvm50 and see symbols clear.
With my older SoftICE 4.0.5 version loader32 I was able to load, but I was UNABLE to unload exports...