I tested some from Procdump some unwrapped exe under win2000, I always get that message.
Those apps runs well under win98. I tried
to use PE Editor's rebuild function, but
not work.

I tried to unwrap under win2k, the result
is the same.

Can anyone tell me, what is wrong? How should
I repair such procdumpped exe???

thanx

ok, it seems that no one has interest
on my stupid questions.

But does not matter, I played around
with that PE Editor, and successed
making all unwrapped exe run under win2k!
But there is no standard solution of them!
Sometimes need to realign(rebuild) the exe,
sometimes change the characteristic of
a section in PE, sometimes must be ripped
under Win2k at first...

protools.cjb.net -> utils

________________________________________
PE Validator by LaZaRuS. 02.V.2000.
PE Validator 1.0 (7K).

PE Validator is a small tool that adjusts PE headers of EXE files that don't run under Win2K (this file is not a valid Win32 Executable) so that they run under Win2K.
_________________________________________

hey, thanx man. I checked it, but I used it
to compare two exes, unwrapped from same
vbox, one is only runnable under win98,
the other is runnable for both win2k and 9x,
but the result from pevalid didn't show the point, that need to change(Or I stupid
don't know what it means )

I'd rather change it myself now!

I have used that utility at CoDe_InSiDe's crackmes wich don't work under win2k. And with that tool the crackmes still don't work.... any ideas ??

Hi

check the SizeOfImage value, its often the reason for such a error message and my tool has a bug for certain files when calculating the SizeOfImage value.

Regards
LaZ

Hi Laz

I have checked the SizeOfImage and it was WRONG so i dubble clicked on it so fix it.
I did the same thing with SiseOfHeaders and it still don't work...

Do you have any good ideas on what can bwe wrong, none else sections are wrong and i'm testing at CoDe InSiDe's crackme 1.. ( http://codeinside.cjb.net/ )

I'll take all ideas on how to make it work on a Win2K box..

Acid_Cool_178

OS: Win2k
freeze the app and use procdump to make a
full dump, but be sure select "Don't rebuild
import" in "Option" before dump!
And use a tool names Import REConstructor
v1.2 to fix the dumped.exe by make a
IAT to it. It can also fix EIP to OEP if
you have it(u must have it already).

I tried this cause by some dumping
Procdump crashes when I select rebuild
import table.

The tool is to find at protool

for 2k dumps *ALWAYS* fix the checksum

remember......Guinness is good for you...yes it's me ! }>