fighter_81
January 31st, 2005, 09:17
Hi to all of you, i have a problem while trying to unpack a program that if you want you can find at http://wtf.deleted.com. it seems that it is not compressed but when i break at the eip with mi SICE i found this:
PUSHAD
CALL 004F7000 //PROTECTION ENTRY POINT.
The program detects the debugger with the int 1 method.
Well, i put a bpmb SetProcessWorkingSetSize x, this breaks two times. I rebuild the IAT and when i run the prg it says that the program has been dameged by avirus or bla.... Now the question is if in your opinion it's a crc check maded by arma or if i have missed the oep. has one of you guru an
? I worked around this prg for weeks but i'm not able to cave a spider from a hole.
PUSHAD
CALL 004F7000 //PROTECTION ENTRY POINT.
The program detects the debugger with the int 1 method.
Well, i put a bpmb SetProcessWorkingSetSize x, this breaks two times. I rebuild the IAT and when i run the prg it says that the program has been dameged by avirus or bla.... Now the question is if in your opinion it's a crc check maded by arma or if i have missed the oep. has one of you guru an
? I worked around this prg for weeks but i'm not able to cave a spider from a hole.