1- File
2- Attach
3- I select an exe file from the list of the windows ‘Select process to attach’
4- PROBLEM the exe file is not running and accecible any more.

In Fact I have a file protected by EXE PROTECTOR and I did’nt manage to make it running when I open it even with F9.

The advantage with ‘attach’ option is that I can by-pass the protection and display the assembler code the drawback the program is not running anymore and not accessible.

Any idea or best practice to solve this issue are welcome.

Not EXE PROTOTOR but ASPROTECT

Once you attach, the program is paused. To run it, you need to use F9.

Ensure you don't attach whilst in AsProtect code, or strange things will start happening.

A much easier approach is to strip the AsProtect stub from the code, and view the original, unprotected code. It only takes about 10 minutes to completely remove AsProtect.

May I ask you to write the big lines on How to unprotect an exe file from AsProtect in 10 minutes?

How about picking a nickname so we don't have to call you AnonXXX

Removing AsProtect in 10 minutes is quite possible but as the old proverb goes "its better to teach a man to fish than to keep giving him fish".

So firstly learn how to use a search engine. There are tutorials adnausiam on the net regarding unpacking asprotect. Also there are tools that will do the job for you if your lazy enough.

My 2 cents worth
Peterg70

My preferred method is to learn how to unpack AsPack manually, then use a pre-written unpacker. When the unpacker fails (and it will) you can manually unpack the target.

to attach to a file
1. open you exe protected file (make sure to open it first)
2. open ollydbg - attach your process
3. once its paused, select View - Memory
4. look for "code" in "Contains" column. (make sure its on same row as your exe)
5. right-click - Set memory breakpoint on memory access
6. now press Run and select you exe from taskmanager
7. ollydbg will stop on assembler code, and finally Remove memory breakpoint

KarL