ASProtect-1.23 RC4 - 1.3.08.24
 

I got this software-->Innovative System Optimizer Version 2.6 (latest version 2.7)
Download: fxp://fxp.download.com/pub/ppd/10248215-10259907/SystemOptimizer2.exe

I run the packed program and get a NAG screen showing the time limit and registration key box.
PEiD scan: ASProtect 1.23 RC4 - 1.3.08.24 -> Alexey Solodovnikov

I was able to unpack the program. Since i m new to unpacking ASPR i might have done something wrong. Here are the details.

Last exception: 00FA39EC
Dumped the process at: 00406F99
IAT-LOG: Included in attached rar.

Stolen Bytes:
0069E33D > $ 55 PUSH EBP
0069E33E . 8BEC MOV EBP,ESP
0069E340 . 83C4 F0 ADD ESP,-10
0069E343 . B8 4CDD6900 MOV EAX,dump_.0069DD4C

Okay, now when i run the unpacked program i still get the NAG screen. Now when i advance the system time and run the original program, obviously it expires but the unpacked program doesn't expires and runs normal :)
But a very strange problem. When i reset the sys time and run the unpacked program the GUI gets corrupted, but again if i forward the system time it's back to normal GUI:eek: and vice-versa.
Why is it so??? I have included the screenshots in the attached rar.

I think your stolen should start at one byte earlier, and there is push ebx before moving value to eax

Yes i know that britedream. I mean i got the same stolen bytes u got . But just experimented with the ones posted above. The program runs without any errors. Why??

how do u determine stolen bytes?

Run Trace--> where EBP=ESP
Read R@dier's tut.
http://www.exetools.com/forum/showthread.php?s=&threadid=3594

To Ferrari

did you get my tut.

Downloading started ;)
Thanx alot :)

Britedream:
May i get the link to the target plz.

_www.advsoft.info

Ok britedream that was a good tut on stolen bytes :)
Problem solved...the app is running properly now...strange it didn't earlier with the same stolen bytes.
Anywayz thanks a ton :)