I got the following for AnyDVD 1.6.2.3:
OEP = 419CA4
stolen bytes = 55 B0 60 89 04 24 55
IAT RVA = 25000
IAT size = 2C8

The number of stolen bytes, ITA location, and ITA entries all seem very strange to me, so it is likely that this information is not 100% correct. It appears to work correctly, but I only tested the GUI, not the actual functionality. So, even if it's not totally correct, it's a good starting point.

generic ways
 

Hello all,
nice to read this thread and btw good work LaBBa.
unpacking is an good way to defeat Aspr but for this kind of most used protectors i try allways to get more generic solutions.
this is why i start ASload with NTSC.
if you use ASload on DropToCD or other asprotected apps you will see what i mean.

hxxp://www.cstn.cjb.net/

my problem is that i havent that time this days and iam a really bad and slow coder, if i can call my self so :~)
if anyone want to help me or share some new tricks to handle the crypted part thing in aspr so message me plz...

best regards.

Hi Satyric0n, britedream,

Thanks again for help those kind of procedure.

For NOPing, I found new and simple method for that.

Just 10 byte... at 0058547B(5 bytes) and 00585564(5bytes) these are located at some byte after from OEP.

These 10 bytes NOPing remove the Trial Message dialog box also.

Thanks,

HotPepper

glad to see you tackling the program !

Britedream
شكراً لك من القلب يرجى مراسلتي لتعرف والمواصلة معنا
أخوك
أبو عبد الله
السعودية

CRACKSARABICz:

Apparently you missed or are ignoring the directions for this Forum, which state "English only."

Regards,