Hi all,
I am having trouble unpacking ASPack2.1 and need some advice on repairing the dumped.exe
this is what I have done.

started softice and set Bpoint on GetProcAddress
then started the app, (Notepad.exe) which has been packed using ASPack2.1

when Sice break I F5 a few time before searching for the ASPack Sig,
after I have found the Aspack Sig I set a bpoint on that memory location.

pressed F5 and boom I break into the app just where i want.

I then step through

POPAD
JNZ 0040D4FE
MOV EAX, 1
RET 000C
PUSH OEiP
RET

after the last return I put the program into a loop at the OEiP and then Dump the exe.

then I edit the dumped EiP back to the original (Image Base - Entry point)

next I edit the dumped exe with Ultra Edit and change the code at the OEP back to what they were.

From what I understand the program should now run but I get errors instead.

I think I need to rebuild the Imports Table, but not sure how
any help appreciated?

I am running WinXP which may add to the problem.

I would like to write an Unpacker later and would appreciate any sigs for the various protector/ packers.


Many thanks

R@dier