Tweak XP Pro 3.04

here it is... it just miss IAT .use Imprec for IAT

you can use some PE realigner and PE fixer on it .. just in case

[BetaMaster]

Quote:

Originally Posted by Crk

here it is... it just miss IAT .use Imprec for IAT

you can use some PE realigner and PE fixer on it .. just in case

you say it as if it is trivial!

well body, why don't you do the IAT fix too, I am sure that you'll know then that you haven't taken a step yet.

attached...

[BetaMaster]

hmmm, thanks ... nice work but where did ordinal at rva 1094 go? I think Real|sty stuck with the same entry.ok, I'll try to find it by myself.

Thanks again Crk for the dump and the IAT tree file.

can't find it neither.. maybe is invalid to fool with us ??? if invalid then just nop it

OK... after analyzing the working IAT for v2.07 i found out that the missing one is DllFunctionCall ... i could be wrong .. but correct me anytime if i'm mistaken ... here are attached new dumped including added IAT + IAT tree for new and old version.

btw the app. still crash always at same offset ... i believe this most be a crc check

btw i used as OEP 0000137A to get the IAT for v3.0.4

[BetaMaster]

thanks Crk again, so nice of you to complete the job.
I appreciate it very much.

[BetaMaster]

ok, after some analysis it seems neither is correct, the added entry or the oep.

the missing entry is away from msvbvm60.dll, perhaps it's decryption routine, or some sort on code injection routine.

I think if the author of the product spent his time enhancing his product more than the time he spent to over-protect it, that would have been much much better for him.I cannot imagine that a little program to change some entries in registry, or do things that freeware program does, can have such protection.

this is right OEP and the way it should be... check more VB. app. and you'll know why