I've recently come across a target protected with .NET Reactor. I loaded into Olly as usual, and made sure that exception E06D7363 was ignored in the Debugging Options. After running the target with Olly, I noticed it was throwing the aforementioned exception along with another one.... E0434F4D. I've never run across that one before, but I went ahead and had Olly ignore that one too.
After the program was fully loaded, I searched through the memory using the main form's window caption. Instead of just one file, I found two, so I dumped both of them. One of them was a DLL file, and the other was the main EXE file. I used CFF Explorer to fix them up, and made sure to change all of the needed values.
After thinking that I was done, I tried executing the dumped/fixed EXE file. The program didn't show any error messages, but when monitoring the Task Manager, I noticed the process closed without warning about 20 seconds later. No windows or error messages were shown. I loaded the rebuilt file into Olly, and ran it from there. Olly showed that the program closed with the second exception I mentioned before, E0434F4D.
The protected file runs just fine, but the one that I've dumped and fixed exits with that exception. I'm not sure why, or how to fix it. I should also note, that I was able to load both of those files into Reflector without any problems. Any help with this would be GREATLY appreciated. A link to my files is below, just in case you'd like to take a look at them to see if I've done something wrong:
That includes the original protected file, the dumps from Olly, and the dumps after I attempted to fix them...each in a seperate folder after extracted. If you need the original setup file to test with (and also to have all of the files for the program), let me know and I can upload that as well.