Newbie would like some help

[LemanRuss]

Hi everyone!

I'm new so please don't hate me for this, but i have a silly problem.

My problem is that when i decompile the .exe program i am using (with W32dsm) , i get this:

Code:

Disassembly of File: Program.exe
Code Offset = 00000000, Code Size = 00000000
Data Offset = 0030A600, Data Size = 00014800

Number of Objects = 0012 (dec), Imagebase = 00400000h

 * Object01: * * * * *RVA: 00001000 Offset: 00000400 Size: 001AA000 Flags: C0000040
 * Object02: * * * * *RVA: 004A2000 Offset: 001AA400 Size: 00007800 Flags: C0000040
 * Object03: * * * * *RVA: 004C7000 Offset: 001B1C00 Size: 00000000 Flags: C0000040
 * Object04: * * * * *RVA: 004CD000 Offset: 001B1C00 Size: 00004000 Flags: C0000040
 * Object05: * * * * *RVA: 004D1000 Offset: 001B5C00 Size: 00000200 Flags: C0000040
 * Object06: * * * * *RVA: 004D2000 Offset: 001B5E00 Size: 00000000 Flags: C0000040
 * Object07: * * * * *RVA: 004D3000 Offset: 001B5E00 Size: 00000200 Flags: C0000040
 * Object08: * * * * *RVA: 004D4000 Offset: 001B6000 Size: 00000000 Flags: C0000040
 * Object09: .rsrc * *RVA: 00516000 Offset: 001B6000 Size: 00110000 Flags: C0000040
 * Object10: JCLDEBUG RVA: 00626000 Offset: 002C6000 Size: 00044600 Flags: C0000040
 * Object11: .data * *RVA: 006AA000 Offset: 0030A600 Size: 00014800 Flags: C0000040
 * Object12: .adata * RVA: 006BF000 Offset: 0031EE00 Size: 00000000 Flags: C0000040


+++++++++++++++++++ MENU INFORMATION ++++++++++++++++++

 * * * *There Are No Menu Resources in This Application

+++++++++++++++++ DIALOG INFORMATION ++++++++++++++++++

Number of Dialogs = * *1 (decimal)

Name: DLGTEMPLATE, # of Controls=001, Caption:""
 * * 001 - ControlID:045F, Control Class:"" Control Text:"" 

+++++++++++++++++++ IMPORTED FUNCTIONS ++++++++++++++++++
Number of Imported Modules = * *0 (decimal)


+++++++++++++++++++ IMPORT MODULE DETAILS +++++++++++++++

+++++++++++++++++++ EXPORTED FUNCTIONS ++++++++++++++++++
Number of Exported Functions = 0000 (decimal)




+++++++++++++++++++ ASSEMBLY CODE LISTING ++++++++++++++++++
//********************** Start of Code in Object ***************
Program Entry Point = 00401000 (Program.exe File Offset:00001000)

Then i get arround 2 pages of blank lines, then:

Code:

:FFFFFFFF * *End Of Listing

However, if I use HIEW, i can see all of the assembly code, but not the text that i am looking for when using W32dsm.

Can anyone shed some light on what i am doing wrong?

Oh, and while I am asking, does anyone know how to get Softice working on an XP Pro PC or should I get my old bucket PC out my loft with Win 95 on it?

[CoDe_InSiDe]

Hi LemanRuss,

I don't see much section names which probably indicates that the program has been protected/encrypted.
Try using PEiD on it and it probably tells you what protector or packer has been used, then continue with that info

Regards,

CoDe_InSiDe

[LemanRuss]

Thanks for the PEiD tip.

Ok, so now i know it is ASProtect 1.23 RC4 - 1.3.08.24 (Thats what PEiD says)
I read up on how to unpack it using OLLYDBG, and I can understand the Shift-F9 - 1 routine, but after that i get lost.
Can someone (at least try) to ram the knowlage into my thick skull?

[Kreet]

If you're lazy, you could just go to hxxp://protools.reverse-engineering.net/, go to the unpackers section, and pick up a copy of stripper or caspr.

[LemanRuss]

Quote:

Originally posted by Kreet@May 15 2005, 11:13 PM
If you're lazy, you could just go to hxxp://protools.reverse-engineering.net/, go to the unpackers section, and pick up a copy of stripper or caspr.

Thanks again for the tip.
However, when I use stripper to unpack it, the program will no longer run or be unscrambled in W32dsm.

Any ideas on how to fix it?