PureAntispyware UnUPX

[Inf0Byt3]

I am working on PureAntispyware and I was wondering I anyone can transform a very small UPX unpacker with source in MASM to a dll that could be called from PB. If anyone around knows MASM and can help...
Thanks.

[Trond]

Can't you simply use UPX? It can unpack its own executables.

[Inf0Byt3]

Yes, I could, but a dll would be more professional. The source code is very very small, but unfortunately I don't know enough asm to create a dll .

[va!n]

nice idea but it would be a damn hard job if your program will know and unpack and decrypt most known DLL/Exe packers... You can pack an exe with UPX and crypt the header with another tool, so UPX dont know it as UPX packed anyway... Atm i know about 8 acutial used packers n packer tools. Good Luck!

[Dare2]

Is there a link to the asm?


Also, maybe check out Iczelion's tutorials at http://win32assembly.online.fr/download.html - awesome for getting going with masm and has a tutorial on creating dll's.

Can you not just make it a lib (or obj) and link it? I would think that was the easiest now that Pure 4 allows this.

[Inf0Byt3]

Here's the link. It says it's made is Delphi but it's MASM. I can try, but i'm sure I'll fail. The only thing I know in asm is basic math operations. If the tutorials are good, i'll givie it a try.

Here's the link if you want to try. I don't know how to remove the GUI part:
http://blackbird.webz.cz/clever/UPXUnpack.zip
Thanks.

[thefool]

another reason to use the REAL upx unpacker: the unpacker you supply doesnt work. At least not for upx 1.93...!! wich in fact is a rather important thing.

[Inf0Byt3]

Ok, I will use the real one. Thanks for telling me.

[thefool]

np

[Dare2]

I won't bother with that code, then.

(Which sounds good - but even if I had bothered you would probably end up getting what you're getting from me now - nix. )

[Inf0Byt3]

A, no problem, Trond's right, better use their tool. They made it, the should fix the job for us . Thanks anyway Dare2 .