Hi there!

I've tried to unpack some EXE files. I'm using Windows XP. I used ProcDump32. And it didn't work. May I use a different unpacker? Have anyone got any ideas? Please tell me if you have! This is a big problem!!

Thanks!

Hi!
First of all you need to know which packer has been used-try some tools like PEiD or PE-tools, then you can search for tutorial how to unpack it or you can find unpacker for this one. ProcDump is good for older packers.
k

some packers (lots actually) damage the header of the exe file when its loaded, and so the dump wont work... to fix it, you can do it by hand or use some tools like import reconstructor.
if you have problems with the dumping process, use ollydbg to dump memory areas, because its safer.

Anyone fancy writing/recommending an easy to understand tutorial for this?

well procdump will normally dump the new code section with attributes that say its uninitialised data which messes up some other programs like disassemblers, fixing that normally solves your problems

Okay. If I wanna do it "by hand", then what may I do? What do you mean?

Olly Debugger

Olly always tells me that the .EXE is packed or self modifying. No unpacking!

I found unpackers for UPX and AsPack, but there are a lot of different packing algorhythms, and I can't do anything with them. I need an "universal" way.