Unpackers/decrypters/unprotectors

Generic/universal unpackers/dumpers

ProcDump by G-RoM, Lorian and Stone. 18.I.2000. ProcDump32 1.6.2 (161K). Torn@do's Procdump Site. ProcDump scripting for dummies by COKiNE. Updated ProcDump script (2K). News: - Updated Task/Mod init code to run correctly under NT2K. - Fixed up an obvious bug that avoided to snapshot modules correctly ! Thanx to Elicz for spotting this. - Added Aspack 2000 support. - Updated ProcDump user manual, Unpack.txt, history.txt. - Dump to disk a running process & fix it so that u can discompile it. - Dump to disk a part of any process. - Dump to disk a module & fix it for analyzis. - Unpack a given PE file using Wellknown strategy OR using an universal analyzis. - Rebuild a Dump you made with SoftICE + dumper in a regular PE file. - Edit the PE header datas, remove sections, Change PE directory infos, import and export sections from PE file. - Kill a running process. - Able to unpack/decrypt: BJFNt, ENC, Activision Packer, Manolo, NeoLite, Petite, Securom, VBOX , Shrinker 3.2&3.3, WWPACK32, ASPACK, PE-PROT 0.9 and many more... Win32 Intro by Vitaly Evseenko. 21.IX.1999. Win32 Intro v0.71 (26K). Win32Intro is a generic executable unpacker/dumper. It can unpack compacted or encrypted Win32 executable files without knowledge about their compressor and without any need of debugger. It also unpack files that includes some anti-debugging traps (for instance, use of int 03). UN-PACK by Snow Panther. 11.IX.2000. UN-PACK 1.8 (149K). - Designed for unpack specially - Identifies most COM/EXE compilers/cryptors/packers/protectors - MZ/ELF/LE/LX/NE/PE headers support - Full executable files analyzing - The best extensions database (more than 1060 ...) - Internal COM dumper and tracer - Support for TEU unpacker - Built-in API functions for unpackers - 3 types of file detection - The most powerful file analyzer available today!

Specific unpackers/dumpers

DeShrink by [j0b]. 12.II.2000. DeShrink V1.6 (189K). News: - DLL is discontinued for now. - Shrinker 3.4 files are now unshrinked fine again. - Missing resources in unpacked files are now copied from original file (will fix the problem of unpacked files showing no main icon or crashing on execution. - Autodetection for Shrinker 3.4 now included (the Checkbox remains clickable though to prevent this feature becoming a way to overcome deshrink. =) DeShrink is a tool to unpack Files compressed with the all so popular Shrinker done by Blink Inc. UnShrinker by Andrew Shipinsky. 12.I.1999. UnShrinker (36K). Decompress shrinked files with Shrinker 3.2/3.3. Ned by snajder. 19.I.2000. Ned 2.3 (8K). News: - Bugs fixed. NED is deshrinker for SHRINKER 3.xx compressed files(NE-Visual Basic 3.0). I made it 'cause all other similar programs doesn't support NEs. This is is the first public release of NED. It works with NE VB 3.0 files ONLY!!! un-ASPack by dtg. 26.VIII.1999. un-ASPack v1.0 (26K). Unpacks ASPack 1.02b, 1.07b, 1.08.00/1/2/3. Included full asm source. UnAspack by Bi Wei Guo. 13.VI.2000. UnAspack 1.0.9.1 (73K). News: - support another version of ASPack 2.1. Very good unpacker for ASPack. With GUI. Anti Aspr by LuTiN NoIR/TeeJi. 04.IX.2000. Anti Aspr 1.0 (20K). This program is intended to obtain a functional dump programs protected with Asprotect. It removes the anti-debugger as well as the destruction of the import table. It also recovers new eip and makes indefinitely loop the prog on it even in memory. Then a dumper and a rebuilder (modified) deal with creating a dump. PEunCompact by Chafe. 10.X.1999. PEunCompact v0.01 (28K). This is an unpacker for programs packed by a program called PECompact. It has only been tried with programs compressed using PECompact v0.971b, so I don't know if it works with others as well. tNO-Peunc by aK_ of tNO. 21.V.2000. tNO-Peunc v1.5 (15K). News: - Recoded some portions of code - Added support upto PE-Compact 1.30 tNO-Peunc is an Unpacker for PE-Compacted files and will create 100 % working and "disassembleable" unpacked Versions of the packed PE-Files in its final Release.