Hi all,

i'm kind of new in unpacking and certainly need help.

I have unpacked PortTunnel using ProcDump v1.6.2.

FYI, PortTunnel is packed using exe32pack v1.38,


Questions:

1) why are the exe files unpacked (full dump) using ProcDump (and even LordPE for this matter) in Win98 would not work on Win2k and vice versa? How do I get them to work on all Win OSes?

2) how do I rebuild the import tables? i've read essays (on ASProtect, ASPack, etc) but still don't seem to get it.

3) If i manage to rebuild the import tables, will the String References also be resolved when disassembled using w32dasm?


I have attached the following files for those who can help:

1) Original PortTunnel.exe => PortTunnel1.exe
2) PortTunnel that is modified to go into indefinite loop (for dumping purposes) => PortTunnel2.exe

All needed to dump the file is to run PortTunnel2.exe, run ProcDump/LordPE, dump the file and set OEP = E960.


I would really appreciate help on how to

a) get the unpacked exe to work on all OSes
b) make the unpacked exe disassembleable with Import Function and String Reference in w32dasm


tq in advance.