i tried to unwrap this application:

http://www.sybase.com/detail/1,3693,1010602,00.html

(sybase's PowerDesigner 7.5 trial. warning, it's 42mb!) but i didn't get mentionable results. procdumps internal vbox-dumpers for vbox <4.2 don't work, the external (via bhrama) dumps the file, but the result doesn't look very good (maybe because some of the used dll's might be packed, too, maybe because my knowledge concerning pe's isn't the best). and for v4.3 i could only find one unwrapper wich works only on win2k . the tutorials for v4.3 seem to be very easy, but the program i try to unwrap looks completely different (not the normal mv/cmp/jmp after the getprocaddress). so i think it may be packed with version 4.5 (http://208.240.131.116/products/vbox/download.html). anyone got:

1) a way to identify the used version of vbox?

2) a tutorial/unwrapper for version 4.5

ok, now i'm one step further, i used the rebuild function for the import-table to let procdump fix the file(with vbox 4.2 plugin). now i have a working executable, BUT the program seems to miss most of the functions. some menu-entries are missing, the whole workspace-window has gone and i get a 'can not open file' message if i try to open a project-file. any ideas? do i need to unwrap some dll's or something like that? or did the dumper/rebuilder forget to include the dll's (but why does it start anyway?).

It is packed by VBOX4.2.

any idea why it wont load the dll's after it has been unwrapped?

ok, i got it. one of the dll's imports functions from the exe. i think it's pretty strange that a.exe imports b.dll wich imports a.exe, but maybe thats normal. so the only problem was that the filename was wrong since the dll didn't try to include my new dump.exe for some unknown reason ;-)