Try to unpack this:
http://www.geocities.com/superthingz/test.zip
If anyone can, tell me what program you used?

Packed with UPX, EP looks like it's an old version of UPX!

I opened the file in HIEW went to offset 27e1 which is EP, from there you can follow the code to the OEP jump at offset 2938. OEP is 4014BC.

I'm pretty sure there's unpackers available for this, else unpack it manually it's extremely easy with UPX! I'm not gonna run this file on my box, it looks very fishy :unsure:

JohnWho.

Elegant Ambrosia (http://www.cooks.com/rec/doc/0,1843,153179-251193,00.html). Wha..?!

Could have preserved file alignment + included an original first thunk and bound to msvbvm60.dll to bring it even closer to the original but what the heck. Had to rebuild resource data entries to be able to truncate the file at 0x9000 and rid it of UPX code/data, bit of a pain. And dude, what's with the icon?

Unpacking it is easy, the hard part is restoring it to make the file look good. There are about a million "tutorials" on how to unpack UPX; do you need help with something in particular?

Regards, sna
[attachmentid=3]