This API hook plug-in allows you to check to see if your module is still compressed by PECompact. This is helpful to aid in making sure that your executable hasn't been unpacked by a cracker.
The existence of the IsPacked API tells you that the module is still packed, so there is no reason to actually invoke the function. Simply resolving it through GetProcAddress is all you need to do.
v3.04 update: HMODULE can be -1 or 1, and PEC_IsPacked API name or ordinal of 0xffff are accepted.
C++ example:
typedef DWORD (WINAPI *PFNPEC2_IsPacked)();
PFNPEC_IsPacked
PEC_IsPacked=(PFNPEC_IsPacked)GetProcAddress((HMODULE)-1,"PEC_IsPacked");
if(!PEC_IsPacked)
{
printf("\n ! Could not find PEC_IsPacked! Hook plug-in not
included?");
}
else
{
printf("\n PEC_IsPacked returns: %d", PEC_IsPacked());
}
VB Example:
Add to a module the following declaration:
In your form code you can add this function:
It will return True if your module is still compressed, or False if not.