This tool is based on drweb32.dll interface and actually all what it is doing - commands drweb engine to check specific file for viruses, while analysis it produce's temporary results and this tool save all of them. You can confirm that by looking on this Delphi (whatever) application code. FLY-CODE is a part of drweb engine - sort of heuristics based unpacker which main purpose produce unpacked code section for signature scan. This is not enough for unpacking packers/protectors etc in the full meaning of word "unpack" and can't be considered as generic unpacker as like for example QuickUnpack. As author at exelab mentioned due to heuristics approach FLY-CODE can be fooled and will produce complete trash as output. Have no idea why this Dr.Web component attracted such attention because such components implemented in different way exists in many other products, but no one do not considers them as "unpackers" are ready to use. It's fun tool, but useless.
Ring0 - the source of inspiration
