 Tls*.bat examples show how to create static TLS and TLS callbacks in PEs
written in assembly language. TlsExe.exe and TlsDll.dll are the 1st PEs
with TLS written in assembly language. In TlsDll.bat is also showed how
to create Load Config table. MS LINK is required.
 TlsExe.log is standard TlsExe.exe's output. You can test packers if they
are really good: pack TlsExe.exe and/or TlsDll.dll and compare actual
TlsExe.exe's output with TlsExe.log. In order to callbacks to be called
image can't be loaded dynamically (LoadLibrary can't be used; see Q118816).
I would also suggest placing decompress routine not in ExeMain/DllMain but
in the 1st TLS callback.
 TlsExe/TlsDll show that code from .exe/.dll can be executed (by OS) before
a module entry is reached! The last thing which is called in the ending
process is the .exe's (main module's) last callback. You can catch&watch
DLL_*_??TACH messages in .exe module (not only in .dlls)!
 I recommend watching LDR messages (ShowSnaps=TRUE) in the debugger in order
to get picture of OS (here Windows NT) module management.

EliCZ, Apr-03-2000