Armadillo PRO v9.64 x86-32 How to unpack ?

[LordGarfio]

Hello,


After several attempts with ArmaG3ddon v2.3.0, ArmaG3ddon v2.3.1 and the "Armadillo 9.64 unpack script v0.1.txt", I can not get a good dump.



How to unpack the "Simply Super Trojan Remover v6.9.6.2986" ?.
Does anyone know how to do it in a proper way ?.


Thank you in advance.


---------------------------------------------------
ARMADILLO OPTIONS
--------------------------------------------------

File:
>Rmvtrjan.exe

Protection Options:
>Minimal Protection
>Enable Import Table Elimination
>Enable Strategic Code Splicing

Backup Key Options:
>Variable Backup Keys

Compression Options:
>Best/Slowest Compression

Other Options:
>Disable Monitoring Thread
>Don't Report Clock-Back
>Don't Report Clock-Forward
>Disable INFO command
>Ignore INFO command
>Auto-Revert On Invalid Key

SoftICE Detection:
>Normal/No SoftICE Protection

Splash Screen:
>Bitmap Splash Screen

Version Number:
>9.64

Raw Values:
>00E3A842 (Raw Options)
>0006C602 (Extra Options)


--------------------------------------------------
BLACKLISTED KEY
--------------------------------------------------

Simply Super Software Trojan Remover v6.8.3.2601 Serial

Name: Thomas Brulport
Code: 000015-18X8BW-FP0GEJ-97Q6J1-BDTUW5-JH7HXY-757UXP-0A98YD-5W2ZQH-Y7A80N

Have Fun!.


NOTICE: Trojan Remover v6.9.5.2982 latest one release for Windows XP, not admit above registration data because is blacklisted. Below is the program's error message warning.

Trojan Remover v6.9.5 Enter License Key (Window)
Enter your Username and License Key then click OK
Username (usually your email address): Thomas Brulport
License Key: 000015-18X8BW-FP0GEJ-97Q6J1-BDTUW5-JH7HXY-757UXP-0A98YD-5W2ZQH-Y7A80N
Tip: you can copy and paste the full license key into the first box

Trojan Remover v6.9.5 - Error (Window)
E32: RESTRICTED USERNAME
The Username entered is restricted and cannot be used.
Please contact [email protected] for help in resolving this issue, quoting the text of this error message.


-----------------------------------------
DOWNLOADS for Simply Super Trojan Remover
-----------------------------------------

Simply Super Trojan Remover v6.9.5.2982 XP VISTA
Simply Super Trojan Remover v6.9.6.2986

DOWNLOADS

ONLINE INSTALLERS PAGE
http://www.simplysup.com/tremover/download.html

Just download "trjsetup695.exe" or "trjsetup_xpvista.exe" Free Trial version for Windows XP and Windows Vista.

Direct download links - OnLine Installers (Trojan Remover 6.9.6.2986):
https://simplysup.co.uk/download/dl/trjsetup.exe
https://www.simplysup.net/download/dl/trjsetup.exe
http://trojan-remover.co.uk/download/dl/trjsetup.exe
https://www.simplysup.com/download/dl/trjsetup.exe
https://simplysup6.com/download/dl/trjsetup.exe
https://www.simplysuponline.com/download...jsetup.exe

Direct download links - OnLine Installers (v6.9.5.2982 For Windows XP/Vista Users Only):
http://www.simplysup.com/download/dl/trjsetup695.exe
http://www.simplysup.net/download/dl/trjsetup695.exe
http://simplysup.co.uk/download/dl/trjsetup695.exe
http://www.simplysup6.com/download/dl/trjsetup695.exe
http://www.simplysup6.com/download/dl/tr...pvista.exe

OFFLINE FULL INSTALLERS PAGE
http://www.simplysup.com/tremover/download_full.html

Direct download links - Offline Installers (Trojan Remover 6.9.6.2986):
https://simplysup.co.uk/download/dl/trjsetup_full.exe
https://www.simplysup.com/download/dl/trjsetup_full.exe
https://simplysup6.com/download/dl/trjsetup_full.exe
https://www.simplysuponline.com/download...p_full.exe

Direct download links - Offline Installers (v6.9.5.2982 For Windows XP/Vista Users Only):
https://simplysup.co.uk/download/dl/trjs...ull695.exe
http://web.archive.org/web/2023022120341...ull695.exe


--------------------------------------------------
DATABASE DOWNLOADS for Simply Super Trojan Remover
--------------------------------------------------

DATABASEs

Trojan Remover v6.9.6.2986 - Database 11426 - 04.24.2024
Trojan Remover v6.9.5.2982 - Database 11426 - 04.24.2024

TRDB.ZIP Database UnZip Password: dilavgnitsetrtbd

Database Update 11294 - 24 October 2023
https://www.simplysuponline.com/private/updnew/trdb.zip

Database Update 11294 - 24 April 2024
https://www.simplysuponline.com/private/updnew/trdb.zip

Database Direct Download:
https://www.simplysuponline.com/private/updnew/trdb.zip
https://www.simplysuponline.com/private/.../11413.zip
https://www.simplysuponline.com/private/.../11414.zip
https://www.simplysuponline.com/private/.../11415.zip
https://www.simplysuponline.com/private/.../11416.zip
https://www.simplysuponline.com/private/.../11417.zip
https://www.simplysuponline.com/private/.../11418.zip
https://www.simplysuponline.com/private/.../11419.zip
https://www.simplysuponline.com/private/.../11420.zip
https://www.simplysuponline.com/private/.../11421.zip
https://www.simplysuponline.com/private/.../11422.zip
https://www.simplysuponline.com/private/.../11423.zip
https://www.simplysuponline.com/private/.../11424.zip
https://www.simplysuponline.com/private/.../11425.zip
https://www.simplysuponline.com/private/.../11426.zip

--------------------------------------------------

[GMAX]

hello 
If you have a working version on XP SP3 I can try with you as much as I can Unfortunately, I currently do not have an advanced version of Windows All of the links I mentioned did not work for me in the XP environment

There are many lessons on the forum how to unpack this protection By Professor newhack and also by me. Search for it, it will benefit you a lot

[LordGarfio]

GMAX,

After installing v6.9.5.2982, you can overwrite the old binaries with the v6.9.6.2986 and it will work flawsly on Windows XP SP3, like me (Use InnoExtractor).


Trojan Remover v6.9.5.2982 OffLine Installer 20.10.2022 (For Windows XP/Vista Users Only)
http://web.archive.org/web/2023022120341...ull695.exe
https://simplysup.co.uk/download/dl/trjs...ull695.exe

Trojan Remover v6.9.5.2982 OnLine Installer 16.05.2023 (For Windows XP/Vista Users Only)
http://www.simplysup6.com/download/dl/trjsetup695.exe

Trojan Remover v6.9.5.2982 OnLine Installer 03.12.2023 (For Windows XP/Vista Users Only)
http://www.simplysup6.com/download/dl/tr...pvista.exe


Trojan Remover v6.9.6.2986 OnLine Installer
https://simplysup.co.uk/download/dl/trjsetup.exe

Trojan Remover v6.9.6.2986 Offline Installer
https://simplysup.co.uk/download/dl/trjsetup_full.exe


Regards.

[GMAX]

This file is manually unpacked. The protection was rather uncomplicated Try the file, does it work for you, and then we will talk about how to unpack it    TEST

[LordGarfio]

Hi GMAX,

The TEST works well.
In the ABOUT window, the license information is displayed incorrectly.
Is it necessary to retain all these sections of the PE header ?.


DETAILS

------------------------
On Rmvtrjan_unpacked.exe
------------------------
Scanning, Works fine on Windows XP SP3 PosReady 2009.
Updater, Works fine too ;-).

- On About Windows

Trojan Remover
Version 6.9.6.2986
Using database: 11429

License information:
Unregistered
Days remaining: Unknown

------------------------
On Rmvtrjan.exe
------------------------

Trojan Remover
Version 6.9.6.2986
Using database: 11426

License information:
Evaluation Copy
Days remaining: 19


Windows XP SP3 POSREADY 2009 HACK FILE
----------------------------------------
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\WPA\PosReady]
"Installed"=dword:00000001

----------------------------------------

Regards.

[GMAX]

My brother, your request was about how to unpack the program and make it work Either to make it registered or to fix some errors and to make it registered, this is out of my domain and I don't care about that
The only other change to make it work was in the following place
008DA77A  JNZ 008DAC4A to JMP

You can proceed with the repair if the software command interests you
And why don't you finally put up a lesson here on the forum so that everyone can benefit from how to fix it and make it registered The software is easily accessible, according to

for windows about you can satr here 008D2084
or use GetEnvironmentVariableA

[LordGarfio]

That's right, I just asked about Unpacking.

You asked if your unpacking worked. I just gave you details in case it was of general interest.

I would like to know if all those sections of the overthrow are really necessary?.

Now that you know that it works correctly, how did you get a good dump ?.

GMAX, do not worry Bro, and thank you for your support.

[GMAX]

Brother, in the manual unpacking process, it is normal that the resulting file has parts or libraries without redundancy that can be dispensed with, and they are caused by protection for shading, and in order to check them all, you must be somewhat familiar with the real structure of the program before compression But there is an unsecured method that we usually use in the part to put a breakpoint (memory) on the library and run the program and check whether it needs it or not

And welcome at any time or question we can answer it