Hi, armkiller:

I'm one armkiller user who like your famous program very much ^_^

Also i've known 'bout that Armadillo Killer 2.6 was already released.

And I've tried it. Some early simple packed software can be easily un-packed.

But.. These days when I trying to un-pack one game-tool, i met some terrible thing &_& .

First I cannot succeed in un-packing that program with ArmKiller 2.6
It told me that "Unknown version!"

Then, I tried to un-pack it by myself. I've tried many ways to find the OEP,

but I can not! So.. now.. I still don't know how to dump them out

If you're free, Please help me with it ! And tell me the point!

Thankyou very much!! (Forgive my poor english

The URL: DELETED

Extract the pack, and the file named "muhero.exe" is the packed-file.

I use PEid to find out that :

the pack is: Armadillo 1.xx - 2.xx -> Silicon Realms Toolworks.

BtW, i'm using Ollydbg, PEid, LordPE, ImportRec.

I've tried bpx SetProcessWorkingSetSize , but it doesn't work.
I even cannot trace to "call edi" instruction.

Then , I knew that Armadillo will create another process during
the up-packing routines. So I "bpx createprocessa", trying to
trace out the OEP, but I failed

At last, I tried "bpx VirtualProtect" to break just before the armadillo warning me about the debugger
but also I cannot trace to the "Call edi"

Who could tell me how to find the OEP?
And How to dump it?
(It always seems difficult to dump from the app)

Thanx to all of your mans

Please read the tutorial about unpack armadillo by Crusader u can find here :

hxxp://www.woodmann.net/fravia/what_new.htm <--- remember change http


I not speak english (but i understand) and i translate this tuto in spanish i attach in this post . I hope that can help u

Remember !! :

Armadillo it's not a wanabe protection, If ur knowledges are poor u sides seriously problems for unpacking.

And Using Soft Ice!!!