Armadillo 4.44 problem

[SystemeD]

Hi all,
I'm dealing with a VB app packed with Armadillo 4.44. More precisely Armadillo Protection Finder says:

Code:

!- Protected Armadillo Protection system (Professional)
!- <Protection Options>
Standard protection or Minimum protection
Enable Strategic Code Splicing
!- <Backup Key Options>
Variable Backup Keys
!- <Compression Options>
Best/Slowest Compression
!- <Other Options>
Disable Monitoring Thread
!- Version 4.44

ArmaGUI and dilloDie successfully unpacks it and I have my VB app running. The problem is that it looks for ArmAccess.dll and also patching all calls I can't have my app registered. The strange thing is that I successfully remove all nag screens and whatever but limitations are still there. Moreover I noticed that in the code there are big regions full of nop. I wonder if full code is someway stolen and how can I recover it?

Thanks in advance!

[TmC]

try to set a bp o GetEnvironmentVariableA and see what variables the program loads to see if is is registered.
The rest is un to you wheather you want to patch or to find a code cave where to put your variables in (PUSH VarValue, PUSH VarName, CALL SetEnvironmentVariableA, JMP ModuleEntryPoint and setting entry point to first instruction in code cave).

Usually limitations are placed by requiring a variable, see if it is in registered state(let's say USERNAME is not DEFAULT, KEYCREATED is not empty etc) and if not take countermeasures such as enabling limitation.

By the way, can you tell, or pm the program you are talking about?

[SystemeD]

Thank you very much for your reply I'm gonna try what you said!

I don't know if posting target's name is against the rules, so you have PM!