Greetings all,
I have a program named 'Armadillo' in my system and have no idea where it came from. A file search turns up nothing, as does a AV scan and a Tds scan. Apparently it is a program that wraps itself around another program in order to protect that program. Now, I also have this dotted line in the shape of a square that shows up on my desk top surrounding the 'My Documents' icon during boot up then rather quickly disappears. Anyone have any information?
Thanks

Armadillo is a Win32 executable compressor (aka. packer). There are many, some of the more common ones include UPX, Petite, and ASPack. I suspect that you may not necessarily have the Armadillo program, but rather a program that was packed with Armadillo.

:D Blaze grab base ball bat d#$%^ Armadillo anti pirating software spyware thud thud kick thud Armadillo blaze yell out over Armadillo twitching corpse how you like them pass words grrrrrrrr


Armadillo usealy comes pact with software very populer usealy set there to criple any one trying to crack there program or runs a black listed serial.

thers no way to get rid of it if you do you end up cripling your software lol.

its mainly there to protect some ones product from bing pirated theres nothing evill about it.

theres even a program they sale called Armadillo they bind it to there software and if you dont use the right password to install the program it starts to uninstall lol or says not valid password.

mainly for copyright protection

Thanks guys..* I kinda knew how it was used but was concerned because I could not find it while doing a file seach so ??? have no idea who or what installed it. Why is it so hidden? Also, that weird dotted line that shows up around 'My Documents ' at boot up may have showed up at the same time.... not sure. The third party software I run is minimal and what I do have a lot of the folks here run. Not sure if it is cool to post it or not. Anyboby seen that dotted line thing before?

nope next time it hapens press the print scrn sysq button on your keybord.

then open microsoft paint there should be a pic of your desk top click on file tab on microsoft pain and select save as .jpg

hmmmmmm i dont think it something evill does it do it all the time.

http://www.siliconrealms.com/armadillo.shtml

see it for software protection lots of companys use it no bigy

Thanks Mr Blaze. Yep, Siconrealms is the one I have. I will do as you suggested next time I boot up and get back here with results / should'nt Amadillo show up in a system file search??

it usealy has the company name rather then the actual .dll file usaly with hiden extention on it

MR Blaze,

I see your head is getting bigger (not yet watermelon sized, but maybe a honeydew), you will be a DSL Reports guru yet! ;)

Having a dotted line around an icon on your desktop is easy.. just select one, and then select a blank spot on your desktop. Press F5 and the desktop refreshes and the outline goes away :)

I would assume therefore, that some application has simply set the "focus" to the desktop as it is booting, which then disappears when other (hidden) windows get the focus during initialisation.

Armadillo "shows up" ? What does this mean ? I haven't used an Armadillo protected app in a while, I dont remember any visual signs showing up however.. ???

;)what he said lol

OK..... let me put it this way. Is it possible for a trojan to be hidden inside the Armadillo shielding to the extent that TDS would not be able to see it and could it do it's nastry work from behind the protection w/out being detected? Not knowing very much at all I'm thinking that a trojan program could possibly protect itself with Armadillo. OK I'm braced, let me have it. :-\

Be asured iof a trojan was trying to be hidden that way TDS would find it as piece of malicious code.

Hi,

Yes. Armadillo is essentially still just a compressor, and once a trojan protected with it is running, TDS will be able to scan it in memory and detect the original trojan :)

Thanks all..very much I'll put it to rest. It has been bugging me for some time now and finally had to ask. As far as the dotted line thing(y), well, I'm still trying to fiqure out that one. I have tremendous faith in TDS and now even more so. Once upon a time I ran BoClean for about a year when a trojan got into my system and absolutely reaked havoc; so went to TH for awhile but after reading many postings here decided to switch to TDS and I will most difinitely stay.

Hmm That really surprises me for BOClean, honestly said, but my own experience is with TDS (among others) and i am really happy with it.
Don't forget to grab the SS3 scripts from the TDS site and you might like to load the smaller ones to try and you might discover one from my hand :D (among others)

Hello Jooske,
Yes, surprized me also. I always had it running as well as my AV program. One day things started getting very strange. Heck, I even had sound effects!! Oh well, life's a trojan
OK, I'll give the SS3 scripts a shot ...... thanks

BOClean runs fine beside TDS, no reason to uninstall either of them, just update/upgrade when available.

So it seems you might have been infected or even hacked, with that music and other strange happenings.
Maybe your AV or email scanner overlooked a nasty, or a hole in IE / windows not patched right in time?
Was anything discovered and cleansed all out?

In the SS3 scripts is a jukebox to play your favorite music, which Wayne ever created in 5 minutes to please the TDS operators family.
The InnerPeace script is a demo to use TDS with msagents. (you must be msagent ready to play those and have the SAPI4 runtimes installed if you run XP)

Once you register TDS you can use them all, including the larger scripts, of which the Screx we wisper the name in all admiration.
And registered you can install the exec protection, which checks all executables for malicious intentions before allowing to run. And there are a few more tools possible.

Hmmmm.... why do you run both BoClean AND Tds? Is not TDs enough?
'Was anything discovered and cleansed all out?'
Nothing discovered - too far gone
Thanks for more script info... very cool
Been registetered for awhile now.

Wrong understood:
There are several reasons why people first had the one and after discovered the other. So the question is more if it is possible or necessary.
Possible yes, necessary not really.
TDS has as resident protection the exec protection, while in the TDS4 family will be a whole resident guard.


Great that you like the scripts too: seeing the examples and what we posted in the SS3 scripts area you get a feeling of scripting yourself and having some msagents jumping over your screen and having other applications started, whatever.
TDS makes real security fun again!

:D SS3 i want to get in to that but my stupit pc wont let me it really sucks.

Will i use boclean and tds.

my boclean acts as a sniper or hit man on line very light on resources.

and my TDS acts the a whole group of navey seals spechial ops if something gets past my sniper he he he

its always good to have a back up software for everything.

boclean and tds work great together

-{ Quote: " quoting: Mr.Blaze link=board=5;threadid=10613;start=15#msg69666 date=1056640305]
:D SS3 i want to get in to that but my stupit pc wont let me it really sucks.

" }-

Could the script blocking of NAV be the culprit here?
I don't have NAV at the moment so it is only a wild guess........

Blaze, make sure you have WSH enabled, Windows Sript 5.6 installed, i gave you the d/l links in another posting.
And get rid of that Norton (or other) script blocker!
You had WormGuard to secure you, so please get rid of that other blocker finally.
I just emailed you a test script in HTML /vbs combination which i also attached in the SS3 forum at DCS.
Your version should run from your mailbox, the file in the forum should be saved on your desktop as testagent.html and click to open while connected to internet to make sure missing parts can be grabbed from internet..
It also answers your question to have MSOffice agents used with speech.
You can try to copy the source as a SS3 script and put a ' in front of the lines which don't work when loaded in TDS.

Cool analogy Mr Blaze ...... I am feeling a bit bad about all this. It very well may have been my fault ( in a way ) as to why the nasty got me. It is too much to get into now.....off to work but will post the pathetic short story this week-end. Mr Blaze, good see you again... ;)

Yes, it's good to see all you guys exchanging experiences so we all can learn from each other.
In cases i would like to be able to look inside somebody's system to make sure a certain nasty or condition is not there and to help the best i can.
Long before i ever found TDS and firewalls i was really badly hacked and my system destroyed beyond repair so i had to buy a new MB and CPU and HB, and even with all the proof there and the hackers known the ISP and police did nothing.
Fortunately found TDS and learned step by step and with very great patience of the DCS support to use it and to recognize suspicious behavior and to solve things, etc.
OK, i'm not the security expert, but on practicle level i learned a lot and can post links to other info.
I have been trembling, afraid, intimidated, infected and common AV/AT of wellknown names did not find it where TDS did immediately, so i found back my place on internet.
I learned to deal with nasties, for instance zip them if i was not sure if they were legally there or possible nasties, submitted so many files to the TDS lab for advice, etc etc.
The best part is to have all those support emails and the two forums as a large support database to help others, so it was really not for nothing nor spoiled energies.

OK....short and I hope to the point:
About a year ago I bought a new HP
Loaded an AV ( NOD ? )
Downloaded all MS updates
Downloaded BoClean
Download AdAware
A couple of days later things began to get wierd
Don't remember all the details but things were quickly becoming stranger and before long ... by-by recycle bin
At this point I felt I had to do the unthinkable......
Yes, I called a tech at Hp :o
Spent a long time with him and we had no LUCK locating Recylce Bin
THEN he tells me that before I went to MS update site I should have gone to HP update site as there was a problem with my batch of pre-installed XP oss and the HP patch needed to be installed before the MS updates. He felt this was at the heart of the problem.
Good grief, how was I suppossed to know this ???. Of course I then had to do next to the worst thing imaginable....... re-install Windows; only to discover that the patches I got from MS where still with me, so could not get HP patch first. Now, I know your thinking what does this have to do with BoClean. MAYBE nothing but one of the strange things that went on aside from a very twichy cursor was an insulting "gobble gobble gobble'. Yeah well, I do have a sence of humor and I did smile ( as maybe you are now ) as my blood pressure climbed to previously unknown levels,
but I sure would have liked to have met that clown. So, anywhy, I felt back then that BoClean should have caught the RAT but now as I think more about it, maybe the computer was so compromised that it was not possible and I sincerely offer up my very deepest apology to those who might be deserving of it :-\.

Terrible story, sounds like a coincidence of bad circumtances. One would almost wish HP had a "call home" for warning messages or live updates, warnings, while this is exactly against which we are fighting.
A registration with email / newsletters would not be bad.
It might have been the MS patches on a machine that needed HP patches first. HP coul have asked MS to put a warning on their site first (little chance, never know..)
As the destructive matter was so urgent HP should have done anything possible to reach and warn their customers.
XP... didn't that tech advice to go to a former restore point or was that not possible?

Hope after all bad experiences your system is running all ok now.

Hello Jooske,
Restore not possible. Could not go back to time before MS updates. Aside from that bloody dotted line around My Documents showing up momentarly at boot up, as mentioned above, everything is fine on THIS system. :)

Do you mean the red dotted line around the name "My documents" under that icon?
I have the My computer as first icon and if i remember well it remembers the last used icon and displays that as selected that way. If you run with your tab over the icons it will start there.
If you don't want it red, you might be able to configure other colors for the icon titles in the screen configurations from the windows desktop > properties.

No..... read back along this thread. It is a dotted line surrounding the icon and colorless (white). It just showed up one day. I dumped a number of unneeded files from the folder yesterday and it stopped showing up until I download a program and bingo...it was back. May have been a coincidence. ???

small screenshot available?

Nope.... it is only there for about four seconds during boot up. The spacing and size of dots are the same size and spacing as these > ........... and they completely enclose icon.