I would appreciate it if anyone would kindly help me with the following project:

[Target] <Removed by Moderator>
[aim] 1.) to remove 40 day trial nag box shown at start up
2.) to remove the message "evaluation copy" from top bar

I have seen an older copied cracked in a tut on www.woodmann.com/krobar
however on the older version after opening it with wdasm32 and finding string reference "available in registered mode only" there is a jump and all you have to do is reverse it e.g. je to jne or jnz to jz" but in <the latest version> there is no jump following the string reference

Thanks
DENiSON

This appears to be what brings up the nag screen but what do i do from here
004219F1 |. 53 PUSH EBX ; /lParam
004219F2 |. 68 9CDA4000 PUSH <Removed by Moderator>.0040DA9C ; |DlgProc = 0040DA9C
004219F7 |. FF35 28164B00 PUSH DWORD PTR DS:[4B1628] ; |hOwner = NULL
004219FD |. 68 39424900 PUSH 00494239 ; |pTemplate = "REPAIRSUSPDLG"
00421A02 |. FF35 E0F94900 PUSH DWORD PTR DS:[49F9E0] ; |hInst = NULL
00421A08 |. E8 CDE80600 CALL <JMP.&USER32.DialogBoxParamA> ; \nop
00421A0D |. 48 DEC EAX ; Switch (cases 1..3)

Hi

OK, here's what we're going to do. To start with, we don't allow discussions about cracking commercial software if the target is named and code is posted. This is clearly-ish outlined in the FAQ which you were supposed to have read before posting. We used to allow it, but that was many years ago, so don't go by old threads.

Nowadays, what you have posted is simply regarded as a crack request and more often than not is deleted outright, though I understand that isn't your intent.

Notice the <Removed by Moderator> which I added to remove the target name and protect the innocent. Keep that in mind if you post more code.

That said, welcome to the board anyway. I take it you want to learn to crack. It's actually more instructive to you to NOT name the target, but instead post snippets of code and your progress as YOU try to solve your problem. If anyone wants to help, you will get *generic* answers to the problem at hand which will be more useful than a "patch at address.." answer.


At this point it looks like you need to find where the nag is being called from. There are many possible ways you might go about that, but my immediate suggestion is - ditch W32Dasm and download the IDA 4.9 freeware version. Yes, it's a steeper learning curve, but if you're serious about this you will/should/makes no sense not to/ learn to use IDA.

A small part of the reason I suggest IDA is that it is very good at showing crossreferences (XREFS) which might point you to where the nag is being called from straight off. W32Dasm is less good at that.

Finding where the nag is called from is only the first part of the battle. You will then need to figure out *why* it's called, and this may not be a simple jmp patch. Again, IDA is superior to W32Dasm for analysis.

So why don't you go do that and then come back and describe your progress. You DID post this in the Project forum after all, and that's the whole point of the forum.

Kayaker

Hmmmm... that's a new one... 40 days of eval eh?

Have Phun