can anyone help me crack armageddasya (http://www.wegroup.org/cgi-local/load.cgi?downloads/armageddasya.zip)

prog has time lock and reg code.
None of the normal (getdlditemtexta) api function's seem to work on the serial insert box.
Can't make a dead listing of the program cause W32Dasm will crash. Can't use any file or reg monitor cause they are closed when you open the prog.

A weird thing too:
i found out that at one point (#0167:00410265), that if you actually fill some stuff in for the serial, EAX is compared with AC(hex) and if it's greater or equal you'll get the msg that serial was correct. The EAX value is there the length of the string that you entered.
So if you put in a LONG string (172 chars)(or change that JGE jump) it will say it's registered. Then it says it has to restart, but when you do, you get the same screen that says you have to fill in your serial.

someone have any clues?

Armageddasya is a compressed file with a mangled IAT.
It looks for any window with known monitoring programs such as "filemon", "regmon" and various others, and will kill any programs it finds that match. To proove this, type "notepad filemon.ppp" and say "Yes, create new file" and then launch Armageddasya, you'll find it shuts down notepad :-)

I've tried changing the name of Filemon's window to Snort, but it didn't work, so it obviously is scanning the process list as well or something like that. I'm not interested in the program so have no urge to crack it until I get bored.

You'll need to decompress it and find the original entry point.

do i have to do this manually or can i use a program for it, cause procdump gave an acces violation or something

do it with softice and then use a program to dump the result and fix the iat.

kay thanks