Looking for some information on Copycontrol.

Seems a abit hard to find useful information.

Looking for a method to authorise the UNLOCK-IT Feature of the copycontrol.
I have downloaded the Documentation from the website but I see the Keygen also needs to be authorised.

Need some info on if it is possible to generate a valid key for this.
I have no keydisk so all the tutorials I have found so far are all related to the Disk format.

Also not much on a search here.

Regards
Peterg70

I was also struggling for information too, but the program I was looking at had a 30 day version available and luckily had all the copy control stuff in a DLL. So I wrote a small application that called the "cc32" function in this, and it gave me all the information I needed in the CCMB block Copy-control uses (and is also nicley documented in there demo downloads). Wrote my own dll that gives this block regardless of the protection allowed me to use whatever expiry date I wanted.

There's a field in there that states what type of protection has been found (eg. unlock-it trial, unlock-it activated copy, etc), but changing this field didn't seem to do anything interesting - the program still sat in demo mode.

Key's can be generated using a debugger, but they are then specific to a single installation - I don't know how to make a keygen.

In the end, I just settled for an unlimited trial version.

I did a bit more digging and found that it dumps the activation code into a file in the temp directory and dumps the following files.

CCMV32AA.EXE <-- Main exe.
CCMV32AA.CMD <-- Batch File for executing the string
CCMV32AA.DAT <-- Output from EXE
CCD3C.TMP <-- Contains activation code cleaned from spaces etc

I assume this CCMV32AA program takes the activation code and checks to see if its a valid code and reports the error. If this true is it possible to generate all possible codes and check the error results until it comes out correct.

I wouldn't mind being able to generate an unlimited license for a single installation or else replace the appropriate DLL so that it responds correctly.

Peterg70

Why don't you just unpack the darn file ?
If im not wrong, i have experienced with CopyControl and its really lame.

The encryption algo is like 10 instructions long.
they have the OEP and import address RVA in clear in the protected
file also..

The program I am trying to "debug" is an excel addin. So the DLL is used to check the license. I would rather just license the bloody thing than patching alot of it.

Plus they may have used the licensing tool to generate errors in the results from the DLL addin and I can't take the chance.

The CCMV32AA.exe is a 16it program which irritates me since I can't debug it.

I wonder if it is possible to use the copycontrol development platform to generate valid codes for the software.

hmm but I still need to register the development platform.

peterg70

Yes, files protected with the Copy Control shell are really lame, but the targets I've played around with recently no longer use this method. They either have the copy control library statically linked to them (which normally means patching), or via an external dll which is checked by some kind of hash function.

The last target I did used SHA on the DLL to check for modifications - but they did a silly thing by doing the final compare as a string compare, with the hex string they were looking for in plain view in the main file, so it was easy to make up my own DLL and change the message digest in the main code.

I looked at this protection sometime ago and as I recall, CControl is not to difficult to 'register'. The part of the program that checks for a valid license is encrypted, (prog byte xor 4). Just search the disassembly for a section of 'junk code', decrypt it with a hex editor and paste it back. You will also have to remove the SEH that performs the original decryption.

Okay I have further investigated Copycontrol Un-Lockit and here are the results

Nothing

i.e. there is nothing out there that has information regarding Un-Lockit.

So I need some pointers
What API is used to activate Buttons etc on a form.
The CControl software seems to do alot of INT3 and Exception operations. I have activated all the options on Ollydbg 1.09 to return control to the program but every so often it seems to create and unhandled exception. Any thoughts?

Any pointers on self registering CControl version 3.8. What Do I need to look for?

PS there are no keydisks with this software.
Peterg70

Hi

an Iranian group called ICA(iranian cracker assosiation) has
completely cracked all the microcosm protection.
and they had published unsheller for the shell version
the file for copy control was something like ccica
or ccduica. the cracker unforgiven had also release a
copy control FAQ named ccfaq.doc thas completely
show the way to manually remove shell or object protection of
copy control.
the ICA group is not working anymore(financial problem i think).
try google and if you don't find let me know i will search in my 2001
backup and i will find it for you

good luck


akimp3

Thank you for the information.

But I have to disagree with you that microcosm protection has been completely cracked. Because if that was true then a licensing program to license any ccontrol software would have been released.

I have seen the ICA software but these don't apply to what i am doing.

I would be interested in seeing the ccfaq.doc which hopefully may contain more data on the method of licensing software without having to modifiy the original exe etc. i.e. keygen it.

peterg70

Hi peterg70

>What API is used to activate Buttons etc on a form.
>The program I am trying to "debug" is an excel addin.

Suggestion. API's are often a weak link, an API spy and Message spy should answer your first question I would think, probably SendMessage, or if the Excel addin subclasses then CallWindowProcA might be used.

In either case a well chosen breakpoint on the hWnd will stop any activity regarding a control. Then interpret the Msg params being cycled through, using logical NOTs to filter out any excessive breakpoints. If a keyfile is being read or whatever, a little analysis of the API will locate what memory location it's being read into.. Then a BPM breakpoint on the forthcoming memory read(s) and you're away.

LRESULT CallWindowProc(
WNDPROC lpPrevWndFunc,
HWND hWnd,
UINT Msg,
WPARAM wParam,
LPARAM lParam
);

I'm sure you know what I mean, but as an example, Delphi app subclasses its TEdit control, Password goes into TEdit control. There are 2 Msg param values of interest, x0E and x0D, the first returns the length of the string, the second both the length plus lParam will contain the address of the copied edit string (substitute the Msg param for some kind of read notification function for a (key)file).

BPX USER32!CALLWINDOWPROCA IF (ESP.8 == <hWnd of control> ) && (ESP.C == 0D) do "dd ESP.14"

A quick trace in the API and the string is in lParam memory location ESP+14.

Kayaker

Hi

here i find it for you:
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-+= Iranian Crackers Association =+-
[I.C.A]
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Oh, Yes , Here it is ...
Answers to the most questions you may ask about CopyControl. This Text is
Writen to decrease mailed questions which we recieve about CopyControl ..
The People Replied Me some Funny things after the first release of this
text. These Show that I am not a Good Author on describing some technical
or even lame (Based On Who is Reading) subjects. If you think so , Please
forget reading Below Texts .

-------------------------------------------------------------------------

Changes in This Review :
17. How About Object Method - Changed From the GroundUp.
23. Generic Way for CopyControl Under Windows , Shell or Object ? - New
24. I have an Older Version Than 1.59 , How to Unlock ? - New
25. Changes on Version 3.02 and later - New
26. Is there anything to modify CC parameters - Introducing a new tool

-------------------------------------------------------------------------

Questions Answered here :

01. How can i detect my program is protected using CopyControl ?
02. What is Major , Minor and Build Number ?
03. How detect version of CopyControl which used to protect software ?
04. Is there any way to find CopyControl Build|Review number ?
05. What is Product Code ?
06. How can I detect Product Code ?
07. What is CopyControl Serial Number ?
08. How to Access CopyControl Serial Number ?
09. What is Product Serial Number ?
10. Where Product serial number is stored ?
11. Where is CopyControl Key Track on floppy ?
12. What is Master Track Specification ?
13. I have a program without its master disk . How can i detect its PCODE
14. What is CCUICA ?
15. How can I change my CopyControl Serial Number to the same used with
Developer ?
16. I know protection specification , I got it from CCLOOK or inside EXE
file , May i create a new copy of MaterDisk ?
17. How about Object Method ?
18. What is CCICA?
19. I have a 720KB MasterDisk which CCICA can't copy that , What can i do?
20. I have a protected program with version 1.72 but Currently I have just
CopyControl Version 1.71 , Is there any Solution ?
21. My Program is using NE or PE shell Protection , Any solution ?
22. The code that i have created using CCREMOTE wont works correctly .
23. Generic Way for CopyControl Under Windows , Shell or Object ?
24. I have an Older Version Than 1.59 , How to Unlock ?
25. Changes on Version 3.02 and later ?
26. Is there anything to modify CC parameters ?
27. I could not found my question here .. ?!

-------------------------------------------------------------------------

Q : How can i detect my program is protected using CopyControl ?
A : Every protected program needs a couple of files to run . these files
are ccontrol.sys and xxxxxxxx.ccc . Depend on the type of protection
This files may be found in floppy disk which you have as keydisk or
may be with your program files. In most cause these files are hidden
and may be place in a hidden directory.

Q : What is Major , Minor and Build Number ?
A : These topics refer to CopyControl Version . In Version 1.71.12 , 1 is
Major Version , 71 is minor version and 12 is build number.

Q : How detect version of CopyControl which used to protect software ?
A : A couple of ways are Available here. You may use Microcosm CCLOOK.EXE
to extract protection specifications or opening ccontrol.sys in a HEX
editor . If you preafer the second way , So First byte of this file
contains Major Version number and Second contains minor one .
Example : 01 42 in the first two bytes of ccontrol.sys means v1.66 is
used to protect the application .

Q : Is there any way to find CopyControl Build|Review number ?
A : You may be interest to know the build number of CopyControl Version ,
I mean in file , not using CCLOOK , So you can see offset 0x7C of sys
file to retrive this information .

Q : What is Product Code ?
A : Product code is a unique 8 chracter code that developer considers for
his product. In protection check process that is important that PCODE
be the same as saved somewhere in protected program . In this way one
developer can give you two diffrent program with two diffrent PCODE
and you will not be able to use their keydisks instead each other ...

Q : How can I detect Product Code ?
A : That's very easy, just see name section of file which has .CCC
extension .
Example : I have misc.ccc in my files , So PCODE is : MISC

Q : What is CopyControl Serial Number ?
A : Each CopyControl has ( had ) a unique serial number . Every protected
program will check this serial number , In this way other licenced
CopyControl users can't create a MasterDisk as another because there
is diffrence between their CopyControl Serial Number .

Q : How to Access CopyControl Serial Number ?
A : Refer to a WORD in offset 0x4 of .CCC file . The Serial number stored
here in protection time .

Q : What is Product Serial Number ?
A : Each protected program has a PCODE and each master disk may have a
unique serial number . In this way two diffrent key-disk with same
PCODE and CopyControl Serial Number can not be used instead each
other because they are diffrent in Product Serial Number Field .

Q : Where Product serial number is stored ?
A : This field can be retrived as a WORD from offset 0x6 of .CCC file .
The Lower Byte is used to crypt protected files in some cause , This
is not general and can't be retrived from this offset safely.

Q : Where is CopyControl Key Track on floppy ?
A : Ok, We can use Product serial number to get exact key track number on
floppy disk . ( Product Serial Number & 0x000F ) + 20 is track number
which used as key by copycontrol on floppy disk .
In Version 3.0? and Higher if CCADD fail on making signature track on
its old place then will retry on next tracks and Mark OLD failed one
as Bad Track in the disk FAT section.

Q : What is Master Track Specification ?
A : Protected track has a 8092 sectore with sector id 18. The contents of
This track can't be read and will generate CRC error becuase of the
method they used to write this sector .

Q : I have a program without its master disk . How can i detect its PCODE
serial number and CopyControl Serial Number ?
A : Look at this table , I extracted it from CopyControl CCADD.EXE

00| 0A 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
10| 00 00 4D 7A 3A 73 4A 61-4E 63 50 69 03 01 02 03 ..Mz:sJaNcPi....
20| 04 3F 28 43 43 4F 4E 54-52 4F 4C 00 43 43 41 44 .?(CCONTROL.CCAD
30| 44 2E 45 58 45 00 00 00-00 80 5A 0F 52 75 6E 20 D.EXE.....Z.Run
40| 53 65 74 75 70 20 6F 72-20 43 43 4D 4F 56 45 20 Setup or CCMOVE
50| 74 6F 20 69 6E 73 74 61-6C 6C 20 61 20 70 72 6F to install a pro
60| 74 65 63 74 69 6F 6E 20-74 6F 6B 65 6E 2E 00 20 tection token..
70| 20 20 20 20 20 20 20 20-20 20 20 20 20 20 20 20

Mz:sJaNcPi is CopyControl signature here . CCONTROL is product code
which used to protect this program . CCADD.EXE is the name of program
which Shell method used on it . Look at address 21h in the dump , you
can find 283F as product serial number here. This means Your program
is protected by this serial no . This Serial is diffrent with serial
which master disk is created with . The CopyControl Serial Number can
be extracted from offset 3Ah . This means the Serial No of developer's
CopyControl Was 0x0F5A .
So Here we have introduced a couple of key fileds :

1- Word Before PCODE means Product Serial Number. Was 283Fh in Example.
2- Word Before Fault message Means CopyContorl Serial Number , in our
Example that was 0F5Ah .

Note :
Another Key Field is Byte before CopyControl Serial Number in offset 39
of dump . This Fields Means "Action to Take when Protection not Found"
*10h + "Display error Code?" in protection process using Ccontorl.

Q : What is CCUICA ?
A : CCUICA is one of [I.C.A] products to manage CopyControl Unshelling.
Because of cool shell protcetion on PE and NE files , this utility
just supports MZ files . This utility can be downloaded from [I.C.A]
download site which currently is located on http://ids01.cjb.net .

Q : How can I change my CopyControl Serial Number to the same used with
Developer ?
Although that is possible changing serial number directly using your
protected CopyControl , but we don't want to make it more technical in
operation , so use CCUICA to unshell CCADD.EXE file at first . Then
copy ccontrol.ccc and ccontrol.sys files from hidden directory to the
root directory. Run unshelled ccadd.exe and create a new master disk
using below specifications :

PCODE : CCONTROL
SERIAL : every thing you wish .
Run From Master : No
Programs to protect :
CCADD.EXE Shell
CCREMOTE.EXE Object

After creating new masterdisk , copy its ccontrol.sys and ccontrol.ccc
files to the root directory again . Now the new serial number will be
placed in every product which you protect using unshelled ccadd.exe .

Q : I know protection specification , I got it from CCLOOK or inside EXE
file , May i create a new copy of MaterDisk ?
A : of course , you should follow these steps :
1- Create a new CopyControl with serial which you have extracted from
file .
2- Use that CopyControl to create a new MasterDisk of you program. Now
use new master disk for protected program .

Q : How about Object Method ?
A : There are several ways for object protected programs . The first is
tracing protected program and jumping over conditional jumps . in this
form you should have an intermediate knowledge on cracking filed.

Second way is replacing CC32.DLL on some protected programs . If you
read the manual of CopyControl , you will find all the things you need
about DLL replacing . In Short you have to create a new CC Master Disk
with your required Serial Number , The Extract Protection Parameters
using CCLOOK , if that is a protection over CopyControl DLL then you
may reprotect a RAW CC32.DLL (DLL which is on CC pack) and replace it
on the program Directory.

Third is replacing that DLL with yours which Exports required function
and ignore all the protections checks , This is Depend on the way they
have used to protect their programs.

Another way is Creating a new MasterDisk for protected program, if you
have not the master disk then you can extract informations from files.

Refering to CopyControl Developers manual may help you too . While I
was patching CCADD.EXE v3.03 , I found a protection check which was
checking protection internally with function 0. ( Full Check ) Then I
Changed Function Number to 3 (Get Parameters Only) . You may have
Some Problems here , But I am Sure My Friends (DISKEDIT Masters) will
Find What I am Talking ABout

Here I found a Generic Way too , Which will answers when you have a
working copy . Read About Generic Ways

Q : What is CCICA?
A : CCICA is another utility by [I.C.A] to manage copying CopyControl
created master disks. This utility knows all 1.44MB floppy disks which
are protected using CC v1.59 to v3.01 .

Q : I have a 720KB MasterDisk which CCICA can't copy that , What can i do?
Q : I have a protected EXE which can not be unshelled using CCUICA ...

A : Try to create the same MasterDisk using a CopyControl.

Q : I have a protected program with version 1.72 but Currently I have just
CopyControl Version 1.71 , Is there any Solution ?
A : Yes , Try to create a new master disk using version 1.71 , then edit
version fields in .ccc and .sys files on master disk . Use CCLOOK on
modified disk . if there is no error so you can use this disk instead
original. If the application used ccmove.dll or ccmove.exe or ccchange
to manage protection , you should replace that files with the version
you modified else you will see Version incompatibility error .

Q : My Program is using NE or PE shell Protection , Any solution ?
A : Try to load it in your prefeared HEX file editor . Find below codes :
3D 00 00 75 12 , or 75 12 3D 00 00 and change them to :
33 C0 90 75 12 , or 90 90 33 C0 90

Remember "Action to Take when Protection not Found" and "Display error
Code?" keyfiled . Change that to 00 . Now shell will be ignored .
If this trick didn't worked and program still shows Error before Run ,
find below code exactly a few bytes before previous patch location :
00 74 1A 50 ... and change it to :
00 EB 1A 50 .
In this form , Shell will be Ignored .
This trick may not work on some versions, so you should run your tracer
and try to BPX MessageBox .
After Program Break , Trace to go back to your program and find compare
instruction Yourself .
No More Hint for GooD Reversers ..

Q : The code that i have created using CCREMOTE wont works correctly .
A : The problem may be diffrence between your CopyControl Serial Number
with developer's one . You should create a new CopyControl with the
same Serial number . If CCREMOTE didn't worked , Try to change serial
number in the CCREMOTE file . This KeyField Described in previous
Questions ...

Q : Generic Way for CopyControl Under Windows , Shell or Object ?
A : It's long so let me describe it more detailed in comming days
Here I have hint for Crackers ...

Start Your FrogsIce .
Load SymbolLoader and Import Kernel32.dll.
CTRL-D
G DeleteFileA
Now Run protected Program ...
When you saw that lovely BLACK screen again ...
P
G DeleteFileA again
When you saw that lovely BLACK screen again ...
Step 4 ..5 Instructions
E EDI to know which file is removing , Edit the name to ignore deletion
G
and Exit the program .

A file with the name CC3216XX.DAT will remain on your windows temp dir.
Write a windows 3.1 (NE) exe which makes this DAT file .
replace it inside the CC object , and you never need that CCC and SYS
files again .

Q : I have an Older Version Than 1.59 , How to Unlock ?
A : Sorry I sugget you deadly to put that software into the trash and use
newer version . I have no answer to this , because I may never find
that older version of CopyControl. If Microcosm Send me a Copy I will
Help you then

Q : Changes on Version 3.02 and later ?
A : Its Depend on who you ask about news, Right Now there is a FUN frame
on the Microcosm official site, talking about new changes on winter.
Looks ICE ! But I will tell you the changes ...

1- CopyControl Signature on Floppy !
I guess they add some extra if-then-fuck-customers to their sources!
the signature is as before , just some checks are changed. this made
the must uncompatible new versions ... 01 , 02 , 03 and 04 even .

2- Where Master Track will be created !
Yes they found sometime,it is impossible to make a correct signature
with their new checks ! So they tried to retry this process on next
tracks and Mark Previous one as BAD in the FAT ! Backward Progress.

3- Making some Bugs on Diffrent Systems !
Yes , Your CopyControlled Disk May never work on My Intel - PIII ,
Because the FDC of my MotherBorads wont reply CC what it needs
Or You may See Some Blank Black Screen when pressing P or M keys in
CCLOOK.EXE Or Your AMDK6II may create incorrect KeyDisk SomeTimes.
Or Your Athelon may never accept Active-It Codes

4- Extra object Checking for CCADD.EXE .
Yes," This is very important to stop users , creating new MasterDisk
with an Unshelled version of CC. So We Put CCONTROL exception in our
Product Code field, We Will Ignore CCADD.EXE working with our serial
and we will ask for a fucking CCMB while unshelled program runs..."
Microcosm Developer Said for Himself .

5- New Story Made - "LOLOTNOTYPOT"
I was talking to zanadu on my MSN, Then i made a new story ...
Un4giv3N was too young , he was not able to tell CopyControl , Then
he told it topytontolol , Sometimes Later He added his ages with
add Un4giv3N'SAge,BonousAges assembly command and reversed the app.
So He told his new build "lolotnotypot" ...
Pay 100 USD to get full story at your home . Visa , Checks are not
accepted.

Q : Is there anything to modify CC parameters ?
A : I have to ask , is there any problem ? If there is , Here is a New tool
made by I.C.A called CCEICA . This is a Generic CopyControl MasterDisk
or Active-It Master modifier which make it possible for you to modify
protection parameters visually . This Utility is writen by Un4giv3N and
works in Win32 platform . But As you know none of Un4giv3N's programs
dont work correctly . ( For SCICA users specially , So this utility
will be published as soon with too many BUGS BUNNY !
With CCEICA you dont need any special information about CopyControl .
Before patching CCADD.EXE , I was creating working CopyControls with an
special build of this program .

Q : I could not found my question here .. ?!
A : Feel Free Sending that to Me using Mail. You may be answered Very Soon
Or May your question be added to the FAQ . If you didn't Get Answer
After 2 Week , Then You wont be answered .

Last Update : 31th July 2001

To Contact I.C.A:

WEB : http://www.icagrp.com or http://ica.cjb.net or http://ica.is-online.net
E-Mail: icagrp@bigfoot.com , CCProblem@icagrp.com
FAX : +1-435-3309235
Forum : http://icaf.cjb.net , forums.icagrp.com
Mailling List: http://icagrp.listbot.com , yahoogroups.com/icagrp


--UnforgiveN
[I.C.A]

Hi!

Just going thru all the info given out by everyone. sure is interesting, but the way i see it, the easiest way out is what i do.

1. Take a mug of Coffee in my hand.
2. Sit down on my computer, which is installed with Copy2Pc Option
Board Card.
3. Run the software for the Copy2Pc Option Board Card.
4. Within 2 minutes you have another copy of the Copycontrol Master Disk.
5. Enjoy the Coffee ..................


ucomservices

hey, what do you mean about Copy2Pc Option Board Card while we do not have C.M.D?!

mr x.

please clarify what u mean by C.M.D.?????

ucomservices

May I guess "Copycontrol Master Disk"?

I am really interested in these EXCEL addin protections which are protected by commercial protecters. I am currently breaking an excel addin that's got FLEXLM v9 for its protection (damn tough, no breakthrough yet, though).

Can you PM me and tell me what EXCEL addin this is? (or am I missing something?)

Have Phun

Hello ucomservices,

C.M.D means Copycontrol Master Disk.

Hi people, this is my first post. I am new to this cracking-stuff. Got into it 3 days ago when I noticed a certain program wouldnt start anymore after the 6th of july, 2004. I searched the web a little, read some tutorials, found the needed tools and tried it out.

And gues what, within half an hour I had succesfully removed the 'protection'. Just a mather of changing a conditional jump into a normal jump. Pretty easy

But now I am facing harder problem with the same program. This program basicly is a collection of little programs. It has little tests that can help you chosing what education or job to do. Most of them work fine, but it has 4 modules (tests) that are protected with copy control. It allows you to do the tests, but when you want to see the outcome, it says that the module Im using hasnt been activated yet and that I need to call some helpdesk and give the 9 digit serialnumber (200012426) and another 1 digit number (wich is 0) that are presented on the screen. They will give me password, wich I have to put in the password field and then it will be activated. Problem is: that helpdesk doesnt answer their phone. So now Im trying to find a way to get around it, untill I manage to get in contact with the helpdesk.

Right now, Im only interested in 1 of the tests. I have done 21 pages of questions and cant see the outcome now :S The module has it's own DLL's wich are loaded when you click the test's name and have made choice between looking at outcome or making questions. After some tracing with ollydbg, I found out that the outcome-DLL uses another DLL called ccchng32.dll. (copy control change?) This DLL somehow makes and starts a CCMV32AA.exe in the windows-folder and puts outcome in a dat-file. It uses this (I saw this in 1 of the registers): C:\WINDOWS>CCMV32AA.exe C:\PROGRA~1\PATHOFPROGRAM\ <ENTERED_PASSWORD> <Relative path to the hidden .ccc and .sys-files> /DC:\WINDOWS\CCMV32AA.dat

I tried running this program in cmd (without the /DC:\WINDOWS\CCMV32AA.dat) and it returned the exact error wich I see in a little pop-up when I enter a incorrect password.

Copy protection parameter changing.
Version: 2.01, Product code: XXX, Serial no.: 200012426, Update number 1.
Invalid code entered.

I have already tried editting the DLL, so that it would jump passed the error-message, but that only results in not getting an error message, and nothing happening.

I decided to do a search on "CCMV32AA.exe" and this forumtopic was only result. I was glad there was some info in it. Especially that faq.doc. Problem is, that FAQ is not easy to understand, the english in it is bad and it's a bit too advanced for me I think.

Therefor, I wanted to ask if someone on this forum understands it all well and wants to help me solving my problem.

Thanks in advance

Edit: Ok, if found the developers version of the program (demo of version 3.8), wich has CCLOOK and CCChange etc in it.

This, essentially, is a crack request and we don't do that here. It is obvious that you have not read our FAQ posted in the BIG RED LETTERS at the top of the Forums.

Here, you are required to do your own work, show that you have done that work and then ask questions. You are just starting out, have a great deal of further basic study needed to even begin and you want someone else to "solve" your problem with lack of basic knowledge for you. We can't and don't do that. Blindly nopping jumps or skipping them, without understanding what is going on, is not a way to LEARN how to reverse engineer. There is no shortcut to acquiring such knowledge. It is acquired by long and continual study of the basic principles of how things work and how they can be watched and how they can be changed.

Regards,

Ye okay, I see your point and actually did read the FAQ, and thats why I tried not to make it a crack-request, wich I failed at then I gues.

And you are probably right. I was hoping I could learn this fast and quick, but I gues I realy have to learn it slowly.

Im sorry for trouble I have caused and will try to do more research on my own.