Please Read The Disclaimer Before Continuing. 

My entire motive for cracking this program, is that PrimaSoft puts out some goofy ass software that literally annoys the piss outta me! This program is about the most normal one of the bunch! 

Anyway... run the program, and you'll see a nag screen, telling you that you have 30 days to evaluate the product. When the program comes up, you'll see there is no place to enter your registration information. Hmm... a hidden registration? Click on the "Exit" button, and there's our answer, another nag screen, but this one with the option to enter registration. 

Go to the registration screen and enter some test data. For this program, let's try the HMEMCPY function. Press Cntrl+D to enter Soft-Ice, and set a breakpoint on HMEMCPY (BPX HMEMCPY). 

Making The Crack: 

Press Cntrl+D again to exit out of Soft-Ice, and click on the "Ok" button. Soft-Ice breaks. Press F11 to get into the code. You'll see down on the line above the command window the string "USER(0A). This isn't where we want to be, so step through the code using F10 until you see the string "PSDIAL!CODE" on the line. You should now be here: 
 

0137:004172C8  CALL     USER32!CallWindowProcA 0137:004172CD  MOV      [ESI+0C],EAX 0137:004172D0  JMP      004172DB 0137:004172D2  MOV      EDX,ESI 0137:004172D4  MOV      EAX,EBX 0137:004172D6  CALL     004172DB  ==> 004172DB  POP      EBP 0137:004172DC  POP      EDI 0137:004172DD  POP      ESI 0137:004172DE  POP      EBX 0137:004172DF  RET

If you step through this routine, looking for a compare and a jump, you can find the place where the user name you entered is stored. This isn't where we want to be either. We want to be in the routine where our serial number is stored. So... step ALL the way through the code again using F10 until you see the string 'PSDIAL!CODE" on the line again. 

Now we're in the serial number routine. Slowly step through the code using F10, until we get to the compare and jump. You should be here: 
 

0137:00480C4D  CALL     004151E4 0137:00480C52  MOV      EAX,[EBP-08]                    :user name you entered 0137:00480C55  POP      EDX                             :serial number you entered 0137:00480C56  CALL     00437484                        :call the function to compare serial numbers 0137:00480C5B  TEST     AL,AL                           :compare serial numbers 0137:00480C5D  JZ       00480C94                        :jump to unregistered if 0 (0=bad flag) 0137:00480C5F  MOV      BYTE PTR [EBX+000001C4],01      :otherwise, get a 1 for registered (1=good flag) 0137:00480C66  LEA      EDX,[EBP-04] 0137:00480C69  MOV      EAX,[EBX+000001C0] 0137:00480C6F  CALL     004151E4 0137:00480C74  MOV      EAX,[EBP-04]

From my comments above, you should be able to find your correct serial number. If not, you need to press F10 until the line "0137:00480C5B TEST AL,AL" is highligted. Then, since your serial number is stored in EDX, display it by typing: d EDX. (you'll need to press ALT+Up Arrow keys a couple times to see your serial). 

My serial number was 674482699-214 (Cracked By Volatility [ID] for my user name). Don't be a lamer, use your own serial number. 

If time permits, I'll add more to this essay, showing you how to crack by getting a dead-listing and patching with a hex editor.