Hi all,

It is a simple app with a nagscreen .

Try to remove nag secreen

Best of luck !!

P.S. This is 4 beginners only , LOL

Crack me#1.rar

DDD I don't see nag. Just run crackme it sure simple )))

This is the nag screen . Probably it pops up when you run the crackme .

Think i'm joking?! ) See it http://rghost.ru/private/38396608/3793d2a6b243684d5ccb3ed61fc4f2b3

Just take NOP......the API MessageBox

It is further promotion, than a crackme.

Thanks

Think i'm joking?! ) See it http://rghost.ru/pri...ccb3ed61fc4f2b3

Whoa , whoa !! I don't know how that happened Everything ran as expected on my computer . This piece of code was supposed to give the nag "invoke MessageBox,hWnd, addr Remove, addr NAG, MB_APPLMODAL " Thanks

Just take NOP......the API MessageBox

It is further promotion, than a crackme.

Thanks

Yup , but there is a quicker way than NOPing . Any other ideas would be greately appreciated.

I am a still a newbie though . Thanks

Edited May 31, 201213 yr by genocide

The same with NikolayD, no nag! I know 2 method is nop and change push 0 to push 1.

Another can be used but when you know how the message is called

Edited May 31, 201213 yr by kakamail

Whoa , whoa !! I don't know how that happened Everything ran as expected on my computer . This piece of code was supposed to give the nag "invoke MessageBox,hWnd, addr Remove, addr NAG, MB_APPLMODAL " Thanks

The same with NikolayD, no nag! I know 2 method is nop and change push 0 to push 1.

Another can be used but when you know how the message is called

I am sorry but I still can't figure out the cause of the problem . Here is the source code . You may want to compile it yourself and run again

Download Source failed...

Download Source failed...

Better late then never Sorry I was busy ! . Please help me find the bug

Crack me Source.rar

I can't compile the source because i don't have a compileren installed yet.

But, (im not sure), it seems you should invoke the messagebox at WndProcedure at initializing.

Thank you for providing the source.....

I have not had much time to analyze despite being written in MASM, I do not use WinASM. I use RadASM.

so try:

LRESULT CALLBACK WndProcedure (HWND hWnd, uMsg UINT, WPARAM wParam, lParam LPARAM);

create a return...NAG was not removed, will give a return FALSE, to stop the application.

if( NAG )

return FALSE

can be an alternative.

Hug

the place where you call MessageBox is wrong (message can not be displayed due the fact that at this moment there is no valid handle of the window)

if you call it from:

.ELSEIF eax==WM_CREATE	   invoke MessageBoxA,hWnd, addr Remove, addr NAG, MB_APPLMODAL		   ; My nag screen!

here you got what you want, at least i hope.

Edited June 3, 201213 yr by sama

The [crackme] tag has been added to your topic title.

Please remember to follow and adhere to the topic title format - thankyou!

[This is an automated reply]

if wana remove only with Nop or FNOP

004013B5 D9D0 FNOP

004013B7 D9D0 FNOP

004013B9 D9D0 FNOP

004013BB D9D0 FNOP

004013BD D9D0 FNOP

004013BF D9D0 FNOP

004013C1 D9D0 FNOP

004013C3 D9D0 FNOP

004013C5 D9D0 FNOP

004013C7 D9D0 FNOP

maybe in fact maybe work better with other push before (push 0) or changing maybe to a push 0 to push 40

Well, back after quite some time Thanks goes to all. I think an elegant way to remove MBs is to open by CFF Explorer and change the "MessageBoxA" to "GetMessageA". Read it somewhere in ARTeams ezine