Andy's Thread (Task 1) Sunday, 11-Apr-99 06:56:10 Since this Crackme will exit if Smartcheck is active,I ran Boundschecker to see what API's it uses.After some searching, i found this set of calls: WideCharToMultiByte WideCharToMultiByte FindWindowA WideCharToMultiByte WideCharToMultiByte .... And most Intesesting :) : WideCharToMultiByte *lpWideCharStr='NUMEGA SMARTCHECK' and FindWindowA *lpClassName=NULL *lpWindowName='NUMEGA SMARTCHECK' So what I did to disable it (using SICE): bpx FindWindowA When SICE broke: s 0 l ffffffff 'N',0,'U',0,'M' (notice the uppercase letters) then replaced NUMEGA with NOMEGA Andy Andy |
Andy's Thread (Task 1) (Andy) (11-Apr-99 06:56:10) |