Kali Task 2 - SolutionThu Dec 17 18:00:54 1998 Thu Dec 17 17:52:22 1998 Greeting 'Alliance', it's Kali The four things to delete to UNREGISTER the proggie are: 1- Cyt31.ini 2- msffs.dll 3- win64os.cpl 4- HKEY_CURRENT_USERSoftwareNetscapeNetscape NavigatorInitialize History: °Cyt31.ini contains the browser we use, installation date & other options. If you delete the file, next time you'll run CV31, it'll ask for these prefs. °win64os.cpl contains a 'false' string, but it's only an additional file to check 'bout crackers.. If you delete this file you still are Registered It's the same if you delete both these files. °Msfss.dll contains strange numbers but only if you delete or modify this file the proggie says that you are a cracker. I began to read in Forum how this file works, but i want to understand by myself.. °I found them in Filemon. Here you can find other files references like system.cyt, cythid.reg, cyt.*** and cyt.***.dll (*** are three letters for my country, maybe for you they are cyt.en and cyt.en.dll) Nothing to say about them. °In WDASM - string references you can see 6 registry keys in Netscape and 1 in Explorer. I undervalued them!!! And my first crack was a dirty crack. I know that the proggie takes the Registered status from a registry but i don't know which key. Then in the Forum i read a clue 'bout a certain HKCU key and i remembered what i found in WDASM. If you write down these registry entries and in filemon check which registry entries are used by Netscape, you'll see some never called keys. Backup and Delete (and Restore) the un-called keys one by one... (and the three files above)...until CV31 has been UNREGISTERED and at 1st use. If you only delete the Key, nothing change. When you 're-install' the prog a new entry for 'Initialize' is created, but nothing of this happens if you only 're-run' CV31. Thanx for cooperation and positive stimulus. Kali