CV2.6 is dis-ASprotected and patched...
mmmmm nothing new to report :-( RV is still the 'cock of the school' and bashes ASProtect API redirection to a pulp :-p

I will not post any OEiP/iT etc addresses so you can have some fun
The only thing I will add is the real CRC checksum should be :-

F69788A7C2385B8294C6E100412DE4BA

HEX edit this to raw 0x1758BC and then check out the code called at VA 568FD1 ... so change the address to point the wrong CRC somewhere else

BTW I did not like the new 'pinky' icon so changed it. I have attached it for you if you don't like tamo's icon either......

'patch+play'
+SplAj

8)

ImageBase : 400000
EntryPoint : 169588
IAT Start RVA : 1761F4
IAT Length : 8CC

well done,
I'm currently working to ease again the task of the big fat lazy reverser that I'm actually:-)
The revirgin tracer is almost finished, it will allow to easily find the target's oep, this tracer is finished on win2k, almost on win9x, then a temp revirgin version will be released.
This tracer could also be used to improve the iat tracing, avoiding the small list (alexey's lame attempts to stop revirgin) of iat's that are not resolved by the current tracer.

regards,

+Tsehp

Opinions on the 'CRC' check system.....

I have seen this anti patching scheme on previous CV versions. I thought it was a Tamo add-on. Now I saw it on T&R1.9.... For sure this layer of anti-patching' code is NOT part of ASP1.2....So WTF is it, a module 'add-on' to ASP ? a new Alexey program ? a new Alexey's friend program ? I don't know...only that it's possible to dick it in 5 minutes once you trace the algo to it's
end and see what the real CRC code is REPZ'd. Then just emulate it in
the disprotected exe

Your comments please...

SplAj

What's the packer of Commview 2.5?
I can't use the aspr(v1.2) unpackers downloaded from http://protools.cjb.net .
With the helps of IDA, hiew and td32, I found that CV2.5 has five layers ecryption routines, each of which has random garbages inserted, at the very first beginning.